kimetsuyaiba.online Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kimetsuyaiba.online/
Effective URL:
https://kimetsuyaiba.online/
Submission: On February 11 via api (February 11th 2024, 2:35:43 am UTC) from US — Scanned from NL

Summary HTTP 142 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 31 IPs in 3 countries across 17 domains to perform 142 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is kimetsuyaiba.online.
TLS certificate: Issued by GTS CA 1P5 on December 18th 2023. Valid for: 3 months.

This is the only time kimetsuyaiba.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
6 8	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
3 7	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1 4	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
1	136.243.149.243 136.243.149.243	24940 (HETZNER-AS) (HETZNER-AS)
1 4	144.76.91.199 144.76.91.199	() ()
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a06:98c1:320... 2a06:98c1:3200::17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	168.119.0.148 168.119.0.148	24940 (HETZNER-AS) (HETZNER-AS)
2	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	192.229.233.6 192.229.233.6	15133 (EDGECAST) (EDGECAST)
1	85.114.131.233 85.114.131.233	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3	157.90.6.85 157.90.6.85	24940 (HETZNER-AS) (HETZNER-AS)
142	31

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kimetsuyaiba.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

kimetsuyaiba.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.16.194 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.64.151.101 (San Francisco, United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.171.149 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.149.243 (Eitensheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.91.199 (Bad Bellingen, Germany) 1 redirects

ASN- ()
PTR: static.199.91.76.144.clients.your-server.de

hal900018.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3200::17 (United States)

ASN13335 (CLOUDFLARENET, US)

cj.esprit.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 168.119.0.148 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.148.0.119.168.clients.your-server.de

ads.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.229.233.6 (United States)

ASN15133 (EDGECAST, US)

cdn.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.131.233 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21037.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.90.6.85 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.85.6.90.157.clients.your-server.de

pix.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 114 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	548 KB
25	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 258 ad.doubleclick.net — Cisco Umbrella Rank: 157	293 KB
17	revjet.com ads.revjet.com — Cisco Umbrella Rank: 8930 cdn.revjet.com — Cisco Umbrella Rank: 9544 pix.revjet.com — Cisco Umbrella Rank: 6560	694 KB
14	criteo.net static.criteo.net — Cisco Umbrella Rank: 667 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9305 csm.eu.criteo.net — Cisco Umbrella Rank: 8856	60 KB
13	kimetsuyaiba.online 1 redirects kimetsuyaiba.online	304 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	133 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 627	4 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 37466 hal900018.redintelligence.net — Cisco Umbrella Rank: 263791	10 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 252	5 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8767 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 14835 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10356	44 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
1	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 64795	77 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	5 KB
1	esprit.nl cj.esprit.nl — Cisco Umbrella Rank: 660894	60 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2173	256 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	93 KB
142	17

	Domain	Requested by
26	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com kimetsuyaiba.online googleads.g.doubleclick.net
20	tpc.googlesyndication.com	3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com googleads.g.doubleclick.net kimetsuyaiba.online
13	kimetsuyaiba.online	1 redirects kimetsuyaiba.online
12	cdn.revjet.com	ads.revjet.com srcdoc
10	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	securepubads.g.doubleclick.net	kimetsuyaiba.online securepubads.g.doubleclick.net 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
6	googleads.g.doubleclick.net	3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com pagead2.googlesyndication.com kimetsuyaiba.online
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
5	3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	fonts.gstatic.com	kimetsuyaiba.online
4	hal900018.redintelligence.net	1 redirects 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com hal900018.redintelligence.net
4	ad.doubleclick.net	1 redirects 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com srcdoc
3	pix.revjet.com	srcdoc 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com cdn.revjet.com
3	www.gstatic.com	kimetsuyaiba.online 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	imageproxy.eu.criteo.net	ads.eu.criteo.com
2	ads.revjet.com	3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com ads.revjet.com
2	fonts.googleapis.com	3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com kimetsuyaiba.online
2	www.google.com	1 redirects tpc.googlesyndication.com
1	cdn.contentspread.net	hal900018.redintelligence.net
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cj.esprit.nl	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	rtb.fr3.eu.criteo.com	3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
1	ads.eu.criteo.com	3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
1	hal9000.redintelligence.net	3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	kimetsuyaiba.online
142	30

This site contains links to these domains. Also see Links.

Domain
www.pinterest.com
www.facebook.com
www.youtube.com
www.tiktok.com
www.mangakey.com
www.instagram.com
medium.com
www.patreon.com
www.reddit.com
demon-slayer.online
wordpress.org
foxland.fi

Subject Issuer	Validity	Valid
kimetsuyaiba.online GTS CA 1P5	`2023-12-18` - `2024-03-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
redintelligence.net R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-06`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-10` - `2024-05-05`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-06` - `2024-05-03`	3 months	crt.sh
cj.esprit.nl Cloudflare Inc ECC CA-3	`2023-07-10` - `2024-07-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.revjet.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-11`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-27` - `2024-03-21`	3 months	crt.sh
cdn.revjet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-03-11`	a year	crt.sh
contentspread.net R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://kimetsuyaiba.online/
Frame ID: 62D792D159326219A465D88890CF08C8
Requests: 31 HTTP requests in this frame

Frame: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 078C034B91E58E3EBFB9CA18BEC4DB4E
Requests: 1 HTTP requests in this frame

Frame: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B70189BE5B265090AFEFB1FED0E00CC6
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjpgrzGATAB&v=APEucNWBLA8U9wEDFN0CBE5nsNdPWbiSjJ9JyObiyX07gJoBtWLw3096IqrIHnfjUEW2z_wF9pyDv3bAsdG-vUsjdzeLQbKR-F7i-2KWeERrVckwdAUVQM6JAN25Zg7rNdAoqk9LISwwdCn9D01q_vUbTKLlsUqrt3apFol8Fd1so3-lEgfOpSQkukU8sj5eKuv0bcxFWhraSg1yT1LB9UQvjToCrnGmXw
Frame ID: 8F334C5E7F3F7117A30EC46DDEFFB366
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 779D9B2BAE73C51329AFC3799F1B03AF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 86356D60970ED059AB335BF5859F3607
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E0C2B67EA4EF24283699A107CB543BC1
Requests: 3 HTTP requests in this frame

Frame: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5BE9879DBFA34848870B5A95934CBB5B
Requests: 6 HTTP requests in this frame

Frame: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 976F475B8B9ED7DB612B00B21D63684C
Requests: 1 HTTP requests in this frame

Frame: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0B24AECE6CBDFC71562E7C11F8591265
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 87A10DBB9B9DCA172952C0ABBE0DACD1
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EB590CD679BD57D0D1528F2869DE3559
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGL3h3t4BMAE&v=APEucNVV5iVsMBEBqyGFY88fkUdB9OGswXnahcDTcr1VUPG8oBmEAAzVmSoiwsStDIolfnkwu0QgVJJFzmTc7R5MBW8edUuD5DilnkQoxrHb6RtQcAuMjKBXzjn7_gvKCdVqSAoM2mipmIMxRtr9PjTP2oDAnmrkhgvdVxqGmWrCMNboXPo-FbAMeCV2rVjmS1Df8mWlNH24X3x3-mX08iNuteBAL2aSVw
Frame ID: 1813A002A3AA62477367AAC8F921D312
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 3C1CA6771BFA68288B2CB02EA25F2480
Requests: 17 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcgyeQAOGLsIu-zuAAJJt08Xh6BW9jHHddM_nQ&u=%7COWsr6%2B1RJaqefFEqTJJQ48GNu8Kmx0kN9%2FV9bpe%2FZs0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbv-ijrtW0LJYF7cugykHzstgU1_xQHWj6LMT3Gfludza6PnFn51z_Yr7nrW1X22fKIsd4WW69GVBPUxbP-XBgQt8jtyxQPLYiZOYxkfBYjdI-EUrpy1HmYpmWmpHzVbnI2mrwkthZArA3EAIHluHlfLanR8YlnpZHcD1QPXYnEn3IW9k2lW9fs7J3qjj33wyR2dZmq7W97eWiWaBTN48zClhYtDEXEA2Pua0e6sYLxjwMTUV7Fvx4tCbVgzq5TS0CIrK6FWZM-nf2A1LwcfJbvpWTky_Y5AobXvx58E1L58XAPGIGXtr13XcD1WmfSTgrWFZXrnEt4feaZgU12pIkIkV-u3n874BOdy0oOMDGCK9GhO205oHcfqrakpGuTlQ7XOK-qPBMHKDR6XUpYLfcxYi_Jqm6nm4NqP3gxSyEJ7INV-vMX_b84anJyAljNOKWex_You0RN7nh-i31chBbO1QYrNK0KgYKlOeT-5gR2ZzPEOYCK-fCVdJZRypSxH2DRjvtlORZEw6LG7otRTyLwOV5gpS9bCUP7PC85PrzQwkKfhIqejfhisDQPyWW5Z21o-_wHB2IL-o8abEAuMj4Kr0Q1FNfqciNspx1tv2kOzoNZuBkDXCVmZHKxlYgLzgWw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzvTVeTLIZbuxOO7Z7_UPt5OJkArJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjIwNTEyMTA2MjE0MDgxMsgBCakCXUrA9bAXsj7gAgCoAwHIAwKqBJ4CT9BYITP0LlCBHC_s73joMcK3cC-joQzmpmQiylTnWMgdIdsjBWZev8Vei5C9kYA9dpGn6JOh4k-c7cBO528eR0-z2Q7QPpclZ6uS7xIIkcLgx5AWKVOV36_JP5RCvgapnUgym1Mx6LT4DNckDAr_v3TZv7mHLDgUghv4LGHq-Z_ycHNx4-WIkoHdWY0eHtZws8yhEudZ11HmoET-1yv-Iaj6MoY_Lx5l7nsYJPANHHp0Y-qNQFgQE8Vb4OG0db4dW9BYwhY7By-LNTlOMfngGMTcrCTv3Tv4fNEPqNpXiE3E357QTAUCJkmumpBUp9PDLrKAdEorGi9pwfeBK6SO9SSbHXvwJFSyfMlZRybEko55_jE_ejwC2Yp_medPW-AEAYAGvPiU0bK81LSHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAEBABMgKqAjoJgECAgISAgIQISL39wTpYhv7HoaCihAP6CwIIAYAMAeINEwj7q8ihoKKEAxXu7LsIHbdJAqLQFQGAFwE%26num%3D1%26sig%3DAOD64_27qNYj3i6isnBZysYzGrtqdYlu9w%26client%3Dca-pub-2205121062140812%26adurl%3D
Frame ID: 96C824178727EADF363A47CE8E5D9AC2
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js
Frame ID: B5C9ADAD0F08887635EDCBD6BE1845D1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 90CF363FD60E5A0C2C42556DB625B0BA
Requests: 3 HTTP requests in this frame

Frame: https://hal900018.redintelligence.net/request_content.php?s=41942700006765204444474012597018&a=cf8409d8
Frame ID: A58D1B96E7A30CD4CBA7A71E3F1D4A19
Requests: 4 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2F3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
Frame ID: 3090E0D72A9F501217FFD0C5863AFB19
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Frame ID: 1D26D20683859B819CE82376CBDE4011
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Demon Slayer Manga Online Tanjiro,Nezuko,Muzan

Page URL History Show full URLs

http://kimetsuyaiba.online/ HTTP 301
https://kimetsuyaiba.online/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

142
Requests

92 %
HTTPS

65 %
IPv6

17
Domains

30
Subdomains

31
IPs

3
Countries

2508 kB
Transfer

5085 kB
Size

23
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.pinterest.com/mangaclubhouse/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.facebook.com/profile.php?id=61556187755134
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC7mCDcHBu0eftTW3i4I7crQ
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@mangaclubhouse
Title: TikTok

Search URL Search Domain Scan URL

URL: https://www.mangakey.com/
Title: WordPress

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mangaclubhous/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://medium.com/@manga.clubhouse
Title: Medium

Search URL Search Domain Scan URL

URL: https://www.patreon.com/user?u=118403332
Title: Patreon

Search URL Search Domain Scan URL

URL: https://www.reddit.com/user/clubmanga
Title: Reddit

Search URL Search Domain Scan URL

URL: https://demon-slayer.online/
Title: https://demon-slayer.online

Search URL Search Domain Scan URL

URL: http://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

URL: https://foxland.fi/
Title: Foxland

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kimetsuyaiba.online/ HTTP 301
https://kimetsuyaiba.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFjkpEHRI9nzD33_gZ4A_io&google_cver=1

Request Chain 38

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcgyermqPWQAADLnACeLFgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFjkpEHRI9nzD33_gZ4A_io&google_cver=1

Request Chain 39

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENmRSuKTb7R8if_rQFNSIHg&google_cver=1

