portalsbrain.com Open in urlscan Pro
2606:4700:3034::6815:5426 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://portalsbrain.com/ace/
Submission: On January 25 via api (January 25th 2021, 10:02:40 am UTC) from DE

Summary HTTP 61 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 20 domains to perform 61 HTTP transactions. The main IP is 2606:4700:3034::6815:5426, located in United States and belongs to CLOUDFLARENET, US. The main domain is portalsbrain.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 28th 2020. Valid for: a year.

This is the only time portalsbrain.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3034::6815:5426	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
1	192.0.77.33 192.0.77.33	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700:20:... 2606:4700:20::681a:c76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	54.239.33.56 54.239.33.56	16509 (AMAZON-02) (AMAZON-02)
1	65.9.68.108 65.9.68.108	16509 (AMAZON-02) (AMAZON-02)
1	139.45.196.129 139.45.196.129	9002 (RETN-AS) (RETN-AS)
1	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
5	139.45.196.10 139.45.196.10	9002 (RETN-AS) (RETN-AS)
5	139.45.195.46 139.45.195.46	9002 (RETN-AS) (RETN-AS)
1	139.45.196.108 139.45.196.108	9002 (RETN-AS) (RETN-AS)
1	2606:4700:20:... 2606:4700:20::681a:97b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::ac43:a62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
2	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
1	139.45.197.9 139.45.197.9	9002 (RETN-AS) (RETN-AS)
61	17

12 2606:4700:3034::6815:5426 (United States)

ASN13335 (CLOUDFLARENET, US)

portalsbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.33 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:c76 (United States)

ASN13335 (CLOUDFLARENET, US)

iclickcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.239.33.56 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

read.amazon.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.68.108 (Seattle, United States)

ASN16509 (AMAZON-02, US)

read.amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.196.129 (Ascension Island)

ASN9002 (RETN-AS, GB)

bedrapiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.196.10 (Ascension Island)

ASN9002 (RETN-AS, GB)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.195.46 (Ascension Island)

ASN9002 (RETN-AS, GB)

toglooman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.196.108 (Ascension Island)

ASN9002 (RETN-AS, GB)

onmarshtompor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:97b (United States)

ASN13335 (CLOUDFLARENET, US)

static.lalaping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:a62 (United States)

ASN13335 (CLOUDFLARENET, US)

littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.254 (Ascension Island)

ASN9002 (RETN-AS, GB)

o.wowreality.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.9 (Ascension Island)

ASN9002 (RETN-AS, GB)

onstunkyr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	portalsbrain.com portalsbrain.com	57 KB
9	doubleclick.net googleads.g.doubleclick.net
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	196 KB
6	google.com adservice.google.com www.google.com	36 KB
5	toglooman.com toglooman.com	124 KB
5	inpagepush.com inpagepush.com	30 KB
2	wowreality.info o.wowreality.info	403 B
2	littlecdn.com littlecdn.com	14 KB
2	wp.com stats.wp.com pixel.wp.com	3 KB
1	onstunkyr.com onstunkyr.com	482 B
1	lalaping.com static.lalaping.com	33 KB
1	onmarshtompor.com onmarshtompor.com
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	803 B
1	googleadservices.com partner.googleadservices.com	644 B
1	bedrapiona.com bedrapiona.com	2 KB
1	amazon.com read.amazon.com
1	amazon.co.uk 1 redirects read.amazon.co.uk	567 B
1	iclickcdn.com iclickcdn.com	22 KB
1	wordpress.com s.wordpress.com	10 KB
61	20

	Domain	Requested by
12	portalsbrain.com	portalsbrain.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com
6	pagead2.googlesyndication.com	portalsbrain.com pagead2.googlesyndication.com
5	www.google.com	portalsbrain.com
5	toglooman.com	iclickcdn.com toglooman.com
5	inpagepush.com	iclickcdn.com inpagepush.com
2	o.wowreality.info	static.lalaping.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	littlecdn.com	portalsbrain.com inpagepush.com
1	onstunkyr.com
1	static.lalaping.com	toglooman.com
1	onmarshtompor.com	iclickcdn.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pixel.wp.com	portalsbrain.com
1	bedrapiona.com	iclickcdn.com
1	read.amazon.com	portalsbrain.com
1	read.amazon.co.uk	1 redirects
1	iclickcdn.com	portalsbrain.com
1	stats.wp.com	portalsbrain.com
1	s.wordpress.com	portalsbrain.com
61	23

This site contains links to these domains. Also see Links.

Domain
arnoldclarkemployee.com
ace.cbp.dhs.gov
www.arnoldclark.com
www.arnoldclarkemployee.co.uk
www.cbp.gov
www.artscouncil.org.uk
myace.ace.edu
www.clinical.pc.rhul.ac.uk
cdn2.hubspot.net
info.expeditors.com
www.amazon.co.uk
generatepress.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-28` - `2021-08-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-12` - `2022-11-14`	2 years	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
read.amazon.com Amazon	`2020-08-11` - `2021-07-20`	a year	crt.sh
bedrapiona.com R3	`2020-12-07` - `2021-03-07`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
inpagepush.com Let's Encrypt Authority X3	`2020-11-11` - `2021-02-09`	3 months	crt.sh
toglooman.com R3	`2020-12-15` - `2021-03-15`	3 months	crt.sh
onmarshtompor.com R3	`2021-01-13` - `2021-04-13`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
o.wowreality.info Let's Encrypt Authority X3	`2020-11-13` - `2021-02-11`	3 months	crt.sh
onstunkyr.com R3	`2021-01-03` - `2021-04-03`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://portalsbrain.com/ace/
Frame ID: FC8AB2F7BB5BFFAF19BD306090D5B0C2
Requests: 44 HTTP requests in this frame

Frame: https://read.amazon.com/kp/card?preview=inline&linkCode=kpd&ref_=k4w_oembed_dsBRTXDXzIhz8R&asin=B07KX661FN&tag=kpembed-20
Frame ID: 970582300FDD9946C6108073778EE12F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210120/r20190131/zrt_lookup.html
Frame ID: A0F8B74466618B6C1864B4AA2F207478
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2842740835438897&output=html&h=280&slotname=7832924261&adk=3356767420&adf=2646997758&pi=t.ma~as.7832924261&w=725&fwrn=4&fwrnh=100&lmt=1611568644&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fportalsbrain.com%2Face%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1611568942029&bpp=21&bdt=181&idt=157&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4396251637730&frm=20&pv=2&ga_vid=1621760239.1611568942&ga_sid=1611568942&ga_hid=1396110598&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C21066923%2C21068769%2C21068786&oid=3&pvsid=310964250190493&pem=480&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=7yvChaAWvv&p=https%3A//portalsbrain.com&dtd=177
Frame ID: 6822BDF076A3690EFDEAEB6BC2788E32
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2842740835438897&output=html&adk=1812271804&adf=3025194257&lmt=1611568644&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fportalsbrain.com%2Face%2F&ea=0&flash=0&pra=7&wgl=1&dt=1611568942051&bpp=3&bdt=202&idt=166&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x280&nras=1&correlator=4396251637730&frm=20&pv=1&ga_vid=1621760239.1611568942&ga_sid=1611568942&ga_hid=1396110598&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C21066923%2C21068769%2C21068786&oid=3&pvsid=310964250190493&pem=480&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=174
Frame ID: 29792950D542183ADD8B953E9A7A2441
Requests: 1 HTTP requests in this frame