Request Chain 40

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYxMzY3NzgzMDA2NTY5NTQy

Request Chain 54

https://hal900018.redintelligence.net/request.php?zone=kqb6i1ypdv7u&nw=20&renderingType=javascript&namespace=ab7401ef4e&subid=&uid=c4a7af3dfb91c860&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu_KNeTLIZdLnLayh7_UPt6ywyAPM-Yagaau0x__3D_AuEAEgsZPteWCRBMgBCakCXUrA9bAXsj6oAwHIA5sEqgT2AU_QS2IJZzoVeIKqIFbHfQvSutOyYd4wzeZYpMdfkoEq-DmO9yhhGK498aYC9C9VsPfMDryAa00F_loFV2qCJSqmQErCjY8NwKJXuR_ho2bi4lM0hquzeEqlVqps2mUNmDCSv7OD5HwcXB7ChhDKcagWZvWijoF4YIQliXSua0l9RqKvACx5OW3p8dThGo6zzxB_2kH3zflhawK-yNeF8sct4D9wvdW9Ha6GKDVFk_TMPmInHjFJGDLQI5rGvzOEtpA1zvg-SfwJrMXIhmD09CAj5okb5PYGfo7NPpVGOxprZeU5cElQ88eEMHfduo5QPOCoDn4SMsAE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYqfrHoaCihAOACgOYCwHICwGADAGqDQJOTOINEwjHocihoKKEAxWs0LsIHTcWDDmwE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwGyGAUYTSIBAA%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_RM4LsHjbOVe1UU-MvTHt1GXGf1w1ISwgjY-9z1BU02cxfUsDq5FwSCWopfz7iRVCx8JGFqTkZbm8ZKwAOEsNODdj45gwTDozolIYAQ%26sig%3DAOD64_10ssyIYBpYHKgmLy6sD8U237m70Q%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-AfM2YMuq5wuErzhaETbWSHIHhMRXe-bDOAto5_zYBI3DOAvDHbFA_BOCUXU_cdl6MD6VzdHM0wr6uRclG7sKtLaLNJylwXbTHBjXVJfmvipeLXRnJdY3M9mKTmTaxjsVB89H3oCp2-5dLrq-eUn4hkHJau1J45qaK620ixXRfAeMbr6ug%26cry%3D1%26dbm_d%3DAKAmf-BbNnZv3wNxElnaE0cHrrd9YP6kzzqbNBJyODnJQdvsi6T9bE7zLiMp52-tXCZkvjGcZRfXm7iU8vniy5mdsFG-K9tR80BCiuxtIabC1stoaZCTsqZ_azvZGXZDlN5rDR_ZWAGBn0m9_TKi7FxjiRYcFDFIrGeOzS65cZ_-HF_9P0MpNb7jSI0hb6S0RhFykm9k1-q88fCtACpEGqsy6mUqLyAFu3PxPO8J1P-PnMVtcVopI9IaFpF_zkiw9f-sxWtI_w4ZdMEuqkZWzGjP1PCXxd_fJT2K0vYcB2eYxyLOlcBf7OgktGs_i4p0cmgiduJLgiS1lTPUBXdX2jyVKf1smZxFcwqN1lTKRIpa4nMXQd2KnltDU5NFN_FraTAigm6kp3vPPouqREPwPDaiDqvKfwmPqo80MuGF_zpgXIR1fuIKwrotQWPLHP01W4s755KAjdYcR8rAUzgW1ohMV6QEEnUopFHJ0BCImMTQCKWzpBWaBEMGfSa9k5QNXIT6fJkg0F_M0RcgYxmuTwdMennDw3Faa1wIWTim0wtvZ1M3VxenfYp8u9el2LT2XfKDxOwUy8OL%26adurl%3D&documentReferer=https%3A%2F%2Fkimetsuyaiba.online%2F&ancestorOrigins=https%3A%2F%2Fkimetsuyaiba.online&random=9765430182956&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900018.redintelligence.net/request.php?zone=kqb6i1ypdv7u&nw=20&renderingType=javascript&namespace=ab7401ef4e&subid=&uid=c4a7af3dfb91c860&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu_KNeTLIZdLnLayh7_UPt6ywyAPM-Yagaau0x__3D_AuEAEgsZPteWCRBMgBCakCXUrA9bAXsj6oAwHIA5sEqgT2AU_QS2IJZzoVeIKqIFbHfQvSutOyYd4wzeZYpMdfkoEq-DmO9yhhGK498aYC9C9VsPfMDryAa00F_loFV2qCJSqmQErCjY8NwKJXuR_ho2bi4lM0hquzeEqlVqps2mUNmDCSv7OD5HwcXB7ChhDKcagWZvWijoF4YIQliXSua0l9RqKvACx5OW3p8dThGo6zzxB_2kH3zflhawK-yNeF8sct4D9wvdW9Ha6GKDVFk_TMPmInHjFJGDLQI5rGvzOEtpA1zvg-SfwJrMXIhmD09CAj5okb5PYGfo7NPpVGOxprZeU5cElQ88eEMHfduo5QPOCoDn4SMsAE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYqfrHoaCihAOACgOYCwHICwGADAGqDQJOTOINEwjHocihoKKEAxWs0LsIHTcWDDmwE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwGyGAUYTSIBAA%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_RM4LsHjbOVe1UU-MvTHt1GXGf1w1ISwgjY-9z1BU02cxfUsDq5FwSCWopfz7iRVCx8JGFqTkZbm8ZKwAOEsNODdj45gwTDozolIYAQ%26sig%3DAOD64_10ssyIYBpYHKgmLy6sD8U237m70Q%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-AfM2YMuq5wuErzhaETbWSHIHhMRXe-bDOAto5_zYBI3DOAvDHbFA_BOCUXU_cdl6MD6VzdHM0wr6uRclG7sKtLaLNJylwXbTHBjXVJfmvipeLXRnJdY3M9mKTmTaxjsVB89H3oCp2-5dLrq-eUn4hkHJau1J45qaK620ixXRfAeMbr6ug%26cry%3D1%26dbm_d%3DAKAmf-BbNnZv3wNxElnaE0cHrrd9YP6kzzqbNBJyODnJQdvsi6T9bE7zLiMp52-tXCZkvjGcZRfXm7iU8vniy5mdsFG-K9tR80BCiuxtIabC1stoaZCTsqZ_azvZGXZDlN5rDR_ZWAGBn0m9_TKi7FxjiRYcFDFIrGeOzS65cZ_-HF_9P0MpNb7jSI0hb6S0RhFykm9k1-q88fCtACpEGqsy6mUqLyAFu3PxPO8J1P-PnMVtcVopI9IaFpF_zkiw9f-sxWtI_w4ZdMEuqkZWzGjP1PCXxd_fJT2K0vYcB2eYxyLOlcBf7OgktGs_i4p0cmgiduJLgiS1lTPUBXdX2jyVKf1smZxFcwqN1lTKRIpa4nMXQd2KnltDU5NFN_FraTAigm6kp3vPPouqREPwPDaiDqvKfwmPqo80MuGF_zpgXIR1fuIKwrotQWPLHP01W4s755KAjdYcR8rAUzgW1ohMV6QEEnUopFHJ0BCImMTQCKWzpBWaBEMGfSa9k5QNXIT6fJkg0F_M0RcgYxmuTwdMennDw3Faa1wIWTim0wtvZ1M3VxenfYp8u9el2LT2XfKDxOwUy8OL%26adurl%3D&documentReferer=https%3A%2F%2Fkimetsuyaiba.online%2F&ancestorOrigins=https%3A%2F%2Fkimetsuyaiba.online&random=9765430182956&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 82

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 83

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFjkpEHRI9nzD33_gZ4A_io&google_cver=1

Request Chain 84

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcgyermqPWQAADLnACeLFgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFjkpEHRI9nzD33_gZ4A_io&google_cver=1

Request Chain 85

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENmRSuKTb7R8if_rQFNSIHg&google_cver=1

Request Chain 86

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYxMzY3NzgzMDA2NTY5NTQy

Request Chain 131

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251383.357501253;dc_trk_aid=548435067;dc_trk_cid=185424923;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1707618938876 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251383.357501253;dc_pre=CIWkkqKgooQDFUKOgwcdi5YAtg;dc_trk_aid=548435067;dc_trk_cid=185424923;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1707618938876

142 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kimetsuyaiba.online/
Redirect Chain

http://kimetsuyaiba.online/
https://kimetsuyaiba.online/

133 KB
38 KB

116ms
71ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kimetsuyaiba.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90813bce42ca05582f36fcb84e650c8e0081de6c49107cc98285c214515e732f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85393316df5abb73-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 11 Feb 2024 02:35:37 GMT
last-modified: Sun, 11 Feb 2024 01:49:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SEiwm5Tj6se8ZSJtnNnq6yB3H2gLTrTazDiVlBDgVa64%2BreBvjFwq0hiYw9%2BdsC9X%2FcNFKad4EJjGta%2BfjWdIaBNbb%2FZ1l6gyl8JrtAo7bBp0cFfpYG6yzwFX7cknGFAPcudyzq60oKdluRkV9m3KnBg"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 853933166ee23686-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 11 Feb 2024 02:35:37 GMT
Expires: Sun, 11 Feb 2024 03:35:37 GMT
Location: https://kimetsuyaiba.online/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHCptHmwMKy1lNy9VIp3%2BcFPNz8monW6%2FxYGbOP4znEdNSnLVRRtCmyofxN1NDzEblYQfFOjtC%2Bl2bzalh%2FjJmByCllkMv3esYZyUs5tXN%2B%2Bl75rcXDDkiCU9AVXxK5yVidRSVvEU3P9h%2FpGWjaKrxJQ"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 96 KB
29 KB 95ms
35ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9be80b4aee138897040216a12a87976850fd0016b1e7cb9beb483840b012a8be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kimetsuyaiba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29068
x-xss-protection: 0
server: cafe
etag: 412 / 19764 / 31081089 / config-hash: 3544666277437429358
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 02:35:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 279 KB
93 KB 81ms
34ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3DDFRY46J3

Requested by

Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a96dca7ba587579a0f071a8e23823e18d50fa7a3f6f44e63028f88e5a87193c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kimetsuyaiba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94900
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 11 Feb 2024 02:35:37 GMT

GET
H2 200 S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ 17 KB
17 KB 93ms
47ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI9w2_Gwft.woff2

Requested by

Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kimetsuyaiba.online/
Origin: https://kimetsuyaiba.online
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 08:30:07 GMT
x-content-type-options: nosniff
age: 65130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17728
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Feb 2025 08:30:07 GMT

GET
H2 200 S6uyw4BMUTPHjxAwXjeu.woff2
fonts.gstatic.com/s/lato/v24/ 5 KB
5 KB 103ms
56ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2

Requested by

Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kimetsuyaiba.online/
Origin: https://kimetsuyaiba.online
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 09:08:53 GMT
x-content-type-options: nosniff
age: 408404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5472
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 09:08:53 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 66ms
20ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kimetsuyaiba.online/
Origin: https://kimetsuyaiba.online
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:07:30 GMT
x-content-type-options: nosniff
age: 448087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2025 22:07:30 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 85ms
38ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kimetsuyaiba.online/
Origin: https://kimetsuyaiba.online
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 23:56:10 GMT
x-content-type-options: nosniff
age: 268767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Feb 2025 23:56:10 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
47 KB 104ms
58ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kimetsuyaiba.online/
Origin: https://kimetsuyaiba.online
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:26:00 GMT
x-content-type-options: nosniff
age: 360577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 22:26:00 GMT

GET
H2 200 frontend-blocks.js Show response
kimetsuyaiba.online/wp-content/plugins/simple-social-buttons/assets/js/ 0
344 B 26ms
26ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kimetsuyaiba.online/wp-content/plugins/simple-social-buttons/assets/js/frontend-blocks.js?ver=5.1.2
Requested by: Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kimetsuyaiba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:37 GMT
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2024 19:57:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4380
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdXMKfFw1CEi4unC%2FQjC3%2BMaFXCzJgMp1xmeP2dB4ZCSBpOMdOZXjU6nw1kxYpBTY7NZqf28hAVzeCAYzMQHuaSowyPQadlMuBNxPs9dFzbsqAAhrBOX4%2BxN917%2FT9hMZ2diFUI2TEqQjbb%2BaqaSkXQF"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 853933177fc1bb73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 jquery.min.js Show response
kimetsuyaiba.online/wp-includes/js/jquery/ 86 KB
31 KB 32ms
31ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kimetsuyaiba.online/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kimetsuyaiba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2024 19:45:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4380
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tu4GNan5hz0gvU0Xw%2Fq1xoq3U5IomqsHEQkhwr2Ef%2FitKvu6jzHdU%2BdiyD9oPAtkordzSLFNy73T0qfw6mp%2BkGV65Y%2BpbKXLWJW4wNzoFjop7uIMTNEuH1yjxP9MQ0vz6SvvkvZvIEvR0KLyLtr4r6mo"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 853933177fc2bb73-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
kimetsuyaiba.online/wp-includes/js/jquery/ 13 KB
5 KB 29ms
28ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kimetsuyaiba.online/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kimetsuyaiba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2024 19:45:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4380
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AuCvs1lsYGjknJJVUfhFNoImSlPFHNObAhMtdG%2B0txtAc3AMrCKcNQWZfYsc7nVIVD%2BZ9PROWmri6k2QISw6tT7oN66D%2BASa6BRPpruUYDM9vq%2FRh8bYL9UOJf8pycx8Xj%2FYg%2BcccDr9EkLG1esd9mK"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 853933177fc3bb73-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 front.js Show response
kimetsuyaiba.online/wp-content/plugins/simple-social-buttons/assets/js/ 7 KB
2 KB 27ms
26ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kimetsuyaiba.online/wp-content/plugins/simple-social-buttons/assets/js/front.js?ver=5.1.2
Requested by: Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f0c785ba1945c5c419f212228f41d0ce8dbc5f0c67ab3340ebb984f4a97751a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kimetsuyaiba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2024 19:57:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4380
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSfDgYl6%2BONb1eeQvML9OXvhXcdJvNMQbIJmhwFnp9to7BgyubB27edrN5OjwMKrMGA0IklMql0CbBIwkjMjqQZRj9IW2wMHZo1hUQl7g52jEtMOBPppMLlJo47Xaf8Gv8ND6nD5Ze5nK3JIa%2B1A7m%2B1"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 853933177fc4bb73-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 keynav.js Show response
kimetsuyaiba.online/wp-content/plugins/comic-easel/js/ 933 B
644 B 30ms
29ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kimetsuyaiba.online/wp-content/plugins/comic-easel/js/keynav.js
Requested by: Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fbb60324ba018c58305566d35e4f580630b41aeb9bb737daef3314a6b100121

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kimetsuyaiba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Oct 2019 11:20:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4380
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UV6LfxnwiQQVcN9l2kd6ErUC7TcCzeDCiyzGaPptBVVFEICsd2EHHRK7Lnxar0z2CO1hK0oe7zGpPKwAwhI55gGgqYLWfE5GQzdX5%2FQQqx%2FVwq5%2BmnlM6SA%2FMXx%2BExSSv07HW6jqjEjd6kJDEg07Kuex"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 853933177fc5bb73-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 responsive-nav.min.js Show response
kimetsuyaiba.online/wp-content/themes/toivo-lite/js/ 6 KB
2 KB 28ms
28ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kimetsuyaiba.online/wp-content/themes/toivo-lite/js/responsive-nav.min.js?ver=1.2.0
Requested by: Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee875d1b0a82057344852ee7a374ac88a66e6b38da6b096b2fd3ed5719cd4f21

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kimetsuyaiba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 16:06:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4380
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqwQa3bNyWlJKjGUJCrBmuwcJWjITLQyni77s7znrKNIhH4acVjtNqnVxQM4F%2Bb1%2FbkojK0le1IjJDtm9fXaM93GtuJwnPYUZeHkjn2tw0uVGkZFGgPxbTfCGZ6o0nnSCtgrab7ELDTTV2e8Kbwkqbn5"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 853933177fc6bb73-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 settings.min.js Show response
kimetsuyaiba.online/wp-content/themes/toivo-lite/js/ 2 KB
615 B 30ms
30ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kimetsuyaiba.online/wp-content/themes/toivo-lite/js/settings.min.js?ver=1.2.0
Requested by: Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24323c81d8ec5b4424e82ab58f31cd68597f6a0c7f16cf97dab30e4feab7fac2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kimetsuyaiba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 16:06:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4380
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0etFWZOPVatDtcgahXBregPMORHgXm5lVK%2BPo6xPX%2BIvrDH1N6KsaYDEzbez%2B2I1P7OVSe%2BLn5Zv4YsefF0Dsw7g6EbteO7muu6HV3Q6zWxMUOkawXbJ1msUDdWC7DncxBL0jV2f0zjUz84K7HXzYEFg"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 853933177fc7bb73-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 functions.min.js Show response
kimetsuyaiba.online/wp-content/themes/toivo-lite/js/ 1 KB
912 B 31ms
31ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kimetsuyaiba.online/wp-content/themes/toivo-lite/js/functions.min.js?ver=1.2.0
Requested by: Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ab6f289c1c8abc08c0a8fb6c7aea66cf8164d514c3cef0e29d9f81c474f5e65

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kimetsuyaiba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 16:06:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4380
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1hMSWndWf8WDxMG7PoMEgshuuyYNRuS0jqM%2B2pTdevgb%2F0VBYVr1KMTDiKQL2wArDaxWdT4bh%2BfQeNzd0kw2GAVqziiinF0izFII%2FTXtuX8JRp%2Bsan4TH0rFHFxWh81TweK0gRamYbGU3K3EWWMZfMQ"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 853933177fc8bb73-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 lazyload.min.js Show response
kimetsuyaiba.online/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
3 KB 65ms
65ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kimetsuyaiba.online/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by: Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kimetsuyaiba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:37 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 09 Feb 2024 19:57:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2BRJ4oYkQz6WVZKNe39minyPMNw9FzwTcMxDOKzFrRO84lt%2FHcuCfpc0Wf67KVLN7y6seSmRqKUlm7Uhrw2CI5Vve3CXEQIsQOujD0219Odqh%2FuKOpKyfINLkgouQN7cp1PlBeMnrHyTW7SvqVIgogfh"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 85393317bf80912e-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35a6cc858f7ab90655e361272e24b444b749e3c87b72cbecde9845272ef075b6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cropped-IMAGE_1678944687-1-1.jpg
kimetsuyaiba.online/wp-content/uploads/2023/06/ 168 KB
168 KB 62ms
62ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kimetsuyaiba.online/wp-content/uploads/2023/06/cropped-IMAGE_1678944687-1-1.jpg
Requested by: Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09e69ffe850be535eb89f57b120e9b3e359fbae3fd0394b60a8b0c409656d181

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kimetsuyaiba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:37 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 10 Jun 2023 20:09:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuHin0Ze28AYXUbO%2FsSSZXvsy8j42veRZ1qtAduKAqrD5TFiPDPCATryJAX8i8cnJ5GTkApW8Z8o8GVac3hQvp8jwGxejgEjrzG0RQq8D0QbHcfKGyM5evR%2F%2BiGOKBv0HBtKYz8EpcxmEdCY3VRpBO6z"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 85393317cf84912e-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2296ad963561232639dba37439e330c1bfed2f9f79d62ca1960c242f96a11bcb

Request headers

Referer
Origin: https://kimetsuyaiba.online
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402080201/ 430 KB
135 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402080201/pubads_impl.js?cb=31081089

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a75ade244357b72c307d1201f4e1a748951dd96f1237beed544b640bde2cb11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kimetsuyaiba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10736
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138443
x-xss-protection: 0
server: cafe
etag: 2029179791382905741
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 09 Feb 2025 23:36:41 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 70 B
87 B 70ms
30ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=kimetsuyaiba.online

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

399f09ce742e0b6b3e4a256a6d9978f14c964856819f7b76fd947708097fff86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kimetsuyaiba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Sun, 11 Feb 2024 02:35:37 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 48ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3DDFRY46J3&gtm=45je4270v9118781245za200&_p=1707618937504&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=280376746.1707618938&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707618937&sct=1&seg=0&dl=https%3A%2F%2Fkimetsuyaiba.online%2F&dt=Demon%20Slayer%20Manga%20Online%20Tanjiro%2CNezuko%2CMuzan&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=370
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3DDFRY46J3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kimetsuyaiba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kimetsuyaiba.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 demon-slayer-kokushibo-upper-moon-uhdpaper.com-4K-8.2023-wp.thumbnail-1.jpg
kimetsuyaiba.online/wp-content/uploads/2023/05/ 50 KB
51 KB 38ms
38ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kimetsuyaiba.online/wp-content/uploads/2023/05/demon-slayer-kokushibo-upper-moon-uhdpaper.com-4K-8.2023-wp.thumbnail-1.jpg
Requested by: Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1d4da690e11e688a3da04678a6e96aa45293acb0d6d1eb0083fd7fe7517241f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kimetsuyaiba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:37 GMT
cf-cache-status: HIT
last-modified: Wed, 17 May 2023 02:33:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2357
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5jRvY2RBmfFoA9ZTbtC9OaMaxfnVXLK6QkJ13pk9vqDH1gTIyePqxB0s8%2BD9hxQnFNIjufmNqwQoNRuYwIQj7wlcyDIdpknQl7YTyRSBNZO8EANEzdAr2aGM%2BW8%2Fg7KhXlL9sALerX8Yh7NdmAplXlE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 853933186fea912e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 253 KB
66 KB 633ms
633ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=500805677477176&correlator=4450588202480037&eid=31079957%2C31080777%2C31079240%2C31081089%2C44807747%2C31079527&output=ldjh&gdfp_req=1&vrg=202402080201&ptt=17&impl=fifs&iu_parts=21857590943%3A23005440050%2Ckimetsu-yaiba.online%2Ckimetsu-yaiba.online_interstitial%2Ckimetsu-yaiba.online_anchor%2Ckimetsu-yaiba.online_300x250_1&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4&prev_iu_szs=1x1%2C1x1%2C336x280%7C300x250&ifi=1&sfv=1-0-40&ists=6&fas=8%2C1%2C0&fsapi=4&eri=4&sc=1&cookie_enabled=1&cdm=kimetsuyaiba.online&abxe=1&dt=1707618937709&adxs=-9%2C-9%2C632&adys=-9%2C-9%2C692&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=kimetsu-yaiba.online&loc=https%3A%2F%2Fkimetsuyaiba.online%2F&vis=1&psz=0x-1%7C0x-1%7C700x0&msz=0x-1%7C0x-1%7C700x0&fws=2%2C2%2C0&ohw=0%2C0%2C0&ga_vid=280376746.1707618938&ga_sid=1707618938&ga_hid=585458642&ga_fc=true&dlt=1707618937487&idt=196&adks=2759728652%2C617229251%2C4117190546&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402080201/pubads_impl.js?cb=31081089

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba2463b2b911c0859a8e053b1e7ef56110fa70806fba0b8f6a6d2e1a4305d0ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kimetsuyaiba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67923
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kimetsuyaiba.online
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 228ms
228ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=500805677477176&correlator=4450588202480037&eid=31079957%2C31080777%2C31079240%2C31081089%2C44807747%2C31079527&output=ldjh&gdfp_req=1&vrg=202402080201&ptt=17&impl=fifs&iu_parts=21857590943%3A23005440050%2Ckimetsu-yaiba.online%2Ckimetsu-yaiba.online_300x250_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=336x280%7C300x250&ifi=4&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=kimetsuyaiba.online&abxe=1&dt=1707618937715&adxs=632&adys=8401&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=kimetsu-yaiba.online&loc=https%3A%2F%2Fkimetsuyaiba.online%2F&vis=1&psz=700x0&msz=700x0&fws=0&ohw=0&ga_vid=280376746.1707618938&ga_sid=1707618938&ga_hid=585458642&ga_fc=true&dlt=1707618937487&idt=196&adks=1577223049&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402080201/pubads_impl.js?cb=31081089

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

320b61956b26352c8f3ec26fda5e8e3f3f296974003261f96776acb0d4f44ec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kimetsuyaiba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11613
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kimetsuyaiba.online
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 078C 6 KB
3 KB 205ms
27ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402080201/pubads_impl.js?cb=31081089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kimetsuyaiba.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 02:35:37 GMT
expires: Mon, 10 Feb 2025 02:35:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402080201/ 45 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402080201/pubads_impl_page_level_ads.js?cb=31081089

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402080201/pubads_impl.js?cb=31081089

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6ebe4f0c6cdf8fe56c15a6420b32dba3591993e9166bfe971a18862ff69f7c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kimetsuyaiba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:38:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10639
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14639
x-xss-protection: 0
server: cafe
etag: 6793312816812079439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 09 Feb 2025 23:38:18 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 83ms
35ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402080201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402080201/pubads_impl.js?cb=31081089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ed470bb02d9d30334fae8efb2e4d141125c0593c32804b17f1c1954b73f5523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kimetsuyaiba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12213
x-xss-protection: 0

GET
H2 200 container.html Show response
3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B701 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402080201/pubads_impl.js?cb=31081089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kimetsuyaiba.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 02:35:37 GMT
expires: Mon, 10 Feb 2025 02:35:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8F33 624 B
826 B 81ms
33ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjpgrzGATAB&v=APEucNWBLA8U9wEDFN0CBE5nsNdPWbiSjJ9JyObiyX07gJoBtWLw3096IqrIHnfjUEW2z_wF9pyDv3bAsdG-vUsjdzeLQbKR-F7i-2KWeERrVckwdAUVQM6JAN25Zg7rNdAoqk9LISwwdCn9D01q_vUbTKLlsUqrt3apFol8Fd1so3-lEgfOpSQkukU8sj5eKuv0bcxFWhraSg1yT1LB9UQvjToCrnGmXw

Requested by

Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 02:35:38 GMT
expires: Sun, 11 Feb 2024 02:35:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B701 93 KB
33 KB 99ms
53ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 02:35:38 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B701 42 B
173 B 108ms
63ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B5zVB3LzQvSec8zEM5FdKnnOt2N3T6lsjxFvbRoY9fcM0aaf-n9NeMBBR9vGwQiHi-kw5grkkW_DQqS8XVpUMy1dBVC77G10TqJYOKT4L96DhpUO8