Frame: https://onmarshtompor.com/fac.php
Frame ID: 3EA03351A20DA3F8D44BDB30984FCBAD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2842740835438897&output=html&h=280&adk=618082808&adf=3981370681&pi=t.aa~a.647242831~i.28~rp.4&w=725&fwrn=4&fwrnh=100&lmt=1611568644&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5009967149&psa=1&ad_type=text_image&format=725x280&url=https%3A%2F%2Fportalsbrain.com%2Face%2F&flash=0&fwr=0&pra=3&rh=182&rw=725&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1611568942350&bpp=1&bdt=501&idt=-M&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x280%2C0x0&nras=2&correlator=4396251637730&frm=20&pv=1&ga_vid=1621760239.1611568942&ga_sid=1611568942&ga_hid=1396110598&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C21066923%2C21068769%2C21068786&oid=3&pvsid=310964250190493&pem=480&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=heMdCsapnN&p=https%3A//portalsbrain.com&dtd=24
Frame ID: 045613F01C5440B71DE58ED6A8477896
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2842740835438897&output=html&h=280&adk=618082808&adf=963025780&pi=t.aa~a.647242831~i.36~rp.4&w=725&fwrn=4&fwrnh=100&lmt=1611568644&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5009967149&psa=1&ad_type=text_image&format=725x280&url=https%3A%2F%2Fportalsbrain.com%2Face%2F&flash=0&fwr=0&pra=3&rh=182&rw=725&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1611568942350&bpp=1&bdt=502&idt=-M&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x280%2C0x0%2C725x280&nras=3&correlator=4396251637730&frm=20&pv=1&ga_vid=1621760239.1611568942&ga_sid=1611568942&ga_hid=1396110598&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=2326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C21066923%2C21068769%2C21068786&oid=3&pvsid=310964250190493&pem=480&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1c0ZPrz9Rh&p=https%3A//portalsbrain.com&dtd=28
Frame ID: 4C2D3A0140C8CE28656499EBCCB42133
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2842740835438897&output=html&h=280&adk=618082808&adf=526681016&pi=t.aa~a.647242831~i.56~rp.4&w=725&fwrn=4&fwrnh=100&lmt=1611568644&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5009967149&psa=1&ad_type=text_image&format=725x280&url=https%3A%2F%2Fportalsbrain.com%2Face%2F&flash=0&fwr=0&pra=3&rh=182&rw=725&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1611568942350&bpp=1&bdt=502&idt=-M&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x280%2C0x0%2C725x280%2C725x280&nras=4&correlator=4396251637730&frm=20&pv=1&ga_vid=1621760239.1611568942&ga_sid=1611568942&ga_hid=1396110598&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=3280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C21066923%2C21068769%2C21068786&oid=3&pvsid=310964250190493&pem=480&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=pFcJCkWzFY&p=https%3A//portalsbrain.com&dtd=31
Frame ID: 3DDC66C5AB867A061BFBA3E09FB4E554
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2842740835438897&output=html&h=280&adk=618082808&adf=1430867602&pi=t.aa~a.647242831~i.66~rp.4&w=725&fwrn=4&fwrnh=100&lmt=1611568644&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5009967149&psa=1&ad_type=text_image&format=725x280&url=https%3A%2F%2Fportalsbrain.com%2Face%2F&flash=0&fwr=0&pra=3&rh=182&rw=725&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1611568942350&bpp=1&bdt=502&idt=1&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x280%2C0x0%2C725x280%2C725x280%2C725x280&nras=5&correlator=4396251637730&frm=20&pv=1&ga_vid=1621760239.1611568942&ga_sid=1611568942&ga_hid=1396110598&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=3954&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C21066923%2C21068769%2C21068786&oid=3&pvsid=310964250190493&pem=480&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=yetpvb1ABb&p=https%3A//portalsbrain.com&dtd=35
Frame ID: C853B7C5C0032BDF0B450867B085F04B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2842740835438897&output=html&h=100&adk=2687913576&adf=1580075210&pi=t.aa~a.947649015~rp.4&w=725&fwrn=4&fwrnh=100&lmt=1611568644&rafmt=1&to=qs&pwprc=5009967149&psa=1&format=725x100&url=https%3A%2F%2Fportalsbrain.com%2Face%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611568942359&bpp=1&bdt=510&idt=1&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79d193e56ba81f6c-2255b769c8b900e8%3AT%3D1611568942%3ART%3D1611568942%3AS%3DALNI_MaWQkweZ5zG5xDbzc7eCsTAxPG2jA&prev_fmts=725x280%2C0x0%2C725x280%2C725x280%2C725x280%2C725x280&nras=5&correlator=4396251637730&frm=20&pv=1&ga_vid=1621760239.1611568942&ga_sid=1611568942&ga_hid=1396110598&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=4780&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C21066923%2C21068769%2C21068786&oid=3&pvsid=310964250190493&pem=480&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ycqrtsAcve&p=https%3A//portalsbrain.com&dtd=199
Frame ID: CA953D1A3F0C51388F845119476D8C6C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2842740835438897&output=html&h=280&adk=3706268327&adf=28632847&pi=t.aa~a.947649015~rp.1&w=725&fwrn=4&fwrnh=100&lmt=1611568644&rafmt=1&to=qs&pwprc=5009967149&psa=1&format=725x280&url=https%3A%2F%2Fportalsbrain.com%2Face%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611568942356&bpp=1&bdt=508&idt=1&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79d193e56ba81f6c-2255b769c8b900e8%3AT%3D1611568942%3ART%3D1611568942%3AS%3DALNI_MaWQkweZ5zG5xDbzc7eCsTAxPG2jA&prev_fmts=725x280%2C0x0%2C725x280%2C725x280%2C725x280%2C725x280%2C725x100&nras=5&correlator=4396251637730&frm=20&pv=1&ga_vid=1621760239.1611568942&ga_sid=1611568942&ga_hid=1396110598&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=4459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C21066923%2C21068769%2C21068786&oid=3&pvsid=310964250190493&pem=480&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=6&fsb=1&xpc=aAjzEzupYt&p=https%3A//portalsbrain.com&dtd=210
Frame ID: 325B96B1B28DF5B20B578E30C0B82FFB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 5112E8BC4919424447E626AF0AA9BF62
Requests: 1 HTTP requests in this frame

Frame: https://littlecdn.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/0276441336168.png
Frame ID: 1ECFEE14CE7CC72264183E23ED5C6F95
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

61
Requests

100 %
HTTPS

39 %
IPv6

20
Domains

23
Subdomains

17
IPs

4
Countries

559 kB
Transfer

1525 kB
Size

5
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://arnoldclarkemployee.com/
Title: 1. EMSAuthenticationLogin

Search URL Search Domain Scan URL

URL: https://ace.cbp.dhs.gov/
Title: 2. ACE Portal – Homeland Security

Search URL Search Domain Scan URL

URL: https://www.arnoldclark.com/newsroom/execs
Title: 3. EMSAuthenticationLogin – Arnold Clark

Search URL Search Domain Scan URL

URL: http://www.arnoldclarkemployee.co.uk/
Title: 4. EMSAuthenticationLogin

Search URL Search Domain Scan URL

URL: https://www.cbp.gov/trade/automated/getting-started/portal-applying
Title: 5. Applying for an ACE Secure Data Portal Account | U.S. …

Search URL Search Domain Scan URL

URL: https://www.cbp.gov/sites/default/files/assets/documents/2017-May/ACE%20Basics%20-%20Portal%20Account_1.pdf
Title: 6. ACE Basics – The ACE Portal Account

Search URL Search Domain Scan URL

URL: https://www.artscouncil.org.uk/get-funding/our-new-application-portal-grantium
Title: 7. Our new application portal: Grantium | Arts Council England

Search URL Search Domain Scan URL

URL: https://myace.ace.edu/
Title: 8. ACE

Search URL Search Domain Scan URL

URL: https://www.clinical.pc.rhul.ac.uk/
Title: 9. ACE portal

Search URL Search Domain Scan URL

URL: https://cdn2.hubspot.net/hubfs/135967/docs/trade_alerts/Establishing_and_ACE_Exporter_Account.pdf?t=1435354918500
Title: 10. Establishing and ACE Exporter Account Current ACE Portal …

Search URL Search Domain Scan URL

URL: https://info.expeditors.com/newsflash/cbp-issues-reminder-of-ace-portal-truck-manifest-user-interface-retirement
Title: 11. CBP Issues Reminder of ACE Portal Truck Manifest User …

Search URL Search Domain Scan URL

URL: https://www.amazon.co.uk/Portal-Cool-Sweet-Pea-Seeds/dp/B07KX661FN
Title: 12. Portal Cool Sweet Pea – Red Ace – 50 Seeds: Amazon.co.uk …

Search URL Search Domain Scan URL

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://read.amazon.co.uk/kp/card?preview=inline&linkCode=kpd&ref_=k4w_oembed_dsBRTXDXzIhz8R&asin=B07KX661FN&tag=kpembed-20 HTTP 302
https://read.amazon.com/kp/card?preview=inline&linkCode=kpd&ref_=k4w_oembed_dsBRTXDXzIhz8R&asin=B07KX661FN&tag=kpembed-20

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
portalsbrain.com/ace/ 28 KB
9 KB 85ms
67ms Document
text/html 2606:4700:3034::6815:5426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalsbrain.com/ace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:5426 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / HOSTVN.VN

Resource Hash

0f030a0246a7cebae0c98e9cd18296ad1e8c48995f99efd6de36775f3ee30d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: portalsbrain.com
:scheme: https
:path: /ace/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:21 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d82ad5b50eda833cf440e7e50ff03c4ab1611568941; expires=Wed, 24-Feb-21 10:02:21 GMT; path=/; domain=.portalsbrain.com; HttpOnly; SameSite=Lax; Secure
x-pingback: https://portalsbrain.com/xmlrpc.php
link: <https://portalsbrain.com/wp-json/>; rel="https://api.w.org/" <https://portalsbrain.com/wp-json/wp/v2/posts/16407>; rel="alternate"; type="application/json" <https://portalsbrain.com/?p=16407>; rel=shortlink
last-modified: Mon, 25 Jan 2021 09:57:24 GMT
vary: Accept-Encoding
x-powered-by: HOSTVN.VN
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
cf-request-id: 07da97a2d20000e00743252000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pteOzNZt0LSq9hd4h%2BRZYVDJopFnEeLHdmfj5YAxiUxU%2BQUUR5TYjevVnsMhvuNJZSfbDWeSwb%2B0Ipgpd3%2Fh7KPyxfGw3IdPU7XeIxuJGpsRrkCC0x1bgTrt0UzD"}],"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 6171287e1cd8e007-FRA
content-encoding: br

GET
H2 200 style.min.css
portalsbrain.com/wp-includes/css/dist/block-library/ 50 KB
7 KB 17ms
16ms Stylesheet
text/css 2606:4700:3034::6815:5426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsbrain.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6
Requested by: Host: portalsbrain.com
URL: https://portalsbrain.com/ace/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 168965
cf-request-id: 07da97a31b0000e007481e5000000001
last-modified: Tue, 15 Dec 2020 23:55:17 GMT
server: cloudflare
etag: W/"5fd94ce5-c8e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mfh1rEBIRq1FRuGayWJoOfxblzpgIl9qKIlHkqU7TnGjpCKzsac5i%2FgM%2B2xibEE9lRVnFNpQkT08VzqtwCeXR09U%2FNQm0XsvSgjfwoLwlWGoyaK%2BApHYnG%2Fm0neJ"}],"group":"cf-nel"}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=8380800, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 6171287e9e09e007-FRA
expires: Fri, 30 Apr 2021 11:06:16 GMT

GET
H2 200 all.min.css
portalsbrain.com/wp-content/themes/generatepress/assets/css/ 31 KB
7 KB 16ms
15ms Stylesheet
text/css 2606:4700:3034::6815:5426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsbrain.com/wp-content/themes/generatepress/assets/css/all.min.css?ver=3.0.2
Requested by: Host: portalsbrain.com
URL: https://portalsbrain.com/ace/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73bbc5206f991d8a603fe956c759d27cc4185cac74373f507b4e2dbf4764047c

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 168965
cf-request-id: 07da97a31c0000e0073c8ef000000001
last-modified: Thu, 15 Oct 2020 06:12:06 GMT
server: cloudflare
etag: W/"5f87e836-7a07"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YJaBTyJ2GQIb0%2BCuvtbn4DzLM8kk5EI%2FePd1pb2EGabR2uVGDcXNZyatMKE3s3JN%2FKsfS4nWfd2OtoKIkbClB2JEDyApCTFWoRw1XTqm3Qv48SbsWIwEPiXBiS30"}],"group":"cf-nel"}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=8380800, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 6171287e9e0ae007-FRA
expires: Fri, 30 Apr 2021 11:06:16 GMT

GET
H2 200 font-icons.min.css
portalsbrain.com/wp-content/themes/generatepress/assets/css/components/ 3 KB
1 KB 15ms
15ms Stylesheet
text/css 2606:4700:3034::6815:5426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsbrain.com/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.0.2
Requested by: Host: portalsbrain.com
URL: https://portalsbrain.com/ace/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ccef01c8b992a66a79e7ee0d1d88303bfd159a77058fc9bd8cef15af49f5aaa

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 168965
cf-request-id: 07da97a31c0000e0078a8d6000000001
last-modified: Thu, 15 Oct 2020 06:12:06 GMT
server: cloudflare
etag: W/"5f87e836-ade"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SJBNy81XTSj910bOH5eug7KvKEScTAVHhFh7CUeiZYWjTX0odORtr5s4HDcsIJ3qATK8%2FQyQXp4O96mQK9MAQzwQkZbfE%2F9VzNKi3eD7bpmyzRIWViivJsGQ5Fy6"}],"group":"cf-nel"}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=8380800, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 6171287e9e0be007-FRA
expires: Fri, 30 Apr 2021 11:06:16 GMT

GET
H2 200 jetpack.css
portalsbrain.com/wp-content/plugins/jetpack/css/ 75 KB
13 KB 18ms
18ms Stylesheet
text/css 2606:4700:3034::6815:5426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsbrain.com/wp-content/plugins/jetpack/css/jetpack.css?ver=9.3.1
Requested by: Host: portalsbrain.com
URL: https://portalsbrain.com/ace/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50230a768774ba88bdeb31d5bf3cdcd95b90248334753ab4256aed572396d97b

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 168965
cf-request-id: 07da97a31c0000e0073825d000000001
last-modified: Sat, 16 Jan 2021 07:46:30 GMT
server: cloudflare
etag: W/"600299d6-12d1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rM7OrmZ4U3XYMvioOYaHxUJtDekCoir8W55c9P7mZ3VMaPCVrPWEKjrAx8hjDsSoWR5E%2FiuFZwrI8MRrd60I8WUgx6I346JTd8iUSeLLZ8RKWl7ROnHwt76eFO3X"}],"group":"cf-nel"}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=8380800, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 6171287e9e0ce007-FRA
expires: Fri, 30 Apr 2021 11:06:16 GMT

GET
H2 200 api.js Show response
portalsbrain.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 11ms
9ms Script
text/javascript 2606:4700:3034::6815:5426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalsbrain.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: portalsbrain.com
URL: https://portalsbrain.com/ace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:5426 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y3sK9sfkcvbMOcx0fgMUViHRdCUNT%2BAm8Ou4FKmw2RQkFKZk35QyBnFZ3v%2Bh9SvsvE8u2k7i7O1NsaJEOIFjcOJjJT1qxsqQyFbJxiOQeroTnaXSOWG3wSq13JJ5"}],"group":"cf-nel"}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6171287ece5ce007-FRA
cf-request-id: 07da97a33d0000e00758b18000000001

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 59ms
37ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: portalsbrain.com
URL: https://portalsbrain.com/ace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71674f16bc0443461156f1bcb86acbc3a5256c97c66cc412b9498972564e01ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47256
x-xss-protection: 0
server: cafe
etag: 10183075830532257014
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 25 Jan 2021 10:02:21 GMT

GET
H2 200 /
s.wordpress.com/mshots/v1/https://arnoldclarkemployee.com/ 10 KB
10 KB 159ms
58ms Image
image/jpeg 192.0.77.33
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.wordpress.com/mshots/v1/https://arnoldclarkemployee.com/?w=350

Requested by

Host: portalsbrain.com
URL: https://portalsbrain.com/ace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a3b6f68baeb9f6f101b2c54f6a4488f9588d8d59c867c6d3472294bea9a5fb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 25 Jan 2021 10:02:22 GMT
x-ac: 2.hhn _dfw
last-modified: Sun, 24 Jan 2021 14:25:40 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/jpeg
cache-control: public, max-age=43200
expires: Mon, 25 Jan 2021 21:58:35 GMT

GET
H2 200 main.min.js Show response
portalsbrain.com/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 19ms
17ms Script
application/javascript 2606:4700:3034::6815:5426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsbrain.com/wp-content/themes/generatepress/assets/js/main.min.js?ver=3.0.2
Requested by: Host: portalsbrain.com
URL: https://portalsbrain.com/ace/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 168964
cf-request-id: 07da97a33f0000e007a9924000000001
last-modified: Thu, 15 Oct 2020 06:12:06 GMT
server: cloudflare
etag: W/"5f87e836-1c98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=80McjnzEqqS19YV1punE5wQ%2FU1lie9%2FLSFZs1Z6gqkyJUFeEP3qgsJZ9rXMVrbkLg76T6XFi3hAhJOc2U0GjGlZ%2BtWvCAioYSl1vYBC2NZ1DuEfywO2nHzdNSdZl"}],"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=8380800, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 6171287ece55e007-FRA
expires: Fri, 30 Apr 2021 11:06:17 GMT

GET
H2 200 comment-reply.min.js Show response
portalsbrain.com/wp-includes/js/ 3 KB
1 KB 18ms
16ms Script
application/javascript 2606:4700:3034::6815:5426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsbrain.com/wp-includes/js/comment-reply.min.js?ver=5.6
Requested by: Host: portalsbrain.com
URL: https://portalsbrain.com/ace/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a16df2f75e04129b12a5fde7311c7ea9131418080fd3f6bcb2b28ce1faa2fe8e

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 168964
cf-request-id: 07da97a33c0000e00776305000000001
last-modified: Fri, 30 Oct 2020 01:29:53 GMT
server: cloudflare
etag: W/"5f9b6c91-bdb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9Zm3uPty9P3SJrwggRTiDKJQWYsPhqVAi44MKM7kHpCQZDGOhCFOjhIEOIEmD3eFCWNGrffUAh7g1ZHxcUBWJS3KQirQpBR0cQO65oQ%2B7SyTLa0w2X571OYQGT0i"}],"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=8380800, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 6171287ece57e007-FRA
expires: Fri, 30 Apr 2021 11:06:17 GMT

GET
H2 200 wp-embed.min.js Show response
portalsbrain.com/wp-includes/js/ 1 KB
973 B 21ms
18ms Script
application/javascript 2606:4700:3034::6815:5426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsbrain.com/wp-includes/js/wp-embed.min.js?ver=5.6
Requested by: Host: portalsbrain.com
URL: https://portalsbrain.com/ace/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 168964
cf-request-id: 07da97a33d0000e0078697b000000001
last-modified: Fri, 28 Aug 2020 15:37:37 GMT
server: cloudflare
etag: W/"5f4924c1-59a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BEzb8nHw%2FwEmARIhTy8j02DvvpKAzDEOmyLPUDuMHvhh3HgOUM5HKYABv2ERo%2BY8LMDeTXPzo9318iMGBIqHZdWu94PIY6aQa%2BqhhyDPUojQMkz6cJ2plr4IRR7k"}],"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=8380800, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 6171287ece5be007-FRA
expires: Fri, 30 Apr 2021 11:06:17 GMT