Requested by

Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame B701 3 KB
1 KB 83ms
23ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 17:53:28 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame B701 20 KB
9 KB 82ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 22:58:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13039
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 22:58:19 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame B701 203 KB
62 KB 64ms
19ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 01:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 02:53:28 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 108ms
82ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402080201/pubads_impl.js?cb=31081089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kimetsuyaiba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Feb 2024 02:35:38 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 8F33
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFjkpEHRI9nzD33_gZ4A_io&google_cver=1

43 B
340 B

37ms
37ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFjkpEHRI9nzD33_gZ4A_io&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjpgrzGATAB&v=APEucNWBLA8U9wEDFN0CBE5nsNdPWbiSjJ9JyObiyX07gJoBtWLw3096IqrIHnfjUEW2z_wF9pyDv3bAsdG-vUsjdzeLQbKR-F7i-2KWeERrVckwdAUVQM6JAN25Zg7rNdAoqk9LISwwdCn9D01q_vUbTKLlsUqrt3apFol8Fd1so3-lEgfOpSQkukU8sj5eKuv0bcxFWhraSg1yT1LB9UQvjToCrnGmXw
Protocol: H2
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=isJ2%2BA3lZCUsW59pape4zhETSNB0cFGwPDy7B0OxLtDYJs3lSypYLMYYWURI1F80Fk%2BI7uJwCL53PWQr78EtB%2Bm6%2FFE3I%2FeTsX4ApFtHMbJnI3QAGoPFzSBo4bak9gUPhsS37o0zZYVDHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8539331b9ec04db8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFjkpEHRI9nzD33_gZ4A_io&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8F33
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcgyermqPWQAADLnACeLFgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFjkpEHRI9nzD33_gZ4A_io&google_cver=1

43 B
774 B

33ms
33ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFjkpEHRI9nzD33_gZ4A_io&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjpgrzGATAB&v=APEucNWBLA8U9wEDFN0CBE5nsNdPWbiSjJ9JyObiyX07gJoBtWLw3096IqrIHnfjUEW2z_wF9pyDv3bAsdG-vUsjdzeLQbKR-F7i-2KWeERrVckwdAUVQM6JAN25Zg7rNdAoqk9LISwwdCn9D01q_vUbTKLlsUqrt3apFol8Fd1so3-lEgfOpSQkukU8sj5eKuv0bcxFWhraSg1yT1LB9UQvjToCrnGmXw
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbE5DKcXY5lFBRHEdpRw2sAqWTW2nh5%2BO4OrFB0%2Bw7%2FOA0Ma%2BOUGMIFs5hycVnOrTcmUiyK0Hh1I57eu8gET1oWHRWRPsEJXdZK1ANpiVTtP53T%2BDOy%2BhX2xQvSdxMToi6e4YE%2FqUpWhQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8539331c0ffd9a3b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFjkpEHRI9nzD33_gZ4A_io&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 8F33
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENmRSuKTb7R8if_rQFNSIHg&google_cver=1

43 B
1 KB

21ms
20ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENmRSuKTb7R8if_rQFNSIHg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjpgrzGATAB&v=APEucNWBLA8U9wEDFN0CBE5nsNdPWbiSjJ9JyObiyX07gJoBtWLw3096IqrIHnfjUEW2z_wF9pyDv3bAsdG-vUsjdzeLQbKR-F7i-2KWeERrVckwdAUVQM6JAN25Zg7rNdAoqk9LISwwdCn9D01q_vUbTKLlsUqrt3apFol8Fd1so3-lEgfOpSQkukU8sj5eKuv0bcxFWhraSg1yT1LB9UQvjToCrnGmXw

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
an-x-request-uuid: 74d83fe5-2f3c-4153-a3cb-69913f2fc9b6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.48.94.6; 37.48.94.6; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENmRSuKTb7R8if_rQFNSIHg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8F33
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYxMzY3NzgzMDA2NTY5NTQy

170 B
243 B

29ms
28ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYxMzY3NzgzMDA2NTY5NTQy

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
an-x-request-uuid: 35a3d674-ac4d-4f9a-a24f-3f25830edfb9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYxMzY3NzgzMDA2NTY5NTQy
x-proxy-origin: 37.48.94.6; 37.48.94.6; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B701 0
58 B 53ms
52ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=828514713115&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B701 0
56 B 51ms
51ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=828514713115&version=m202401290101&ct=77&x=1&cor=1286606688356330200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B701 20 KB
14 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B2P09d54J3eBC03j7nvIBpWeM5FXZKZeHTreHtnX2vpT-2OLVMasXRhCpbzg14OKVL9K4bXgylhkd8YlkOeP36vqFS1Slco38EUf9faLXZq2YeHJHg1kCbXVb04ZbkGNR63kqWJZXOxk7lkiuyCOWPj5Nl5uGim-s9-WEWRPJ-fdFq0Fk&cry=1&dbm_d=AKAmf-D6uxG__Tm7JCe-lbkrM5xUIFUUvag_sy_D6YMyDqW0EGmW-Tg5qDx3DkTbHfvtbdFBwie8fzfJr0MBWfGyLl5Sd50JAZylxPGRT2Phw4XgtsBuMdjGyrFOg64QToVTBxSOopaBcWeAbBEEJNtHKpxbYNIJxdLim4lwOMMyhmmeGr0OL-4L9AnbB7pLCRPqoXL66MSYScVenvY9uSmQn8qNc0YVEUEhhi7b6HkxQQQu_AplOKA4GIpER-aXiYdR1YwHQaQ3EdZYthEmlFz0-IVZLi9DVMoKvKXNbHVaroYDxG7tgCo1pEKpxNcY8xHpOMc7k5bKgArx5MNZ3jdmW0uqe6foES2mYc-FBoQOlxDCAFWLfnW4rcUzOtoqDprFSFQz4qgZndVxQ3sffTlszvTKBxZxBRV650_25x0LE-XpJvr0usB6kce4adafyqcXEISgOLzDcy31ZN2FTxjOgEd8wdtAxcVdoCfzvcFRZ5Ca1Q3v2umzDrM2XOJvmOiAR7hRVqN9ppEYqiW4ltasqrrqKm17p0PXNW87QMz82ed4FDW-4QbAtOSP8V0cqi0WcHtfQt_yGPYyXFYHJe3gs63hO8mxbMcBPPPj0ZO6x8CntYUTH47GAid7YnPmYG8DTGczgp5BCsQG2y5oRxjixtgG6QuX37EthgBOpfwNgJ4pzZNh3DDqx8prNzVfhP32efU4g_iXEse_BcMjwTyeskoMvIx71XDB8YVGxFvP8UakJJh4d3b8_zGgAwObBQRg-8wRSRWb1JIO5EBVAhzO23hs5c4PKOkSggDTZVEbt7bjV7n9hni22pOyMemAo4Ytb6RiJaLcvieGk_DrtEkVFfo8XpPWR7pYS4-kywWCQNLz9PDvW2SYe0BuKy_60M2s_piXF9a-2SxOp7nCAEV6NoiNxi6VZGptYhSq4Q0VZz6fTA8eaMlU_Hq-mey-P8jL_PBHSWZnGbdNUDO3RoPpf0rxn_f6bcdbp8Az3jRwTZpXufywVcrvDiVckXRjtwu43G5hzAvy85LSipJsnmu9uQEB_zM1kE-dw6dBejNPt5G937ObauVWnMXvzMeaDPbdaRqFnoHYxBcjSbuZsy6SuFmH1QIJa8ecDROIs-tI3yUPdqiEhqfm197YdECpmwMYR3m18GB-j8ng_hTmOJ1oHAEaj0Sdcd8_uAFXZUIdWxFk5CvlfckytZfnpg7mszil7hSq0gPpCWHykarj8iJZ0eUjMhsGKuqDt_7O7UbrjIHRLdnr2WpFq0bRJLSuiyYQp10wuIAG7Nw2EaIpDC-RsKPn1Ves2DTxv9kqZtuAKq7p52EZaaGljXqTpS76SAa9n1ZRlrhMPUWTFLD48b5X2i0esNsm1WnFPIIYy7ea0Mlu5FcqALK_cNxs70eDCUa-ChWPSYNC4O6z-smfU7Lh9xANEza6CYIyTVbEI6zNt_hLk0c9lRnopgXT5cAWg9Ids3HYLl7aooU4sFLF6pV3EsLcdYgbtKC7oAFvJbzTwYfjurcxeZk_sCoo9UuheGZEW1FGrRTzX6cUSxnrxRduDCOrShFjjBcjume1z-dlrmdlW9uR-hrIe9DNhmVoYYHGCY7UU1UFd5zZkvHvtkNlZNrmc7RB2TBZ_rIy5C1px-Wf9_e7waDla8sH3WuEQXF1fT8SOynLkM5xdYBPhK6PngxP8UGj2S3X_B9Rj5GzKj2TzRhnC60lGhZY7U1esxPkce_v1fvxvVdN2aah82LimYhVElIma_RvRTY5oQqd8TZ6_2csXfaWV-ZduYqSjfyETgH6vxJNd3vuEaMbcQprnzzzkMDjVaG6ywZkdTCIJ7l3VRgqDo69k5vOdrUmuNbjQGsV-R_6yQHTPKGVfyJl3p2ZljD0qlAQ9jfKVKJBss1eMeVcTbp5dnfqNrNTKc1Uz823zkhyQKfhmGCe_HyajcGb4621yuFaPE-xJFZtpUlFrycYvcYfNmU1runsZ737Je21XJ5cI7Qdyb5LfprM6TkMcvypECmu_PjhjXTBXvB9lhByZEbFWixUWUlv2PsKcVUGqoRaIqaxqAAiV40HUJyKBU7ZusmC-vDtrjXvbhh7GExXvnq1NdWOusSalhKNWUR_1TicqReWsz57NUB50A2vSzHmf9pvVd6-ylCZM-vhnMOK_NC-f642HQgw0XI_UBdzpWGdPQT2fsVTvZlSfSp0pksF0kqmcXPn0UjoUlkp8MMduUx11dwI0hzSlGLa6taJg7bKhbVrMWj7kZ8K9k63crdjOu30WrBUGiPxJ8kO-yCk_Q1jghaOJ58VkuYv3w9_KKXAJF8LFbYzKK0rZt9H4jwj1d_gg67f5e0vUOh9eYe302vwLF5kCWtwUbM4Q89xLRlCmXmyL-WnD-c0zgt4glVA4-T_blGet1sI7arDz-A38Xf9Ouzkhwtkxj9Dv4la19LpDOrLtej6JqK-KL5HP9yawV2fDrkmvvmlHHHII-X39kSQPRejd7qRt5t41ZENOmlGnzX6qKH_gEUU3GilAviU7R9CTePiQaF3EJvjQcTx93YcdvyBi5ReNt8Id1mYD9FLWnfkvG-tNm22J8NfCEjS44CIHok-tjhKt2FJA78Mn870wroQShGmh6D2GOpxokueVRcMhO6MWs6VxITiJobE6lZFexGMBppTgyrak5HasawjDjlPg5Z-RM53BHoAWnuP0LHgxlGapWKcsvtACMFHIOmYYI5gR1qjXJqdZBnTXpwtJG56iUpT2y3OhFKwg4bt72NCs7ptztrfW1An9Hdf0HO66-PYgmQtL6uDbMDVpMatoIKl71HXfiTNRTtwRigvtrO4ccYKZdVIxOsK8gJiBfCYrnjmGAUwu0d7_0dul3J76HzwSsvP9KXu8jNUJF9DbXu6HCGWzp63ybweDcrPd1fH9gsi0wU9TSkt_iFe3ZR1ytWPZFKDH2pdsXxjL1UqhSp4AAStHV8vYqoD5KnB8C0Q5sFBO6epO0iOIrc1Yuu_ZXGY-dVuUo5t03uw4evk6fUEhsuP8JewDPBJRF4xyrOcNA8KbXqR1kYMity6sy4T7VlV3sWIdsAu7j3OsAlT922yVGvOj1szsGalRflTm3B5XNGfAsMVO2QNwShiHyAYT_P0vdr_J7XsfHKI2VZ50SK-Hpqzlbp4LYKrotzWYDKXIat-xPw3krG3mYWXijdAQWSodxPSEJHq_R3f8Rio4arOeNPtnyKem73GDvKiWhfXcxWF1HPP1mcLJ4Zu6cFt2QqId8QPCLNSR5A2TYM5Nn49xbuA-oJr4wiuBmX0wKQXozBpX6OXIuCSPn797wNAOigCB4lNfHOErycZqXIHNcop0NZfwANjez5g307h4oHBgEou4gyX-3mWeSh8v86UcjcVocJIf5ANx4LEUf2oVidNty1f91GMTfqMmBh71r3WDjJ-kUDMKPchaPJDMpIv6Din6S-lSeFKcM2sD9FsQibZ1G9md3UY44OyvwlsQhSqPBK1k1bCw7zRwx57XxowP6s84nuyR0oU51YgNRANv8hNcUuKsvQl7Gz8okQC9dFZA1Or22WVYthpvbBmLZYIxXF2ZE_SaBTc_fTJWdRisiZt3Mkgfiu5Z8h3kK9P6mY4Am_OcNgbOkXdbIPpJm-lZ1dl7u-COOzbWq_qzKfoQFb1eZcLTaWtLdj8JB2bnBkhBKgti0tv2Auw_4bu6oTlwCbND4Ir_gUdYXOpHqghCR7L4nd3JsbSQ3RJi3cIbg1LHu4v6c5OysKHa3heTFVmVDtb042eQ_sdYfmUGkPnJTsnHQnTSwxLb--BRqGtFjVSkjzp9Cl519nhKf9p1MdvKQoChsm4LAznG5bcPi5GaEI5hVZnPj9yEzX0sFoCcmUQvbaGxPQNruAJqYwAnn4&cid=CAQSTwAvHhf_RM4LsHjbOVe1UU-MvTHt1GXGf1w1ISwgjY-9z1BU02cxfUsDq5FwSCWopfz7iRVCx8JGFqTkZbm8ZKwAOEsNODdj45gwTDozolIYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fkimetsuyaiba.online%2F&ds=l&xdt=1&iif=1&cor=1286606688356330200&adk=356101034&idt=111&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b981e75ade1b6d5e77e6e23352282c315fefeff8ac792466b6b2d737a247cb8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13596
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 779D 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kimetsuyaiba.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 30791
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 18:02:27 GMT
expires: Sun, 09 Feb 2025 18:02:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8635 829 B
1 KB 74ms
29ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

175dee8b941e0557687793f2e2d3553928b1856c412d31e2efd0ab2f97327b25

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WSG0cMKQyzB5Yxp1ttZ78w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kimetsuyaiba.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-WSG0cMKQyzB5Yxp1ttZ78w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 02:35:38 GMT
expires: Sun, 11 Feb 2024 02:35:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 779D 39 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 17:53:28 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame B701 41 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B2P09d54J3eBC03j7nvIBpWeM5FXZKZeHTreHtnX2vpT-2OLVMasXRhCpbzg14OKVL9K4bXgylhkd8YlkOeP36vqFS1Slco38EUf9faLXZq2YeHJHg1kCbXVb04ZbkGNR63kqWJZXOxk7lkiuyCOWPj5Nl5uGim-s9-WEWRPJ-fdFq0Fk&cry=1&dbm_d=AKAmf-D6uxG__Tm7JCe-lbkrM5xUIFUUvag_sy_D6YMyDqW0EGmW-Tg5qDx3DkTbHfvtbdFBwie8fzfJr0MBWfGyLl5Sd50JAZylxPGRT2Phw4XgtsBuMdjGyrFOg64QToVTBxSOopaBcWeAbBEEJNtHKpxbYNIJxdLim4lwOMMyhmmeGr0OL-4L9AnbB7pLCRPqoXL66MSYScVenvY9uSmQn8qNc0YVEUEhhi7b6HkxQQQu_AplOKA4GIpER-aXiYdR1YwHQaQ3EdZYthEmlFz0-IVZLi9DVMoKvKXNbHVaroYDxG7tgCo1pEKpxNcY8xHpOMc7k5bKgArx5MNZ3jdmW0uqe6foES2mYc-FBoQOlxDCAFWLfnW4rcUzOtoqDprFSFQz4qgZndVxQ3sffTlszvTKBxZxBRV650_25x0LE-XpJvr0usB6kce4adafyqcXEISgOLzDcy31ZN2FTxjOgEd8wdtAxcVdoCfzvcFRZ5Ca1Q3v2umzDrM2XOJvmOiAR7hRVqN9ppEYqiW4ltasqrrqKm17p0PXNW87QMz82ed4FDW-4QbAtOSP8V0cqi0WcHtfQt_yGPYyXFYHJe3gs63hO8mxbMcBPPPj0ZO6x8CntYUTH47GAid7YnPmYG8DTGczgp5BCsQG2y5oRxjixtgG6QuX37EthgBOpfwNgJ4pzZNh3DDqx8prNzVfhP32efU4g_iXEse_BcMjwTyeskoMvIx71XDB8YVGxFvP8UakJJh4d3b8_zGgAwObBQRg-8wRSRWb1JIO5EBVAhzO23hs5c4PKOkSggDTZVEbt7bjV7n9hni22pOyMemAo4Ytb6RiJaLcvieGk_DrtEkVFfo8XpPWR7pYS4-kywWCQNLz9PDvW2SYe0BuKy_60M2s_piXF9a-2SxOp7nCAEV6NoiNxi6VZGptYhSq4Q0VZz6fTA8eaMlU_Hq-mey-P8jL_PBHSWZnGbdNUDO3RoPpf0rxn_f6bcdbp8Az3jRwTZpXufywVcrvDiVckXRjtwu43G5hzAvy85LSipJsnmu9uQEB_zM1kE-dw6dBejNPt5G937ObauVWnMXvzMeaDPbdaRqFnoHYxBcjSbuZsy6SuFmH1QIJa8ecDROIs-tI3yUPdqiEhqfm197YdECpmwMYR3m18GB-j8ng_hTmOJ1oHAEaj0Sdcd8_uAFXZUIdWxFk5CvlfckytZfnpg7mszil7hSq0gPpCWHykarj8iJZ0eUjMhsGKuqDt_7O7UbrjIHRLdnr2WpFq0bRJLSuiyYQp10wuIAG7Nw2EaIpDC-RsKPn1Ves2DTxv9kqZtuAKq7p52EZaaGljXqTpS76SAa9n1ZRlrhMPUWTFLD48b5X2i0esNsm1WnFPIIYy7ea0Mlu5FcqALK_cNxs70eDCUa-ChWPSYNC4O6z-smfU7Lh9xANEza6CYIyTVbEI6zNt_hLk0c9lRnopgXT5cAWg9Ids3HYLl7aooU4sFLF6pV3EsLcdYgbtKC7oAFvJbzTwYfjurcxeZk_sCoo9UuheGZEW1FGrRTzX6cUSxnrxRduDCOrShFjjBcjume1z-dlrmdlW9uR-hrIe9DNhmVoYYHGCY7UU1UFd5zZkvHvtkNlZNrmc7RB2TBZ_rIy5C1px-Wf9_e7waDla8sH3WuEQXF1fT8SOynLkM5xdYBPhK6PngxP8UGj2S3X_B9Rj5GzKj2TzRhnC60lGhZY7U1esxPkce_v1fvxvVdN2aah82LimYhVElIma_RvRTY5oQqd8TZ6_2csXfaWV-ZduYqSjfyETgH6vxJNd3vuEaMbcQprnzzzkMDjVaG6ywZkdTCIJ7l3VRgqDo69k5vOdrUmuNbjQGsV-R_6yQHTPKGVfyJl3p2ZljD0qlAQ9jfKVKJBss1eMeVcTbp5dnfqNrNTKc1Uz823zkhyQKfhmGCe_HyajcGb4621yuFaPE-xJFZtpUlFrycYvcYfNmU1runsZ737Je21XJ5cI7Qdyb5LfprM6TkMcvypECmu_PjhjXTBXvB9lhByZEbFWixUWUlv2PsKcVUGqoRaIqaxqAAiV40HUJyKBU7ZusmC-vDtrjXvbhh7GExXvnq1NdWOusSalhKNWUR_1TicqReWsz57NUB50A2vSzHmf9pvVd6-ylCZM-vhnMOK_NC-f642HQgw0XI_UBdzpWGdPQT2fsVTvZlSfSp0pksF0kqmcXPn0UjoUlkp8MMduUx11dwI0hzSlGLa6taJg7bKhbVrMWj7kZ8K9k63crdjOu30WrBUGiPxJ8kO-yCk_Q1jghaOJ58VkuYv3w9_KKXAJF8LFbYzKK0rZt9H4jwj1d_gg67f5e0vUOh9eYe302vwLF5kCWtwUbM4Q89xLRlCmXmyL-WnD-c0zgt4glVA4-T_blGet1sI7arDz-A38Xf9Ouzkhwtkxj9Dv4la19LpDOrLtej6JqK-KL5HP9yawV2fDrkmvvmlHHHII-X39kSQPRejd7qRt5t41ZENOmlGnzX6qKH_gEUU3GilAviU7R9CTePiQaF3EJvjQcTx93YcdvyBi5ReNt8Id1mYD9FLWnfkvG-tNm22J8NfCEjS44CIHok-tjhKt2FJA78Mn870wroQShGmh6D2GOpxokueVRcMhO6MWs6VxITiJobE6lZFexGMBppTgyrak5HasawjDjlPg5Z-RM53BHoAWnuP0LHgxlGapWKcsvtACMFHIOmYYI5gR1qjXJqdZBnTXpwtJG56iUpT2y3OhFKwg4bt72NCs7ptztrfW1An9Hdf0HO66-PYgmQtL6uDbMDVpMatoIKl71HXfiTNRTtwRigvtrO4ccYKZdVIxOsK8gJiBfCYrnjmGAUwu0d7_0dul3J76HzwSsvP9KXu8jNUJF9DbXu6HCGWzp63ybweDcrPd1fH9gsi0wU9TSkt_iFe3ZR1ytWPZFKDH2pdsXxjL1UqhSp4AAStHV8vYqoD5KnB8C0Q5sFBO6epO0iOIrc1Yuu_ZXGY-dVuUo5t03uw4evk6fUEhsuP8JewDPBJRF4xyrOcNA8KbXqR1kYMity6sy4T7VlV3sWIdsAu7j3OsAlT922yVGvOj1szsGalRflTm3B5XNGfAsMVO2QNwShiHyAYT_P0vdr_J7XsfHKI2VZ50SK-Hpqzlbp4LYKrotzWYDKXIat-xPw3krG3mYWXijdAQWSodxPSEJHq_R3f8Rio4arOeNPtnyKem73GDvKiWhfXcxWF1HPP1mcLJ4Zu6cFt2QqId8QPCLNSR5A2TYM5Nn49xbuA-oJr4wiuBmX0wKQXozBpX6OXIuCSPn797wNAOigCB4lNfHOErycZqXIHNcop0NZfwANjez5g307h4oHBgEou4gyX-3mWeSh8v86UcjcVocJIf5ANx4LEUf2oVidNty1f91GMTfqMmBh71r3WDjJ-kUDMKPchaPJDMpIv6Din6S-lSeFKcM2sD9FsQibZ1G9md3UY44OyvwlsQhSqPBK1k1bCw7zRwx57XxowP6s84nuyR0oU51YgNRANv8hNcUuKsvQl7Gz8okQC9dFZA1Or22WVYthpvbBmLZYIxXF2ZE_SaBTc_fTJWdRisiZt3Mkgfiu5Z8h3kK9P6mY4Am_OcNgbOkXdbIPpJm-lZ1dl7u-COOzbWq_qzKfoQFb1eZcLTaWtLdj8JB2bnBkhBKgti0tv2Auw_4bu6oTlwCbND4Ir_gUdYXOpHqghCR7L4nd3JsbSQ3RJi3cIbg1LHu4v6c5OysKHa3heTFVmVDtb042eQ_sdYfmUGkPnJTsnHQnTSwxLb--BRqGtFjVSkjzp9Cl519nhKf9p1MdvKQoChsm4LAznG5bcPi5GaEI5hVZnPj9yEzX0sFoCcmUQvbaGxPQNruAJqYwAnn4&cid=CAQSTwAvHhf_RM4LsHjbOVe1UU-MvTHt1GXGf1w1ISwgjY-9z1BU02cxfUsDq5FwSCWopfz7iRVCx8JGFqTkZbm8ZKwAOEsNODdj45gwTDozolIYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fkimetsuyaiba.online%2F&ds=l&xdt=1&iif=1&cor=1286606688356330200&adk=356101034&idt=111&cac=0&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 19:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 111527
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 19:36:51 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzYxODkzODEzNjE0OQogIHNlcnZlcl9pcDogMTM1Mzk3MjI3CiAgcHJvY2Vzc19pZDogMjkzNjc0NDM4Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame B701 0
868 B 129ms
54ms Image
image/png 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzYxODkzODEzNjE0OQogIHNlcnZlcl9pcDogMTM1Mzk3MjI3CiAgcHJvY2Vzc19pZDogMjkzNjc0NDM4Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMzM0Mjk0NDg1MzM5ODAwNzQ1OQpkZWJ1Z19rZXk6IDE1OTgxNTUzOTUyNTU1NjY1MTA4CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMi0xMSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMjYzNTgxCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2MzgzMDIxMDEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMTk0OTcKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMi5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xb17119795da4c18b0000000000000000","13":"0xa56741108bd6a4c70000000000000000","14":"0x8a35b660ed28259b0000000000000000","15":"0x8faf49e9cc1300a60000000000000000"},"debug_key":"15981553952555665108","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"13342944853398007459"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK kqb6i1ypdv7u Show response
hal9000.redintelligence.net/zone/ Frame B701 11 KB
4 KB 86ms
30ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/kqb6i1ypdv7u?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu_KNeTLIZdLnLayh7_UPt6ywyAPM-Yagaau0x__3D_AuEAEgsZPteWCRBMgBCakCXUrA9bAXsj6oAwHIA5sEqgT2AU_QS2IJZzoVeIKqIFbHfQvSutOyYd4wzeZYpMdfkoEq-DmO9yhhGK498aYC9C9VsPfMDryAa00F_loFV2qCJSqmQErCjY8NwKJXuR_ho2bi4lM0hquzeEqlVqps2mUNmDCSv7OD5HwcXB7ChhDKcagWZvWijoF4YIQliXSua0l9RqKvACx5OW3p8dThGo6zzxB_2kH3zflhawK-yNeF8sct4D9wvdW9Ha6GKDVFk_TMPmInHjFJGDLQI5rGvzOEtpA1zvg-SfwJrMXIhmD09CAj5okb5PYGfo7NPpVGOxprZeU5cElQ88eEMHfduo5QPOCoDn4SMsAE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYqfrHoaCihAOACgOYCwHICwGADAGqDQJOTOINEwjHocihoKKEAxWs0LsIHTcWDDmwE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwGyGAUYTSIBAA%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_RM4LsHjbOVe1UU-MvTHt1GXGf1w1ISwgjY-9z1BU02cxfUsDq5FwSCWopfz7iRVCx8JGFqTkZbm8ZKwAOEsNODdj45gwTDozolIYAQ%26sig%3DAOD64_10ssyIYBpYHKgmLy6sD8U237m70Q%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-AfM2YMuq5wuErzhaETbWSHIHhMRXe-bDOAto5_zYBI3DOAvDHbFA_BOCUXU_cdl6MD6VzdHM0wr6uRclG7sKtLaLNJylwXbTHBjXVJfmvipeLXRnJdY3M9mKTmTaxjsVB89H3oCp2-5dLrq-eUn4hkHJau1J45qaK620ixXRfAeMbr6ug%26cry%3D1%26dbm_d%3DAKAmf-BbNnZv3wNxElnaE0cHrrd9YP6kzzqbNBJyODnJQdvsi6T9bE7zLiMp52-tXCZkvjGcZRfXm7iU8vniy5mdsFG-K9tR80BCiuxtIabC1stoaZCTsqZ_azvZGXZDlN5rDR_ZWAGBn0m9_TKi7FxjiRYcFDFIrGeOzS65cZ_-HF_9P0MpNb7jSI0hb6S0RhFykm9k1-q88fCtACpEGqsy6mUqLyAFu3PxPO8J1P-PnMVtcVopI9IaFpF_zkiw9f-sxWtI_w4ZdMEuqkZWzGjP1PCXxd_fJT2K0vYcB2eYxyLOlcBf7OgktGs_i4p0cmgiduJLgiS1lTPUBXdX2jyVKf1smZxFcwqN1lTKRIpa4nMXQd2KnltDU5NFN_FraTAigm6kp3vPPouqREPwPDaiDqvKfwmPqo80MuGF_zpgXIR1fuIKwrotQWPLHP01W4s755KAjdYcR8rAUzgW1ohMV6QEEnUopFHJ0BCImMTQCKWzpBWaBEMGfSa9k5QNXIT6fJkg0F_M0RcgYxmuTwdMennDw3Faa1wIWTim0wtvZ1M3VxenfYp8u9el2LT2XfKDxOwUy8OL%26adurl%3D
Requested by: Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 9fd0ba643289a8ea99c168e3d656add50b9018f840865055ec9290ee7ad7444b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sun, 11 Feb 2024 02:35:38 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4196
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E0C2 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 93888
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 00:30:50 GMT
expires: Sun, 09 Feb 2025 00:30:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8635 0
0 50ms
50ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402080201&jk=500805677477176&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 779D 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?F2iAxA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame E0C2 39 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 17:53:28 GMT