GET
H2 200 e-202104.js Show response
stats.wp.com/ 9 KB
3 KB 153ms
52ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202104.js
Requested by: Host: portalsbrain.com
URL: https://portalsbrain.com/ace/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn
date: Mon, 25 Jan 2021 10:02:22 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sun, 16 Jan 2022 22:10:48 GMT

GET
H2 200 tag.min.js Show response
iclickcdn.com/ 81 KB
22 KB 34ms
13ms Script
application/javascript 2606:4700:20::681a:c76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iclickcdn.com/tag.min.js
Requested by: Host: portalsbrain.com
URL: https://portalsbrain.com/ace/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf44440b5a5d9f372b338ca5859fa02f7a8997b19bfe709fff0bd40a6d6f7f79

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
timing-allow-origin: *
age: 36584
access-control-allow-methods: GET, POST, OPTIONS
content-length: 21958
cf-request-id: 07da97a350000016f25937e000000001
x-trace-id: 630694a2f6941c5501b894c04a806339
pragma: no-cache
last-modified: Thu, 21 Jan 2021 10:54:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Yj7Qq0GB6PHVktueTEeOni5DsMR1hsyB7atiqq9yHj7OvXDLh83lTXJeuaEbjec5VPaMAkHGRmPxVry5eoNj5J9nML3xGfDKwvLnnOfWXbl0F6bN82QUydWN"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6171287eed7116f2-FRA
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Mon, 25 Jan 2021 23:52:37 GMT

GET
H2 200 wp-emoji-release.min.js Show response
portalsbrain.com/wp-includes/js/ 14 KB
5 KB 16ms
15ms Script
application/javascript 2606:4700:3034::6815:5426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsbrain.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6
Requested by: Host: portalsbrain.com
URL: https://portalsbrain.com/ace/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 168964
cf-request-id: 07da97a33f0000e0073c8f2000000001
last-modified: Tue, 15 Dec 2020 23:55:17 GMT
server: cloudflare
etag: W/"5fd94ce5-37a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gNMxj7nms79priGWP8I8c3t%2BfkbNjrndbnqDbbtdQFyLfYfFIh5l%2BGFLFLOm0s1flJ3augMK1Gfp3KyN2XZs%2BSP8YOjjoCKwZmHOB6rWPeqmBkbO027zJWDyIae8"}],"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=8380800, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 6171287ece61e007-FRA
expires: Fri, 30 Apr 2021 11:06:17 GMT

GET
H2

200

card
read.amazon.com/kp/ Frame 9705
Redirect Chain

https://read.amazon.co.uk/kp/card?preview=inline&linkCode=kpd&ref_=k4w_oembed_dsBRTXDXzIhz8R&asin=B07KX661FN&tag=kpembed-20
https://read.amazon.com/kp/card?preview=inline&linkCode=kpd&ref_=k4w_oembed_dsBRTXDXzIhz8R&asin=B07KX661FN&tag=kpembed-20

0
0

398ms
244ms

Document
text/html

65.9.68.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://read.amazon.com/kp/card?preview=inline&linkCode=kpd&ref_=k4w_oembed_dsBRTXDXzIhz8R&asin=B07KX661FN&tag=kpembed-20
Requested by: Host: portalsbrain.com
URL: https://portalsbrain.com/ace/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

:method: GET
:authority: read.amazon.com
:scheme: https
:path: /kp/card?preview=inline&linkCode=kpd&ref_=k4w_oembed_dsBRTXDXzIhz8R&asin=B07KX661FN&tag=kpembed-20
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalsbrain.com/ace/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalsbrain.com/ace/

Response headers

content-type: text/html;charset=UTF-8
server: Server
date: Mon, 25 Jan 2021 10:02:22 GMT
content-language: en-US
content-encoding: gzip
vary: Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment
set-cookie: session-id=144-8931140-3470705; Domain=.amazon.com; Expires=Tue, 01-Jan-2036 08:00:01 GMT; Path=/ session-id-time=2082787201l; Domain=.amazon.com; Expires=Tue, 01-Jan-2036 08:00:01 GMT; Path=/
x-amz-rid: Q8Q70T679H237T01MRVM
x-cache: Miss from cloudfront
via: 1.1 9570c3a1725c20e6faed117bbb74223b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: iIPuB3NndygGg_2oP7QPt8jjcEcBluRHK9Rh3RKK3tuR69OkvrLMhA==

Redirect headers

Server: Server
Date: Mon, 25 Jan 2021 10:02:22 GMT
Content-Length: 0
Connection: keep-alive
Location: https://read.amazon.com/kp/card?preview=inline&linkCode=kpd&ref_=k4w_oembed_dsBRTXDXzIhz8R&asin=B07KX661FN&tag=kpembed-20
Set-Cookie: session-id=260-0218293-5745107; Domain=.amazon.co.uk; Expires=Tue, 01-Jan-2036 08:00:01 GMT; Path=/ session-id-time=2082787201l; Domain=.amazon.co.uk; Expires=Tue, 01-Jan-2036 08:00:01 GMT; Path=/
x-amz-rid: 774M0VAMTEN33AF0GADX
Vary: Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment

GET
H2 200 generatepress.woff2
portalsbrain.com/wp-content/themes/generatepress/assets/fonts/ 1 KB
2 KB 12ms
12ms Font
font/woff2 2606:4700:3034::6815:5426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsbrain.com/wp-content/themes/generatepress/assets/fonts/generatepress.woff2
Requested by: Host: portalsbrain.com
URL: https://portalsbrain.com/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.0.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd

Request headers

Origin: https://portalsbrain.com
Referer: https://portalsbrain.com/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.0.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:21 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 168964
content-length: 1264
cf-request-id: 07da97a37c0000e00786981000000001
last-modified: Thu, 15 Oct 2020 06:12:06 GMT
server: cloudflare
etag: "5f87e836-4f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xu3gTk7Z2Gzs4ZvSbQvxLyGtUOSVyhSZV55%2BPgTpC637x3GBtuPb%2BZAb6nnbI3XNaazOb0PCIWmmccYzzRn26Rc9cD%2BXk7D7z7TagckZScV3wULVOhZ5xGRV22T3"}],"group":"cf-nel"}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 6171287f2f52e007-FRA
expires: Sun, 23 Jan 2022 11:06:17 GMT

GET
H/1.1 200
OK / Show response
bedrapiona.com/5/3877104/ 3 KB
2 KB 230ms
58ms XHR
application/json 139.45.196.129
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/3877104/?oo=1
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.196.129 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 05d1da48b1b2bb6d56ededc7d0a7246da06b40d55e422946ace5c82a228433cb

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 7d89f93b734dcc0d071a655094092e15
Pragma: no-cache, no-cache
Date: Mon, 25 Jan 2021 10:02:22 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://portalsbrain.com
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/ 224 KB
85 KB 76ms
62ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

261d6dc86d7002888cd60be2998e37ccf910233d570151dc206564ac459ffdce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 85977
x-xss-protection: 0
server: cafe
etag: 16085909096229427883
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Jan 2021 10:02:22 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210120/r20190131/ Frame A0F8 0
0 6ms
6ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210120/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210120/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalsbrain.com/ace/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalsbrain.com/ace/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 24 Jan 2021 19:41:33 GMT
expires: Sun, 07 Feb 2021 19:41:33 GMT
content-type: text/html; charset=UTF-8
etag: 1252425945412704235
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4751
x-xss-protection: 0
age: 51649
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 g.gif
pixel.wp.com/ 50 B
92 B 50ms
49ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.3.1&blog=182326602&post=16407&tz=0&srv=portalsbrain.com&host=portalsbrain.com&ref=&fcp=188&rand=0.4901122976432837
Requested by: Host: portalsbrain.com
URL: https://portalsbrain.com/ace/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:22 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

POST
H2 204 result Show response
portalsbrain.com/cdn-cgi/bm/cv/ 0
540 B 11ms
11ms XHR
text/plain 2606:4700:3034::6815:5426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsbrain.com/cdn-cgi/bm/cv/result?req_id=6171287e1cd8e007
Requested by: Host: portalsbrain.com
URL: https://portalsbrain.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Jan 2021 10:02:22 GMT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C2ew040I4llM9YHd5933RFg8QQwoN84ACsLDyJHgPqJ9Rlfxh85a%2BVO4mWahc32hsm02f6r4XaF83a8tkkBKIAGXRRgTl2u1ZF6G8%2Bx8iXojgiWPbXw7SKS%2BupVs"}],"group":"cf-nel"}
cf-ray: 6171288049f2e007-FRA
cf-request-id: 07da97a42c0000e00761959000000001

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
644 B 194ms
85ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=portalsbrain.com&callback=_gfp_s_&client=ca-pub-2842740835438897

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

983fd9f56123cde9d73cd16548c57643c68097fe828adbf9cca3c7c27d68889d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 48ms
28ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=portalsbrain.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jan 2021 10:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 47ms
28ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portalsbrain.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jan 2021 10:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6822 0
0 101ms
100ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2842740835438897&output=html&h=280&slotname=7832924261&adk=3356767420&adf=2646997758&pi=t.ma~as.7832924261&w=725&fwrn=4&fwrnh=100&lmt=1611568644&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fportalsbrain.com%2Face%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1611568942029&bpp=21&bdt=181&idt=157&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4396251637730&frm=20&pv=2&ga_vid=1621760239.1611568942&ga_sid=1611568942&ga_hid=1396110598&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C21066923%2C21068769%2C21068786&oid=3&pvsid=310964250190493&pem=480&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=7yvChaAWvv&p=https%3A//portalsbrain.com&dtd=177

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2842740835438897&output=html&h=280&slotname=7832924261&adk=3356767420&adf=2646997758&pi=t.ma~as.7832924261&w=725&fwrn=4&fwrnh=100&lmt=1611568644&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fportalsbrain.com%2Face%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1611568942029&bpp=21&bdt=181&idt=157&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4396251637730&frm=20&pv=2&ga_vid=1621760239.1611568942&ga_sid=1611568942&ga_hid=1396110598&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C21066923%2C21068769%2C21068786&oid=3&pvsid=310964250190493&pem=480&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=7yvChaAWvv&p=https%3A//portalsbrain.com&dtd=177
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalsbrain.com/ace/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalsbrain.com/ace/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 25 Jan 2021 10:02:22 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 25-Jan-2021 10:17:22 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 25 Jan 2021 10:02:22 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1187995a6a31ed3a06d13bae8d36edcc63782f5764897a5a62703d2d6cb840c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611319200633513"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28803
x-xss-protection: 0
expires: Mon, 25 Jan 2021 10:02:22 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2979 0
0 90ms
90ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2842740835438897&output=html&adk=1812271804&adf=3025194257&lmt=1611568644&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fportalsbrain.com%2Face%2F&ea=0&flash=0&pra=7&wgl=1&dt=1611568942051&bpp=3&bdt=202&idt=166&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x280&nras=1&correlator=4396251637730&frm=20&pv=1&ga_vid=1621760239.1611568942&ga_sid=1611568942&ga_hid=1396110598&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C21066923%2C21068769%2C21068786&oid=3&pvsid=310964250190493&pem=480&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=174

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2842740835438897&output=html&adk=1812271804&adf=3025194257&lmt=1611568644&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fportalsbrain.com%2Face%2F&ea=0&flash=0&pra=7&wgl=1&dt=1611568942051&bpp=3&bdt=202&idt=166&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x280&nras=1&correlator=4396251637730&frm=20&pv=1&ga_vid=1621760239.1611568942&ga_sid=1611568942&ga_hid=1396110598&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C21066923%2C21068769%2C21068786&oid=3&pvsid=310964250190493&pem=480&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=174
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalsbrain.com/ace/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalsbrain.com/ace/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 25 Jan 2021 10:02:22 GMT
server: cafe
content-length: 4954
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 25-Jan-2021 10:17:22 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 25 Jan 2021 10:02:22 GMT
cache-control: private

GET
H/1.1 200
OK 3877102 Show response
inpagepush.com/400/ 78 KB
28 KB 279ms
93ms Script
application/javascript 139.45.196.10
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3877102

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.10 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

c869b073f2716156dfa605a9a07949a0717ebdfee11fc1ede07d272e496c170b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: d376635ddbbb42bf58e1dae3df0269e5
Pragma: no-cache
Date: Mon, 25 Jan 2021 10:02:22 GMT
Content-Encoding: gzip
Vary: Origin
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 1 Show response
toglooman.com/ 7 KB
4 KB 265ms
66ms Script
text/javascript 139.45.195.46
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/1?z=3877103
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.195.46 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7f9d5092ca0c2c43787427e190908ce09cb7d2601d0e0271b1ed70cae7d2e740

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 10:02:22 GMT
Content-Encoding: gzip
X-Sc: RhgnqKKmS4uriBRl0ITZEaXK_X3ioup8vYxIxYiC5WfhN1CBuMdcxV3rabXeg7SNKuTJO9EdGrn0irehsiQYw7CEsyM=
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content fac.php
onmarshtompor.com/ Frame 3EA0 0
0 228ms
56ms Document
text/html 139.45.196.108
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/fac.php

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.108 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: onmarshtompor.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://portalsbrain.com/ace/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalsbrain.com/ace/

Response headers

Server: nginx
Date: Mon, 25 Jan 2021 10:02:22 GMT
Content-Type: text/html; charset=utf8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
X-Trace-Id: 53daceef27d3a1ba6f2179d105593cfd
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 39ms
39ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=6&wpc=ca-pub-2842740835438897&warn=12%2C13&w=1600&h=1200&eatf=false&reatf=true&a=6%2C1%2C5%2C7&apv=20210119_200449&sat=1611489504871&afm=0&as_count=1&d_count=0&ng_count=0&am_count=6&atf_count=1&mdns=0.045&alldns=0.285&allp=42&fd=(0%2C23%2C3)%2C(1%2C1%2C0)%2C(2%2C10%2C10)&pgh=6249&su=portalsbrain.com&r=0.1

Requested by

Host: portalsbrain.com
URL: https://portalsbrain.com/ace/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 10:02:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/ 141 KB
51 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d6ccbd573390effb568e68527ee33ac49ed08ae3c196243abbd12a0218a5bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 52015
x-xss-protection: 0
server: cafe
etag: 5838217673596305626
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Jan 2021 10:02:22 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0456 0
0 101ms
100ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2842740835438897&output=html&h=280&adk=618082808&adf=3981370681&pi=t.aa~a.647242831~i.28~rp.4&w=725&fwrn=4&fwrnh=100&lmt=1611568644&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5009967149&psa=1&ad_type=text_image&format=725x280&url=https%3A%2F%2Fportalsbrain.com%2Face%2F&flash=0&fwr=0&pra=3&rh=182&rw=725&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1611568942350&bpp=1&bdt=501&idt=-M&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x280%2C0x0&nras=2&correlator=4396251637730&frm=20&pv=1&ga_vid=1621760239.1611568942&ga_sid=1611568942&ga_hid=1396110598&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C21066923%2C21068769%2C21068786&oid=3&pvsid=310964250190493&pem=480&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=heMdCsapnN&p=https%3A//portalsbrain.com&dtd=24

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2842740835438897&output=html&h=280&adk=618082808&adf=3981370681&pi=t.aa~a.647242831~i.28~rp.4&w=725&fwrn=4&fwrnh=100&lmt=1611568644&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5009967149&psa=1&ad_type=text_image&format=725x280&url=https%3A%2F%2Fportalsbrain.com%2Face%2F&flash=0&fwr=0&pra=3&rh=182&rw=725&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1611568942350&bpp=1&bdt=501&idt=-M&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x280%2C0x0&nras=2&correlator=4396251637730&frm=20&pv=1&ga_vid=1621760239.1611568942&ga_sid=1611568942&ga_hid=1396110598&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C21066923%2C21068769%2C21068786&oid=3&pvsid=310964250190493&pem=480&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=heMdCsapnN&p=https%3A//portalsbrain.com&dtd=24
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalsbrain.com/ace/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalsbrain.com/ace/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 25 Jan 2021 10:02:22 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: IDE=AHWqTUkRGGWTFwgF_xFgCrwe0E-DGWxGz62r_flC-d02Op8MaeDgldQWHnBsOVSW; expires=Sat, 19-Feb-2022 10:02:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 25 Jan 2021 10:02:22 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 4C2D 0
0 143ms
143ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2842740835438897&output=html&h=280&adk=618082808&adf=963025780&pi=t.aa~a.647242831~i.36~rp.4&w=725&fwrn=4&fwrnh=100&lmt=1611568644&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5009967149&psa=1&ad_type=text_image&format=725x280&url=https%3A%2F%2Fportalsbrain.com%2Face%2F&flash=0&fwr=0&pra=3&rh=182&rw=725&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1611568942350&bpp=1&bdt=502&idt=-M&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x280%2C0x0%2C725x280&nras=3&correlator=4396251637730&frm=20&pv=1&ga_vid=1621760239.1611568942&ga_sid=1611568942&ga_hid=1396110598&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=2326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C21066923%2C21068769%2C21068786&oid=3&pvsid=310964250190493&pem=480&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1c0ZPrz9Rh&p=https%3A//portalsbrain.com&dtd=28