GET
H/1.1

200
OK

request.php Show response
hal900018.redintelligence.net/ Frame B701
Redirect Chain

https://hal900018.redintelligence.net/request.php?zone=kqb6i1ypdv7u&nw=20&renderingType=javascript&namespace=ab7401ef4e&subid=&uid=c4a7af3dfb91c860&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900018.redintelligence.net/request.php?zone=kqb6i1ypdv7u&nw=20&renderingType=javascript&namespace=ab7401ef4e&subid=&uid=c4a7af3dfb91c860&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
936 B

177ms
128ms

Script
application/x-javascript

144.76.91.199

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/request.php?zone=kqb6i1ypdv7u&nw=20&renderingType=javascript&namespace=ab7401ef4e&subid=&uid=c4a7af3dfb91c860&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu_KNeTLIZdLnLayh7_UPt6ywyAPM-Yagaau0x__3D_AuEAEgsZPteWCRBMgBCakCXUrA9bAXsj6oAwHIA5sEqgT2AU_QS2IJZzoVeIKqIFbHfQvSutOyYd4wzeZYpMdfkoEq-DmO9yhhGK498aYC9C9VsPfMDryAa00F_loFV2qCJSqmQErCjY8NwKJXuR_ho2bi4lM0hquzeEqlVqps2mUNmDCSv7OD5HwcXB7ChhDKcagWZvWijoF4YIQliXSua0l9RqKvACx5OW3p8dThGo6zzxB_2kH3zflhawK-yNeF8sct4D9wvdW9Ha6GKDVFk_TMPmInHjFJGDLQI5rGvzOEtpA1zvg-SfwJrMXIhmD09CAj5okb5PYGfo7NPpVGOxprZeU5cElQ88eEMHfduo5QPOCoDn4SMsAE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYqfrHoaCihAOACgOYCwHICwGADAGqDQJOTOINEwjHocihoKKEAxWs0LsIHTcWDDmwE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwGyGAUYTSIBAA%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_RM4LsHjbOVe1UU-MvTHt1GXGf1w1ISwgjY-9z1BU02cxfUsDq5FwSCWopfz7iRVCx8JGFqTkZbm8ZKwAOEsNODdj45gwTDozolIYAQ%26sig%3DAOD64_10ssyIYBpYHKgmLy6sD8U237m70Q%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-AfM2YMuq5wuErzhaETbWSHIHhMRXe-bDOAto5_zYBI3DOAvDHbFA_BOCUXU_cdl6MD6VzdHM0wr6uRclG7sKtLaLNJylwXbTHBjXVJfmvipeLXRnJdY3M9mKTmTaxjsVB89H3oCp2-5dLrq-eUn4hkHJau1J45qaK620ixXRfAeMbr6ug%26cry%3D1%26dbm_d%3DAKAmf-BbNnZv3wNxElnaE0cHrrd9YP6kzzqbNBJyODnJQdvsi6T9bE7zLiMp52-tXCZkvjGcZRfXm7iU8vniy5mdsFG-K9tR80BCiuxtIabC1stoaZCTsqZ_azvZGXZDlN5rDR_ZWAGBn0m9_TKi7FxjiRYcFDFIrGeOzS65cZ_-HF_9P0MpNb7jSI0hb6S0RhFykm9k1-q88fCtACpEGqsy6mUqLyAFu3PxPO8J1P-PnMVtcVopI9IaFpF_zkiw9f-sxWtI_w4ZdMEuqkZWzGjP1PCXxd_fJT2K0vYcB2eYxyLOlcBf7OgktGs_i4p0cmgiduJLgiS1lTPUBXdX2jyVKf1smZxFcwqN1lTKRIpa4nMXQd2KnltDU5NFN_FraTAigm6kp3vPPouqREPwPDaiDqvKfwmPqo80MuGF_zpgXIR1fuIKwrotQWPLHP01W4s755KAjdYcR8rAUzgW1ohMV6QEEnUopFHJ0BCImMTQCKWzpBWaBEMGfSa9k5QNXIT6fJkg0F_M0RcgYxmuTwdMennDw3Faa1wIWTim0wtvZ1M3VxenfYp8u9el2LT2XfKDxOwUy8OL%26adurl%3D&documentReferer=https%3A%2F%2Fkimetsuyaiba.online%2F&ancestorOrigins=https%3A%2F%2Fkimetsuyaiba.online&random=9765430182956&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 144.76.91.199 Bad Bellingen, Germany, ASN (),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: fcb6e6855aad1bb597f6c8e7614775186673f2d59411b2e259a7310287a22134

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Feb 2024 02:35:38 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 41942700006765204444474012597018
Connection: close
Content-Length: 330
Expires: Sun, 11 Feb 2024 02:35:38 +0100

Redirect headers

Pragma: no-cache
Date: Sun, 11 Feb 2024 02:35:38 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=kqb6i1ypdv7u&nw=20&renderingType=javascript&namespace=ab7401ef4e&subid=&uid=c4a7af3dfb91c860&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu_KNeTLIZdLnLayh7_UPt6ywyAPM-Yagaau0x__3D_AuEAEgsZPteWCRBMgBCakCXUrA9bAXsj6oAwHIA5sEqgT2AU_QS2IJZzoVeIKqIFbHfQvSutOyYd4wzeZYpMdfkoEq-DmO9yhhGK498aYC9C9VsPfMDryAa00F_loFV2qCJSqmQErCjY8NwKJXuR_ho2bi4lM0hquzeEqlVqps2mUNmDCSv7OD5HwcXB7ChhDKcagWZvWijoF4YIQliXSua0l9RqKvACx5OW3p8dThGo6zzxB_2kH3zflhawK-yNeF8sct4D9wvdW9Ha6GKDVFk_TMPmInHjFJGDLQI5rGvzOEtpA1zvg-SfwJrMXIhmD09CAj5okb5PYGfo7NPpVGOxprZeU5cElQ88eEMHfduo5QPOCoDn4SMsAE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYqfrHoaCihAOACgOYCwHICwGADAGqDQJOTOINEwjHocihoKKEAxWs0LsIHTcWDDmwE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwGyGAUYTSIBAA%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_RM4LsHjbOVe1UU-MvTHt1GXGf1w1ISwgjY-9z1BU02cxfUsDq5FwSCWopfz7iRVCx8JGFqTkZbm8ZKwAOEsNODdj45gwTDozolIYAQ%26sig%3DAOD64_10ssyIYBpYHKgmLy6sD8U237m70Q%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-AfM2YMuq5wuErzhaETbWSHIHhMRXe-bDOAto5_zYBI3DOAvDHbFA_BOCUXU_cdl6MD6VzdHM0wr6uRclG7sKtLaLNJylwXbTHBjXVJfmvipeLXRnJdY3M9mKTmTaxjsVB89H3oCp2-5dLrq-eUn4hkHJau1J45qaK620ixXRfAeMbr6ug%26cry%3D1%26dbm_d%3DAKAmf-BbNnZv3wNxElnaE0cHrrd9YP6kzzqbNBJyODnJQdvsi6T9bE7zLiMp52-tXCZkvjGcZRfXm7iU8vniy5mdsFG-K9tR80BCiuxtIabC1stoaZCTsqZ_azvZGXZDlN5rDR_ZWAGBn0m9_TKi7FxjiRYcFDFIrGeOzS65cZ_-HF_9P0MpNb7jSI0hb6S0RhFykm9k1-q88fCtACpEGqsy6mUqLyAFu3PxPO8J1P-PnMVtcVopI9IaFpF_zkiw9f-sxWtI_w4ZdMEuqkZWzGjP1PCXxd_fJT2K0vYcB2eYxyLOlcBf7OgktGs_i4p0cmgiduJLgiS1lTPUBXdX2jyVKf1smZxFcwqN1lTKRIpa4nMXQd2KnltDU5NFN_FraTAigm6kp3vPPouqREPwPDaiDqvKfwmPqo80MuGF_zpgXIR1fuIKwrotQWPLHP01W4s755KAjdYcR8rAUzgW1ohMV6QEEnUopFHJ0BCImMTQCKWzpBWaBEMGfSa9k5QNXIT6fJkg0F_M0RcgYxmuTwdMennDw3Faa1wIWTim0wtvZ1M3VxenfYp8u9el2LT2XfKDxOwUy8OL%26adurl%3D&documentReferer=https%3A%2F%2Fkimetsuyaiba.online%2F&ancestorOrigins=https%3A%2F%2Fkimetsuyaiba.online&random=9765430182956&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sun, 11 Feb 2024 02:35:38 +0100

GET
H3 200 container.html Show response
3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5BE9 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402080201/pubads_impl.js?cb=31081089

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kimetsuyaiba.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 02:35:37 GMT
expires: Mon, 10 Feb 2025 02:35:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 976F 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402080201/pubads_impl.js?cb=31081089

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kimetsuyaiba.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 02:35:37 GMT
expires: Mon, 10 Feb 2025 02:35:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0B24 6 KB
3 KB 19ms
19ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402080201/pubads_impl.js?cb=31081089

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kimetsuyaiba.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 02:35:37 GMT
expires: Mon, 10 Feb 2025 02:35:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 5BE9 5 KB
1 KB 76ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 11 Feb 2024 02:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 11 Feb 2024 01:12:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Feb 2024 02:35:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 87A1 14 KB
1 KB 76ms
37ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 11 Feb 2024 02:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 11 Feb 2024 01:32:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Feb 2024 02:35:38 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 87A1 2 KB
822 B 20ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 01:44:35 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 87A1 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 17:53:28 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EB59 143 B
166 B 23ms
22ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 287
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 02:30:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 87A1 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 17:53:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 87A1 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 22:58:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13039
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 22:58:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 87A1 203 KB
61 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 01:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 02:53:28 GMT