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2842740835438897&output=html&h=280&adk=618082808&adf=963025780&pi=t.aa~a.647242831~i.36~rp.4&w=725&fwrn=4&fwrnh=100&lmt=1611568644&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5009967149&psa=1&ad_type=text_image&format=725x280&url=https%3A%2F%2Fportalsbrain.com%2Face%2F&flash=0&fwr=0&pra=3&rh=182&rw=725&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1611568942350&bpp=1&bdt=502&idt=-M&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x280%2C0x0%2C725x280&nras=3&correlator=4396251637730&frm=20&pv=1&ga_vid=1621760239.1611568942&ga_sid=1611568942&ga_hid=1396110598&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=2326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C21066923%2C21068769%2C21068786&oid=3&pvsid=310964250190493&pem=480&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1c0ZPrz9Rh&p=https%3A//portalsbrain.com&dtd=28
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalsbrain.com/ace/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalsbrain.com/ace/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 25 Jan 2021 10:02:22 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: IDE=AHWqTUlqXPplSLP3FPE0NvqEB7GYp_DeDQQwrDAxZHvHVssy8BaHn5rUWwY_290Q; expires=Sat, 19-Feb-2022 10:02:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 25 Jan 2021 10:02:22 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3DDC 0
0 124ms
124ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2842740835438897&output=html&h=280&adk=618082808&adf=526681016&pi=t.aa~a.647242831~i.56~rp.4&w=725&fwrn=4&fwrnh=100&lmt=1611568644&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5009967149&psa=1&ad_type=text_image&format=725x280&url=https%3A%2F%2Fportalsbrain.com%2Face%2F&flash=0&fwr=0&pra=3&rh=182&rw=725&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1611568942350&bpp=1&bdt=502&idt=-M&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x280%2C0x0%2C725x280%2C725x280&nras=4&correlator=4396251637730&frm=20&pv=1&ga_vid=1621760239.1611568942&ga_sid=1611568942&ga_hid=1396110598&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=3280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C21066923%2C21068769%2C21068786&oid=3&pvsid=310964250190493&pem=480&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=pFcJCkWzFY&p=https%3A//portalsbrain.com&dtd=31

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2842740835438897&output=html&h=280&adk=618082808&adf=526681016&pi=t.aa~a.647242831~i.56~rp.4&w=725&fwrn=4&fwrnh=100&lmt=1611568644&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5009967149&psa=1&ad_type=text_image&format=725x280&url=https%3A%2F%2Fportalsbrain.com%2Face%2F&flash=0&fwr=0&pra=3&rh=182&rw=725&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1611568942350&bpp=1&bdt=502&idt=-M&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x280%2C0x0%2C725x280%2C725x280&nras=4&correlator=4396251637730&frm=20&pv=1&ga_vid=1621760239.1611568942&ga_sid=1611568942&ga_hid=1396110598&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=3280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C21066923%2C21068769%2C21068786&oid=3&pvsid=310964250190493&pem=480&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=pFcJCkWzFY&p=https%3A//portalsbrain.com&dtd=31
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalsbrain.com/ace/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalsbrain.com/ace/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 25 Jan 2021 10:02:22 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: IDE=AHWqTUlZ5XGXrKrIdQofsPWJnZ68gpJ09TyAMX4uMtOvQBS2vp71EAKai04h8vQS; expires=Sat, 19-Feb-2022 10:02:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 25 Jan 2021 10:02:22 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame C853 0
0 104ms
103ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2842740835438897&output=html&h=280&adk=618082808&adf=1430867602&pi=t.aa~a.647242831~i.66~rp.4&w=725&fwrn=4&fwrnh=100&lmt=1611568644&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5009967149&psa=1&ad_type=text_image&format=725x280&url=https%3A%2F%2Fportalsbrain.com%2Face%2F&flash=0&fwr=0&pra=3&rh=182&rw=725&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1611568942350&bpp=1&bdt=502&idt=1&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x280%2C0x0%2C725x280%2C725x280%2C725x280&nras=5&correlator=4396251637730&frm=20&pv=1&ga_vid=1621760239.1611568942&ga_sid=1611568942&ga_hid=1396110598&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=3954&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C21066923%2C21068769%2C21068786&oid=3&pvsid=310964250190493&pem=480&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=yetpvb1ABb&p=https%3A//portalsbrain.com&dtd=35

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2842740835438897&output=html&h=280&adk=618082808&adf=1430867602&pi=t.aa~a.647242831~i.66~rp.4&w=725&fwrn=4&fwrnh=100&lmt=1611568644&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5009967149&psa=1&ad_type=text_image&format=725x280&url=https%3A%2F%2Fportalsbrain.com%2Face%2F&flash=0&fwr=0&pra=3&rh=182&rw=725&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1611568942350&bpp=1&bdt=502&idt=1&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x280%2C0x0%2C725x280%2C725x280%2C725x280&nras=5&correlator=4396251637730&frm=20&pv=1&ga_vid=1621760239.1611568942&ga_sid=1611568942&ga_hid=1396110598&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=3954&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C21066923%2C21068769%2C21068786&oid=3&pvsid=310964250190493&pem=480&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=yetpvb1ABb&p=https%3A//portalsbrain.com&dtd=35
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalsbrain.com/ace/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalsbrain.com/ace/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 25 Jan 2021 10:02:22 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: IDE=AHWqTUltCYMVCU_J3N_wDwia81xVEZQm_s0kgqZuZB4R2tUzFZBHvZAa_GMmO_JE; expires=Sat, 19-Feb-2022 10:02:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 25 Jan 2021 10:02:22 GMT
cache-control: private

GET
H/1.1 200
OK 125732e2cacd97136364008a6cd2b63a Show response
toglooman.com/27/ 361 KB
119 KB 101ms
101ms Script
application/javascript 139.45.195.46
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://toglooman.com/27/125732e2cacd97136364008a6cd2b63a

Requested by

Host: toglooman.com
URL: https://toglooman.com/1?z=3877103

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.46 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

7f3e70910f6ae901920194016db3577bc1fc620ee21697baa01478885eaee317

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 10:02:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 21 Jan 2021 05:18:12 GMT
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: max-age:290304000, public
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Thu, 20 Feb 2081 05:18:12 GMT

GET
H/1.1 200
OK 38 Show response
toglooman.com/42/ 0
722 B 179ms
60ms Script
text/plain 139.45.195.46
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/42/38?z=3877103
Requested by: Host: toglooman.com
URL: https://toglooman.com/1?z=3877103
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.195.46 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 10:02:22 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Content-Length: 0
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame CA95 0
0 89ms
89ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2842740835438897&output=html&h=100&adk=2687913576&adf=1580075210&pi=t.aa~a.947649015~rp.4&w=725&fwrn=4&fwrnh=100&lmt=1611568644&rafmt=1&to=qs&pwprc=5009967149&psa=1&format=725x100&url=https%3A%2F%2Fportalsbrain.com%2Face%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611568942359&bpp=1&bdt=510&idt=1&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79d193e56ba81f6c-2255b769c8b900e8%3AT%3D1611568942%3ART%3D1611568942%3AS%3DALNI_MaWQkweZ5zG5xDbzc7eCsTAxPG2jA&prev_fmts=725x280%2C0x0%2C725x280%2C725x280%2C725x280%2C725x280&nras=5&correlator=4396251637730&frm=20&pv=1&ga_vid=1621760239.1611568942&ga_sid=1611568942&ga_hid=1396110598&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=4780&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C21066923%2C21068769%2C21068786&oid=3&pvsid=310964250190493&pem=480&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ycqrtsAcve&p=https%3A//portalsbrain.com&dtd=199

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2842740835438897&output=html&h=100&adk=2687913576&adf=1580075210&pi=t.aa~a.947649015~rp.4&w=725&fwrn=4&fwrnh=100&lmt=1611568644&rafmt=1&to=qs&pwprc=5009967149&psa=1&format=725x100&url=https%3A%2F%2Fportalsbrain.com%2Face%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611568942359&bpp=1&bdt=510&idt=1&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79d193e56ba81f6c-2255b769c8b900e8%3AT%3D1611568942%3ART%3D1611568942%3AS%3DALNI_MaWQkweZ5zG5xDbzc7eCsTAxPG2jA&prev_fmts=725x280%2C0x0%2C725x280%2C725x280%2C725x280%2C725x280&nras=5&correlator=4396251637730&frm=20&pv=1&ga_vid=1621760239.1611568942&ga_sid=1611568942&ga_hid=1396110598&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=4780&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C21066923%2C21068769%2C21068786&oid=3&pvsid=310964250190493&pem=480&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ycqrtsAcve&p=https%3A//portalsbrain.com&dtd=199
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalsbrain.com/ace/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlZ5XGXrKrIdQofsPWJnZ68gpJ09TyAMX4uMtOvQBS2vp71EAKai04h8vQS
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalsbrain.com/ace/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 25 Jan 2021 10:02:22 GMT
server: cafe
content-length: 205
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 325B 0
0 85ms
85ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2842740835438897&output=html&h=280&adk=3706268327&adf=28632847&pi=t.aa~a.947649015~rp.1&w=725&fwrn=4&fwrnh=100&lmt=1611568644&rafmt=1&to=qs&pwprc=5009967149&psa=1&format=725x280&url=https%3A%2F%2Fportalsbrain.com%2Face%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611568942356&bpp=1&bdt=508&idt=1&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79d193e56ba81f6c-2255b769c8b900e8%3AT%3D1611568942%3ART%3D1611568942%3AS%3DALNI_MaWQkweZ5zG5xDbzc7eCsTAxPG2jA&prev_fmts=725x280%2C0x0%2C725x280%2C725x280%2C725x280%2C725x280%2C725x100&nras=5&correlator=4396251637730&frm=20&pv=1&ga_vid=1621760239.1611568942&ga_sid=1611568942&ga_hid=1396110598&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=4459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C21066923%2C21068769%2C21068786&oid=3&pvsid=310964250190493&pem=480&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=6&fsb=1&xpc=aAjzEzupYt&p=https%3A//portalsbrain.com&dtd=210