GET
H2 200 7b5e6815b417a6dcda76775ec840e2bc.js Show response
www.gstatic.com/mysidia/ Frame 87A1 37 KB
16 KB 66ms
20ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7b5e6815b417a6dcda76775ec840e2bc.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 22:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15515
x-xss-protection: 0
last-modified: Thu, 08 Feb 2024 17:48:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 May 2024 22:23:16 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame 5BE9 16 KB
7 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 01:47:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2916
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 14359709190881042667
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 01:47:02 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5BE9 205 B
296 B 71ms
28ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:57:28 GMT
x-content-type-options: nosniff
age: 131890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 08 Feb 2025 13:57:28 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5BE9 604 B
919 B 69ms
26ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 06:22:46 GMT
x-content-type-options: nosniff
age: 72772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 09 Feb 2025 06:22:46 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame 5BE9 22 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 22:54:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9451
x-xss-protection: 0
server: cafe
etag: 11136001603933606047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 22:54:21 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1813 624 B
245 B 35ms
34ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGL3h3t4BMAE&v=APEucNVV5iVsMBEBqyGFY88fkUdB9OGswXnahcDTcr1VUPG8oBmEAAzVmSoiwsStDIolfnkwu0QgVJJFzmTc7R5MBW8edUuD5DilnkQoxrHb6RtQcAuMjKBXzjn7_gvKCdVqSAoM2mipmIMxRtr9PjTP2oDAnmrkhgvdVxqGmWrCMNboXPo-FbAMeCV2rVjmS1Df8mWlNH24X3x3-mX08iNuteBAL2aSVw

Requested by

Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 02:35:38 GMT
expires: Sun, 11 Feb 2024 02:35:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3C1C 93 KB
33 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 02:35:38 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 3C1C 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 17:53:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 3C1C 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 22:58:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13039
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 22:58:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3C1C 203 KB
61 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 01:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 02:53:28 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C1C 42 B
63 B 50ms
50ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CQcJp_T-CW_ej3cnETvaN8NePWFOH79Gr1dboytmlOkzg-cZ8Q_0iaxEcyh750YYLCkxhoYw9XkZkjzyB9D5_UbfDr3ad5aydIi-1WeM3wOFkGEpA

Requested by

Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 96C8 123 KB
44 KB 105ms
50ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcgyeQAOGLsIu-zuAAJJt08Xh6BW9jHHddM_nQ&u=%7COWsr6%2B1RJaqefFEqTJJQ48GNu8Kmx0kN9%2FV9bpe%2FZs0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbv-ijrtW0LJYF7cugykHzstgU1_xQHWj6LMT3Gfludza6PnFn51z_Yr7nrW1X22fKIsd4WW69GVBPUxbP-XBgQt8jtyxQPLYiZOYxkfBYjdI-EUrpy1HmYpmWmpHzVbnI2mrwkthZArA3EAIHluHlfLanR8YlnpZHcD1QPXYnEn3IW9k2lW9fs7J3qjj33wyR2dZmq7W97eWiWaBTN48zClhYtDEXEA2Pua0e6sYLxjwMTUV7Fvx4tCbVgzq5TS0CIrK6FWZM-nf2A1LwcfJbvpWTky_Y5AobXvx58E1L58XAPGIGXtr13XcD1WmfSTgrWFZXrnEt4feaZgU12pIkIkV-u3n874BOdy0oOMDGCK9GhO205oHcfqrakpGuTlQ7XOK-qPBMHKDR6XUpYLfcxYi_Jqm6nm4NqP3gxSyEJ7INV-vMX_b84anJyAljNOKWex_You0RN7nh-i31chBbO1QYrNK0KgYKlOeT-5gR2ZzPEOYCK-fCVdJZRypSxH2DRjvtlORZEw6LG7otRTyLwOV5gpS9bCUP7PC85PrzQwkKfhIqejfhisDQPyWW5Z21o-_wHB2IL-o8abEAuMj4Kr0Q1FNfqciNspx1tv2kOzoNZuBkDXCVmZHKxlYgLzgWw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzvTVeTLIZbuxOO7Z7_UPt5OJkArJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjIwNTEyMTA2MjE0MDgxMsgBCakCXUrA9bAXsj7gAgCoAwHIAwKqBJ4CT9BYITP0LlCBHC_s73joMcK3cC-joQzmpmQiylTnWMgdIdsjBWZev8Vei5C9kYA9dpGn6JOh4k-c7cBO528eR0-z2Q7QPpclZ6uS7xIIkcLgx5AWKVOV36_JP5RCvgapnUgym1Mx6LT4DNckDAr_v3TZv7mHLDgUghv4LGHq-Z_ycHNx4-WIkoHdWY0eHtZws8yhEudZ11HmoET-1yv-Iaj6MoY_Lx5l7nsYJPANHHp0Y-qNQFgQE8Vb4OG0db4dW9BYwhY7By-LNTlOMfngGMTcrCTv3Tv4fNEPqNpXiE3E357QTAUCJkmumpBUp9PDLrKAdEorGi9pwfeBK6SO9SSbHXvwJFSyfMlZRybEko55_jE_ejwC2Yp_medPW-AEAYAGvPiU0bK81LSHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAEBABMgKqAjoJgECAgISAgIQISL39wTpYhv7HoaCihAP6CwIIAYAMAeINEwj7q8ihoKKEAxXu7LsIHbdJAqLQFQGAFwE%26num%3D1%26sig%3DAOD64_27qNYj3i6isnBZysYzGrtqdYlu9w%26client%3Dca-pub-2205121062140812%26adurl%3D

Requested by

Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e6e29560a857b80ce8718e9908fb3103c43e9e0fb53b4e0263f75b55f48a19af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 02:35:38 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=zHWneBpoo2AfdUv4-RW3XiwtEJdIeEGZvh3u34hyq8_f-XU4klkyBHoEFAOs-EnRVLGe5Loap8fAi2evMyP79SSbr5g6xb7hvIVyvxrC53qvG-GN8Xh1J9e-OYSbwW9SAk5AEjpyGiUjJaHSO9L8zdUWfiE7YAvws5D-aF3A7_eEhREV2F125QWDLW1QQ2yRGIuFVCn_-xJHdvgpChd0r9_bMFcvDRHF26vRDGVcG7x-Pnk9S77eFOEJjdc"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 31986877
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 0B24 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 17:53:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 0B24 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 22:58:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13039
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 22:58:19 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0B24 24 KB
6 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 20:04:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109844
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 08 Feb 2025 20:04:54 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0B24 203 KB
61 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 01:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 02:53:28 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EB59
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

29ms
28ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 02:35:38 GMT
expires: Sun, 11 Feb 2024 02:35:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 02:35:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1813
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFjkpEHRI9nzD33_gZ4A_io&google_cver=1

43 B
735 B

39ms
38ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFjkpEHRI9nzD33_gZ4A_io&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGL3h3t4BMAE&v=APEucNVV5iVsMBEBqyGFY88fkUdB9OGswXnahcDTcr1VUPG8oBmEAAzVmSoiwsStDIolfnkwu0QgVJJFzmTc7R5MBW8edUuD5DilnkQoxrHb6RtQcAuMjKBXzjn7_gvKCdVqSAoM2mipmIMxRtr9PjTP2oDAnmrkhgvdVxqGmWrCMNboXPo-FbAMeCV2rVjmS1Df8mWlNH24X3x3-mX08iNuteBAL2aSVw
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FsrGDBZqKuBmG%2BtAgKGJBCR3hGbc%2BSHjYp1Kt%2F2vm0A9VrtMwfZzGajFepIDsXWBa1ZQJ26gVqTcU5%2FjzbgiD4ps6WpW6DrHdW7jfuKVhR%2BIC9IziZQXamwc0fDj7OVgLGO2BpUAvNHOSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8539331e08dc9a3b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFjkpEHRI9nzD33_gZ4A_io&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1813
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcgyermqPWQAADLnACeLFgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFjkpEHRI9nzD33_gZ4A_io&google_cver=1

43 B
733 B

36ms
36ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFjkpEHRI9nzD33_gZ4A_io&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGL3h3t4BMAE&v=APEucNVV5iVsMBEBqyGFY88fkUdB9OGswXnahcDTcr1VUPG8oBmEAAzVmSoiwsStDIolfnkwu0QgVJJFzmTc7R5MBW8edUuD5DilnkQoxrHb6RtQcAuMjKBXzjn7_gvKCdVqSAoM2mipmIMxRtr9PjTP2oDAnmrkhgvdVxqGmWrCMNboXPo-FbAMeCV2rVjmS1Df8mWlNH24X3x3-mX08iNuteBAL2aSVw
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DE%2B%2F6nx5DB8FOsjhtgBqZc02vyPfXYS%2FeXRyBj0vZllXfLgxJLIky5k68yBjTVpo6fs7XCq4w6Qow0lrqDpD6fcwtJuadPAVvmx7fh0FdDdg1065E0REm67hLwX6JuZ5S6yHjDgDPuZS4w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8539331e48ff9a3b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFjkpEHRI9nzD33_gZ4A_io&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 1813
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENmRSuKTb7R8if_rQFNSIHg&google_cver=1

43 B
1 KB

20ms
19ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENmRSuKTb7R8if_rQFNSIHg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGL3h3t4BMAE&v=APEucNVV5iVsMBEBqyGFY88fkUdB9OGswXnahcDTcr1VUPG8oBmEAAzVmSoiwsStDIolfnkwu0QgVJJFzmTc7R5MBW8edUuD5DilnkQoxrHb6RtQcAuMjKBXzjn7_gvKCdVqSAoM2mipmIMxRtr9PjTP2oDAnmrkhgvdVxqGmWrCMNboXPo-FbAMeCV2rVjmS1Df8mWlNH24X3x3-mX08iNuteBAL2aSVw

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
an-x-request-uuid: 6bcac9ab-9fda-4ae4-8541-529844ed6f59
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.48.94.6; 37.48.94.6; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENmRSuKTb7R8if_rQFNSIHg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1813
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYxMzY3NzgzMDA2NTY5NTQy

170 B
188 B

34ms
34ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYxMzY3NzgzMDA2NTY5NTQy