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2842740835438897&output=html&h=280&adk=3706268327&adf=28632847&pi=t.aa~a.947649015~rp.1&w=725&fwrn=4&fwrnh=100&lmt=1611568644&rafmt=1&to=qs&pwprc=5009967149&psa=1&format=725x280&url=https%3A%2F%2Fportalsbrain.com%2Face%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611568942356&bpp=1&bdt=508&idt=1&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79d193e56ba81f6c-2255b769c8b900e8%3AT%3D1611568942%3ART%3D1611568942%3AS%3DALNI_MaWQkweZ5zG5xDbzc7eCsTAxPG2jA&prev_fmts=725x280%2C0x0%2C725x280%2C725x280%2C725x280%2C725x280%2C725x100&nras=5&correlator=4396251637730&frm=20&pv=1&ga_vid=1621760239.1611568942&ga_sid=1611568942&ga_hid=1396110598&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=4459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C21066923%2C21068769%2C21068786&oid=3&pvsid=310964250190493&pem=480&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=6&fsb=1&xpc=aAjzEzupYt&p=https%3A//portalsbrain.com&dtd=210
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalsbrain.com/ace/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlZ5XGXrKrIdQofsPWJnZ68gpJ09TyAMX4uMtOvQBS2vp71EAKai04h8vQS
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalsbrain.com/ace/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 25 Jan 2021 10:02:22 GMT
server: cafe
content-length: 205
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

OPTIONS
H/1.1 204
No Content 9
toglooman.com/ Frame 0
0 240ms
60ms Other 139.45.195.46
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=3877103&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fportalsbrain.com%2Face%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=12&sah=1200&drf=&hil=2&ist=0
Protocol: HTTP/1.1
Server: 139.45.195.46 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://portalsbrain.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 25 Jan 2021 10:02:22 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://portalsbrain.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 online.js Show response
static.lalaping.com/ 84 KB
33 KB 49ms
28ms Script
application/javascript 2606:4700:20::681a:97b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lalaping.com/online.js?ver=2.0.0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/125732e2cacd97136364008a6cd2b63a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:97b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 17:10:39 GMT
server: cloudflare
age: 1558
etag: W/"5fbbed0f-14f3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fsruVUfEqXBtMjqaDZh17xGDbDgEQs2Y77g5NlBwrj97hFrQGINsV0ew8jEKmhAr%2FqlZWBVaaErQDBVyj77dLV2CFEu9%2BTsTO1KQd9uZrpuUvxCbX85gDNL2j%2B04kAoE"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 6171288488d4c295-FRA
cf-request-id: 07da97a6d30000c29565396000000001

POST
H/1.1 204
No Content 9 Show response
toglooman.com/ 0
773 B 66ms
65ms XHR
application/javascript 139.45.195.46
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=3877103&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fportalsbrain.com%2Face%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=12&sah=1200&drf=&hil=2&ist=0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/125732e2cacd97136364008a6cd2b63a
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.195.46 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 10:02:23 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin: https://portalsbrain.com
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 3877102 Show response
inpagepush.com/500/ 1005 B
2 KB 65ms
65ms XHR
application/javascript 139.45.196.10
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3877102?excludes=&oaid=bd2d6fc6a0e84ed1b70b204b95593ea3&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=12&pl=https%3A%2F%2Fportalsbrain.com%2Face%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3877102

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.10 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

8ce03df9c13a4af727cf11268fb4d5774f4b99816c93067bb60924e85a42e160

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 25 Jan 2021 10:02:23 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 1005
X-Trace-Id: 371708c00ce25ab2f77a62631a700da6
Pragma: no-cache
Server: nginx
Vary: Origin
Content-Type: application/javascript
Access-Control-Allow-Origin: https://portalsbrain.com
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H/1.1 200
OK 3877102
inpagepush.com/500/ Frame 0
0 241ms
60ms Other 139.45.196.10
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Server

139.45.196.10 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://portalsbrain.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 25 Jan 2021 10:02:23 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://portalsbrain.com
Access-Control-Max-Age: 300
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *

GET
H2 200 googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 5 KB
5 KB 16ms
15ms Image
image/png 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Requested by

Host: portalsbrain.com
URL: https://portalsbrain.com/ace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5087
x-xss-protection: 0
expires: Mon, 25 Jan 2021 10:02:22 GMT

GET
H2 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 17ms
16ms Image
image/png 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Host: portalsbrain.com
URL: https://portalsbrain.com/ace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5969
x-xss-protection: 0
expires: Mon, 25 Jan 2021 10:02:22 GMT

GET
H2 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 13 KB
13 KB 21ms
20ms Image
image/png 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Requested by

Host: portalsbrain.com
URL: https://portalsbrain.com/ace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13504
x-xss-protection: 0
expires: Mon, 25 Jan 2021 10:02:22 GMT

GET
H2 200 googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 7 KB
7 KB 18ms
17ms Image
image/png 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Requested by

Host: portalsbrain.com
URL: https://portalsbrain.com/ace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
expires: Mon, 25 Jan 2021 10:02:22 GMT

GET
H2 200 googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 4 KB
4 KB 20ms
20ms Image
image/png 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Requested by

Host: portalsbrain.com
URL: https://portalsbrain.com/ace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3934
x-xss-protection: 0
expires: Mon, 25 Jan 2021 10:02:22 GMT

GET
H2 200 0276441336168.png
littlecdn.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/ 6 KB
7 KB 34ms
12ms Image
image/png 2606:4700:10::ac43:a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/0276441336168.png
Requested by: Host: portalsbrain.com
URL: https://portalsbrain.com/ace/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b3e928c0bf59b7e48ad949290f60585d1cbe2f43fe80aa8b560af4c7ff5d159

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:23 GMT
cf-cache-status: HIT
age: 4521
content-length: 6498
cf-request-id: 07da97a83b00002c22e3a6d000000001
last-modified: Fri, 07 Feb 2020 15:37:35 GMT
server: cloudflare
etag: "5e3d843f-1962"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61712886cf1d2c22-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 60ms
47ms XHR
application/json 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210120&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cc099c3858e21e708fd080f32c09d34ea7f079db0571c940276ac173d216a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jan 2021 10:02:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6771
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 42ms
17ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Mon, 25 Jan 2021 10:02:23 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 5112 0
0 38ms
22ms Document
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalsbrain.com/ace/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalsbrain.com/ace/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Mon, 25 Jan 2021 09:33:56 GMT
expires: Tue, 25 Jan 2022 09:33:56 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1707
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 42ms
42ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20210120&jk=310964250190493&bg=!AQKlAkHNAAVwd1e1cDsAKQB2-Dxa-ExQuzwAHFjxHLGEjAFsiqf93PqbnRX9r9d1nRTQr5RfGSUtAgAAAE5SAAAAC2gBBwoA0nbzLKwAkSffNm6VsoxJ6GVYwsRWozxoOkjGV4ww-vjOEE0ti793C-B5n_GNPe_iBNQZowbubMMfoCz-BygC5dfaf_zdkZQy1sqrkuc_KAdGCSfkh1lEUA7MHVp7SaeLZV1ZqZk1oBkCtl1YUqIA1tdd2oxLvrDG0jZyiZOmm1cgakV7ljqDae4M_fP55DRZRte2JEZ8LwUO79wl2QB_NcdXFNG2H3j7VvYVL6k38eGTRh-fbvUnxkfs25rE0YFMJ6R3jpw5kbPvEaqS6CJwGRrSDpkBzeZmo2dwet8qKW1iVGrowyX9UnDgw3K2Zqrd2Y-ssPsMwqWWpzYT6bEpNX-Xlp1j_n9lm34wPthbjY8Un62BbGKM1Ymz8hvl0PcgZuFhPIBxDq5cIo19iArl-AfC2wb7F7jgXvcQO16EARNh7iZlXbqVxCPTinMH9Krcd4kciMcB1Y7bztH3SLNMFFUDqSJihRFGTW1WPXR_PgpHrRJ5H2PWb2or35KmnJZ3iFL7I7w4TTRdGKanEqdszRMAwCyupR6OArxnkgHFgsZndSfRhrc5bfW89W1sN337EBMjqqEr4V_xLIbqC8nO-cN83-8KANcJ0XH_aeKkvtKOWqejUeGs7Fh-dnENqI2ljOSdEuNAU9CbC8yfOoYggTT7FKHsgReojOamKig_l8n7p5JA66_NCGy-PQEiVHT1FVE5Ua6cEnEEFDLoG_Y86dE-iRfPhlASIyTXkWkCb0voh5ZUSZKpt39hAlEbijjDpU1SE9zZTObyZA7aXLDICgaxiIE8znsK5R08UTKrbL3rBpyN8oizJcqob9S6J389g2n9nqdn532IUJ395TNMk-TNBW_q8R6tniKgaIRXIF73YOFzkd_n2kSAmR0rmAnrmiBh

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 10:02:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK add
o.wowreality.info/api/log/ Frame 0
0 172ms
56ms Other 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Protocol: HTTP/1.1
Server: 139.45.195.254 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://portalsbrain.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 25 Jan 2021 10:02:24 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://portalsbrain.com

POST
H/1.1 200
OK add Show response
o.wowreality.info/api/log/ 0
403 B 234ms
105ms XHR
text/plain 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Requested by: Host: static.lalaping.com
URL: https://static.lalaping.com/online.js?ver=2.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

Date: Mon, 25 Jan 2021 10:02:24 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://portalsbrain.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length: 0

GET
H/1.1 200
OK KFA8E-kmowdatmTe-H5wdKFGEUxv11ixJj8twflGW_9V7KDTH9njmup03IBOl3RdS_OcE2hucWjyjf3G7meDn2hlHFn8nu0AML4vlhXjSPefIM9VRmYAzuklUD62tKSuEJmd-MdzcTn1ZFx78Nee5ZjxlS9GV1r7OiU_lULt1ixa6VNbIdwDciuH5S4=
onstunkyr.com/impression/ 43 B
482 B 259ms
65ms Image
image/gif 139.45.197.9
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onstunkyr.com/impression/KFA8E-kmowdatmTe-H5wdKFGEUxv11ixJj8twflGW_9V7KDTH9njmup03IBOl3RdS_OcE2hucWjyjf3G7meDn2hlHFn8nu0AML4vlhXjSPefIM9VRmYAzuklUD62tKSuEJmd-MdzcTn1ZFx78Nee5ZjxlS9GV1r7OiU_lULt1ixa6VNbIdwDciuH5S4=?z=3877102&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=12&pl=https%3A%2F%2Fportalsbrain.com%2Face%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.9 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: c931768cdc4dd808af97a4d5eb6a7bcb
Pragma: no-cache
Date: Mon, 25 Jan 2021 10:02:27 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: image/gif
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Vary: Origin
Content-Length: 43
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 0276441336168.png
littlecdn.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/ Frame 1ECF 6 KB
7 KB 12ms
11ms Image
image/png 2606:4700:10::ac43:a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/0276441336168.png
Requested by: Host: inpagepush.com
URL: https://inpagepush.com/400/3877102
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b3e928c0bf59b7e48ad949290f60585d1cbe2f43fe80aa8b560af4c7ff5d159

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:02:27 GMT
cf-cache-status: HIT
age: 4525
content-length: 6498
cf-request-id: 07da97b9dc00002c22f2869000000001
last-modified: Fri, 07 Feb 2020 15:37:35 GMT
server: cloudflare
etag: "5e3d843f-1962"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 617128a2fbf32c22-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H/1.1 204
No Content 3877102 Show response
inpagepush.com/500/ 0
655 B 65ms
65ms XHR
text/plain 139.45.196.10
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3877102?excludes=6762719&oaid=bd2d6fc6a0e84ed1b70b204b95593ea3&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=13&pl=https%3A%2F%2Fportalsbrain.com%2Face%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3877102

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.10 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalsbrain.com/ace/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 4633b761db26a0ed97b70ee633b2f85b
Pragma: no-cache
Date: Mon, 25 Jan 2021 10:02:27 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Origin: https://portalsbrain.com
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Vary: Origin
Expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H/1.1 200
OK 3877102
inpagepush.com/500/ Frame 0
0 60ms
60ms Other 139.45.196.10
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Server

139.45.196.10 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://portalsbrain.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 25 Jan 2021 10:02:27 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://portalsbrain.com
Access-Control-Max-Age: 300
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 01:01:04	Name: IDE Value: AHWqTUlqXPplSLP3FPE0NvqEB7GYp_DeDQQwrDAxZHvHVssy8BaHn5rUWwY_290Q
.portalsbrain.com/	1970-01-20 01:01:04	Name: __gads Value: ID=79d193e56ba81f6c-2255b769c8b900e8:T=1611568942:RT=1611568942:S=ALNI_MaWQkweZ5zG5xDbzc7eCsTAxPG2jA
.portalsbrain.com/	1970-01-19 15:39:30	Name: __cf_bm Value: c858b0fc3f25e19b8ff5ca2915c96516383c35f5-1611568942-1800-AdTor3EBBBYx3oXj0jvK6a2EcgA74wDVJyL3BQ63U5g7MQN+eUWWvtm2zAQslGfCqKpNmFvAJfo8i+CW4DaUDVZjKBw1f2QogaFHH/7+XiYfY56pz17E0t308vIxy5bqulZTHqwNd2SKLdnXXtSTFlM=
.portalsbrain.com/	1970-01-19 16:22:40	Name: __cfduid Value: d82ad5b50eda833cf440e7e50ff03c4ab1611568941
.portalsbrain.com/ace	1969-12-31 23:59:59	Name: gadsTest Value: test

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bedrapiona.com
googleads.g.doubleclick.net
iclickcdn.com
inpagepush.com
littlecdn.com
o.wowreality.info
onmarshtompor.com
onstunkyr.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
portalsbrain.com
read.amazon.co.uk
read.amazon.com
s.wordpress.com
static.lalaping.com
stats.wp.com
toglooman.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
139.45.195.254
139.45.195.46
139.45.196.10
139.45.196.108
139.45.196.129
139.45.197.9
172.217.18.162
192.0.76.3
192.0.77.33
2606:4700:10::ac43:a62
2606:4700:20::681a:97b
2606:4700:20::681a:c76
2606:4700:3034::6815:5426
2a00:1450:4001:801::2004
2a00:1450:4001:814::2001
2a00:1450:4001:819::2002
54.239.33.56
65.9.68.108
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05d1da48b1b2bb6d56ededc7d0a7246da06b40d55e422946ace5c82a228433cb
0b3e928c0bf59b7e48ad949290f60585d1cbe2f43fe80aa8b560af4c7ff5d159
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f030a0246a7cebae0c98e9cd18296ad1e8c48995f99efd6de36775f3ee30d56
1d6ccbd573390effb568e68527ee33ac49ed08ae3c196243abbd12a0218a5bb8
261d6dc86d7002888cd60be2998e37ccf910233d570151dc206564ac459ffdce
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4
40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50230a768774ba88bdeb31d5bf3cdcd95b90248334753ab4256aed572396d97b
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
5ccef01c8b992a66a79e7ee0d1d88303bfd159a77058fc9bd8cef15af49f5aaa
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
71674f16bc0443461156f1bcb86acbc3a5256c97c66cc412b9498972564e01ac
73bbc5206f991d8a603fe956c759d27cc4185cac74373f507b4e2dbf4764047c
7f3e70910f6ae901920194016db3577bc1fc620ee21697baa01478885eaee317
7f9d5092ca0c2c43787427e190908ce09cb7d2601d0e0271b1ed70cae7d2e740
8cc099c3858e21e708fd080f32c09d34ea7f079db0571c940276ac173d216a06
8ce03df9c13a4af727cf11268fb4d5774f4b99816c93067bb60924e85a42e160
983fd9f56123cde9d73cd16548c57643c68097fe828adbf9cca3c7c27d68889d
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
a16df2f75e04129b12a5fde7311c7ea9131418080fd3f6bcb2b28ce1faa2fe8e
a3b6f68baeb9f6f101b2c54f6a4488f9588d8d59c867c6d3472294bea9a5fb95
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd
b1187995a6a31ed3a06d13bae8d36edcc63782f5764897a5a62703d2d6cb840c
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456
c869b073f2716156dfa605a9a07949a0717ebdfee11fc1ede07d272e496c170b
cf44440b5a5d9f372b338ca5859fa02f7a8997b19bfe709fff0bd40a6d6f7f79
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

portalsbrain.com Open in urlscan Pro 2606:4700:3034::6815:5426 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

61 Requests

100 %HTTPS

39 %IPv6

20 Domains

23 Subdomains

17 IPs

4 Countries

559 kBTransfer

1525 kBSize

5 Cookies

13 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

portalsbrain.com Open in urlscan Pro
2606:4700:3034::6815:5426 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

100 %
HTTPS

39 %
IPv6

20
Domains

23
Subdomains

17
IPs

4
Countries

559 kB
Transfer

1525 kB
Size

5
Cookies

61 HTTP transactions
0 data transactions