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
an-x-request-uuid: 3dc4e2aa-edb3-4602-a938-e3fa48112595
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYxMzY3NzgzMDA2NTY5NTQy
x-proxy-origin: 37.48.94.6; 37.48.94.6; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C1C 0
20 B 51ms
50ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8078600269046&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C1C 0
20 B 50ms
50ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8078600269046&version=m202401290101&ct=77&x=1&cor=13848542361697610000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3C1C 34 KB
19 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CfMNikj6c6NPXn8kMCa6VhG3Dsv4En7fOobzswJMVXi_GuGr6Xmx9M9ifPMBNev2J77m0sLb2Tr1_PHUj0-8gfl0wERIbtPfJ2mY6MQsS5dKNvtsqavSl_sQxgp1uy2dY8AnCM4t5n3N0ux3yfReniYqUeqHulKhlUYW259AnOMPC50WQ&cry=1&dbm_d=AKAmf-D7YUESp-J-VZUnFiFRsWe7tUo_mTecCJdjuCDAszwrp4iSS2yV-y7mLQdD-Gp_0bVxSaNQQ-fcnDo0gQ1Gjri2f9OmAFEfigLVsAzaSy67VMLiSXON_uIhMUl9eCpWbAHZhmJvXUSBhm_ZoEMKdGWvGDmt8jIHgZ58js-_68lqegVzQuzPM6ynEFg3gbyGbXMr38AP8G2_SWGrjXH2G9eiJiEaiOlTlkgRIXyid2V6L2FpDjTao5zNKsp6KMkvkgWltCVoENaCen4TMjLzVrBxuXWmedSrV1Sf84Cs0zqcJeRBqTxYQ_Y1ZJfnC9qO815VS_0K56eX8FPk1S-MYjzFhwnmhK7Rms1RclGW7sJb8vtatRiHR8cQffpuA52Jeg4WNwm5ynr_TpBQj1Zp5sXJjhrM5tofhHhuMZ9VBVXNevhgR93Rvd_PDqZDl15mH-xGBPWK0F5v0YdqwvjU-mreebMlXvUeJN6IRtRy3L2e4U8I6tLSF8tGnZ_VR9s9BsRQ0EzUPUf5Pb2Ya84apPl3VrrVwvD7ni4NG4yU1CV0j_49PQN2CCH85O_hiLu_3Fot_W_bqxn8gPcI4a4NCeelZBTrfCU55kPAjjvEhEJsL0DXLkh6uAuNC27GvAjNEQkjxaDudMiMboHt2YhFDmkIeh-FRYa-zkAmEqJUYsAVG7yFAcIz8rbL2OPHD_HisZW_dG0cSpM2_YfWaqpcjae0LcSg8MA2sfxeIuYzUedUt84cWmTHvntWZi2F-UGacbdOs0ZEG3nz9G8unPLRUDQ2gRAnjOXbv6kdVZjKehqvJ7vxMMGc9aPd9E7iQfG-NRGUIzsHlFINo3wrU_S4Z2n9Wn4MrWzItyOnrWa827uGLn5a5wjAeHbIrTBLWuP6ccWoGt4TAmTlJVL5d2zchQOY8VJFTZoxFiASilwCYcqHfKsQZKU82bJCXLsSYdyix7FWdVrmRSibAZph_bDjYbuUzf9wyYRNT1Dk0j_vwDIAHDiiilp-dffeCbMcc1SSSPOvdEtA1bjGLkocBd0qPtPzqejbjNgWuGEm1nR2ALE1gxBEiAQjccMcx_-oWl2o5DizxE8Zx4SMfwQBDo46vyqnAc8cQr4lphvJFoVvOrxmfSoubqHe2S0_R1RrG_7kCqspkYj0DunwXwjB0FItS5GIZDnisarmWQ0mQ7zplrCS74RZMYlpaAqG_DPyDo0IfY9TwB4X_k6trMnvYNmMO53PDsxLQHSJaM-1h1mkEMR3xERzLw8tf15ohi2fD0FAjTbLJKeUqLlU8PQyHveWAgJGZcJFYy65Iti23fbiq7Ys0EEazt1s_WNLDi1_cdLvVmRjiUVe_XB3f9d4ZFzrgxSSYVWUI0SCZ-3B40C0EmjYTpzxgRk1zfa8Ux1inZAAB9oqZxylys9cTf4vtx56gRKXjc1br7wmJcSu5SoTwvodiP7Rs-TR09ySMuAmjNNacv9WtAmUIwlCFZafz8_WA4Ea1dwi_oGLl_rlRPxUTfUf7wWRks-lQT2hL5r5DJcN9kJIivwBTo_wBbee6wUhfaxaPTHLwrgBRdRdyCrkQX4jc8UedqwLNict7irqnmtsu7B8gSVdMLqa4nK7fTwlgdOtmwUmBuSqtakwMlootOFggwlE1eHgOc_QCpmNWVKNhS3em7NCQg0y3Vpp7xm817CNrsLPIH6e2phTPN-KPLw2h8KyPJ7ascJFyLuUi5ER45iQK0QnfKQbxfrrCMFzCqSh6nc8BabYl0D6LBQLLSherhRmeLFZmcpsjoMxB-FhGGntgrinKd3y10a9ezcMeuMMPudmsbzpPE2KWaBfmpiZlFPsRvzHjg0surDYahBtnVLlBSeiceRjCiTVNxJ5wgGhjvQtnnb5wMkQQKM8tpvF8wkdnhY_jclawtRVBXJ-TH8ZOjLq7ed8mlrUxCZKZkzWIwUpaiLZ2Wy6logWhzSczL1sFLB91q_5exKSwMc4BSKZzC9Rrv-Ia8cGQREzBCnMderpig4uOMz74eKOpCot1xUPWFysjqkPd-Okb_O7lE18zzWv7LIBqY4nHko2Da2OcKk2lAHS41UniKI5h2Xky_rzfHHYSiCqXbLQVTtreFQ3jKuqtDB6OuGHE1wagJgeP618NX7kuwg9kGUXMyFtCZv8dDo3CI3Mp75en0wVACCCh_sBOi1MmEVPB4SM-bfCcN7llQGd-n-EEJVHhoBvczd623ZktSBjvunlJ1i5QosFYEsu3ehr_qr2LAy4PldPbb-_yvvsLlN3dPQCjhvysSyASEG_3fCgysqyNoF3RrHMrpW48XaAVPtSOH4CIBtfheNooIRxqzY8whkS1Ll-kOh0Gh8IgZGZg2cIaXMh7CZ3j09jkb8ACeHJocxrHMKaLvHeJSWVL_1csoTxDBh8v8OfVLNb47F07AeCOxOBuePXH7xyU274kDzWe1SQ9KaG0PjTSafADjimSZOGaIFBYYqXLmn4PMZ2MBz3xmaGg3IEzZnmueShDMxJBNSpOEREWvdNQo6k0PzJ0ZO_7hWjcOtEIZFjdV76c89T85dDjr5rActGs67G7nvdOeyxM8bbMDu58FtNVQoOKri6s1IWp3VNQrFN25_OEnrpZ-UWo2fxyKKoNo5AJr2njwr22vkOZp30OOLCgX-9JUSmUGW3dIuaeS2zN4oPD2-x4QnJPZrYG4-BksXNiBK17PunhEC6Vb81-IQ7axs4h2z1jUkGK0JBBr6rR_eZuszdeJPtkGPBwqnSV0ZjUb_oTmBevBwWrR4FvZNCMNpQYy7fFDwySKblEAHx9clxXXyz-e8KNl01IQpGDxdAmTC8NK8Bm5joIlrFML3GusayO9Ae10TdmYU8uCIQqL37q2ZwV2kIH27jB6x8l-bmdKyLOANoEbfgjRhrIg2Cs8GTBm2NLcZjkUbuPuhE_pUR7JpIB3DGuyB9zlPe5SOaz7DtboKRfPO2WjyUH50nXMeIt1V6YXfgGMcxwDsmwpXxk6icBbx956Or3UAQfN5rb81-WDjJ5uNR-3YDmleXIC9TNog2mRocR3BzE-JCd_q681jOjmKN4O0itIalHARnIlQy2hXGtFuZVHvIzcShyrwY_EYkXASe1aTEwYPnUQnXS-2b0bVSIEaAubHNsdkooZIS42Pg3uCXLMpwdkXI2dvyxksrT67NhJt7Nw5DoYiKRhlaUzXe_z55hxx3in2e7MQz8K1nka7Ok0ehx9N6kxY0w1lOk0ba3gYpNF_DM0aKQXw5GnDpzBL1J6Qpou_QtGO4MHlLqkh4TKdgIqhCk03lguGhV3vO-JvNjU33hIvP7VV_djxi9lOVO4YaS_MtC0T1waf7LP2GRTu1AN8MhsNlxfVeqhd91GFrM4CknhMw14ODLg380kzEYm6A59c-JldALm2OfJVkP2elThIG5U7Lyx0Lbiz-MeV13m87QKAe9PPGluTlIi8QMoPLRsvVqifulOsui-8Cu69CdVC0t2R4UZB5mS0sknk-wduAeam4zTgPN1h45PLx8d2BGaXv6xACzq6-Q7hZUEIBizhAR2J4yr1uv2mSejw77szeZ_I21R0y-z48jd5lqf1pEboKc82Jlq3aY3fcpzkCo2thSSch8PyZRHAfpo77Hi_g7KB4e1BeD8ZKbh1Zthx2yuPd7awd0C6AWth-Apdyn5tTagxrlbCpPFsuU8yJSEMXPsMQmnicb1EquBhPd1u37veBRvbhrehk4cWBc473ydVIdldBybZ6C3OMx98vx-vEptOlIF3H_HPD1LvDcA7HTL8MFWMqggaX3wagL6xsKXa5QymF27E9u0qWv666BJy8knaNjvxGR8m5Ht2pxnXs9KaL1hulejQvTMnrcU0kD2lrWXeempHYUnrm79A-u-0&cid=CAQSTwAvHhf__pBpiTAhPYhe_C2PYblpSxXSFQ8Tz5Lm6ekCcmN8-sv7k0gSeq5DXQVLaeoiA9OMqfgO4vIi5JBAsjtXBowBHAnxd3y6mbf64uIYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fkimetsuyaiba.online%2F&ds=l&xdt=1&iif=1&cor=13848542361697610000&adk=1726166463&idt=48&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70772f3c420fcde67da46a6e3bb56eddc04071db2742f0c345e7460ae41f1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19649
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0B24 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 693df804abd140219b1cb47412c90e698524927c723251f9c3b93353fb97d3a3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0B24 0
0 61ms
61ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CUkpGeTLIZbuxOO7Z7_UPt5OJkArJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjIwNTEyMTA2MjE0MDgxMsgBCakCXUrA9bAXsj7gAgCoAwHIAwKqBJsCT9BYITP0LlCBHC_s73joMcK3cC-joQzmpmQiylTnWMgdIdsjBWZev8Vei5C9kYA9dpGn6JOh4k-c7cBO528eR0-z2Q7QPpclZ6uS7xIIkcLgx5AWKVOV36_JP5RCvgapnUgym1Mx6LT4DNckDAr_v3TZv7mHLDgUghv4LGHq-Z_ycHNx4-WIkoHdWY0eHtZws8yhEudZ11HmoET-1yv-Iaj6MoY_Lx5l7nsYJPANHHp0Y-qNQFgQE8Vb4OG0db4dW9BYwhY7By-LNTlOMfngGMTcrCTv3Tv4fNEPqNpXiE3E357QTAUCJkmumpBUp9PDLrKAdEppGA77QWRRFgJe0v4XPZJUKnO4ysN3X6RwWrPfDI4hViSaEx5fcOAEAYAGvPiU0bK81LSHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAEBABMgKqAjoJgECAgISAgIQISL39wTpYhv7HoaCihAOACgP6CwIIAYAMAeINEwj7q8ihoKKEAxXu7LsIHbdJAqLQFQGAFwGyFxwKGhIUcHViLTIyMDUxMjEwNjIxNDA4MTIYgvNy&sigh=P0Wyg49q0Cw&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf__pBpiTAhPYhe_C2PYblpSxXSFQ8Tz5Lm6ekCcmN8-sv7k0gSeq5DXQVLaeoiA9OMqfgO4vIi5JBAsjtXBowBHAnxd3y6mbf64uIYAQ&cbvp=2&vis=1
Requested by: Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 0B24 0
126 B 91ms
25ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kreUEfFf0AKYAp2DYgICAAAASlE5R7tviCAr5a-cEHkyyGWCT1ApeHyKeSFhAAASAAAKCkFRVUREd0VCRHc&wp=ZcgyeQAOGLsIu-zuAAJJt08Xh6BW9jHHddM_nQ&cbvp=2

Requested by

Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 131337
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 96C8 2 KB
1 KB 62ms
24ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcgyeQAOGLsIu-zuAAJJt08Xh6BW9jHHddM_nQ&u=%7COWsr6%2B1RJaqefFEqTJJQ48GNu8Kmx0kN9%2FV9bpe%2FZs0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbv-ijrtW0LJYF7cugykHzstgU1_xQHWj6LMT3Gfludza6PnFn51z_Yr7nrW1X22fKIsd4WW69GVBPUxbP-XBgQt8jtyxQPLYiZOYxkfBYjdI-EUrpy1HmYpmWmpHzVbnI2mrwkthZArA3EAIHluHlfLanR8YlnpZHcD1QPXYnEn3IW9k2lW9fs7J3qjj33wyR2dZmq7W97eWiWaBTN48zClhYtDEXEA2Pua0e6sYLxjwMTUV7Fvx4tCbVgzq5TS0CIrK6FWZM-nf2A1LwcfJbvpWTky_Y5AobXvx58E1L58XAPGIGXtr13XcD1WmfSTgrWFZXrnEt4feaZgU12pIkIkV-u3n874BOdy0oOMDGCK9GhO205oHcfqrakpGuTlQ7XOK-qPBMHKDR6XUpYLfcxYi_Jqm6nm4NqP3gxSyEJ7INV-vMX_b84anJyAljNOKWex_You0RN7nh-i31chBbO1QYrNK0KgYKlOeT-5gR2ZzPEOYCK-fCVdJZRypSxH2DRjvtlORZEw6LG7otRTyLwOV5gpS9bCUP7PC85PrzQwkKfhIqejfhisDQPyWW5Z21o-_wHB2IL-o8abEAuMj4Kr0Q1FNfqciNspx1tv2kOzoNZuBkDXCVmZHKxlYgLzgWw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzvTVeTLIZbuxOO7Z7_UPt5OJkArJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjIwNTEyMTA2MjE0MDgxMsgBCakCXUrA9bAXsj7gAgCoAwHIAwKqBJ4CT9BYITP0LlCBHC_s73joMcK3cC-joQzmpmQiylTnWMgdIdsjBWZev8Vei5C9kYA9dpGn6JOh4k-c7cBO528eR0-z2Q7QPpclZ6uS7xIIkcLgx5AWKVOV36_JP5RCvgapnUgym1Mx6LT4DNckDAr_v3TZv7mHLDgUghv4LGHq-Z_ycHNx4-WIkoHdWY0eHtZws8yhEudZ11HmoET-1yv-Iaj6MoY_Lx5l7nsYJPANHHp0Y-qNQFgQE8Vb4OG0db4dW9BYwhY7By-LNTlOMfngGMTcrCTv3Tv4fNEPqNpXiE3E357QTAUCJkmumpBUp9PDLrKAdEorGi9pwfeBK6SO9SSbHXvwJFSyfMlZRybEko55_jE_ejwC2Yp_medPW-AEAYAGvPiU0bK81LSHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAEBABMgKqAjoJgECAgISAgIQISL39wTpYhv7HoaCihAP6CwIIAYAMAeINEwj7q8ihoKKEAxXu7LsIHbdJAqLQFQGAFwE%26num%3D1%26sig%3DAOD64_27qNYj3i6isnBZysYzGrtqdYlu9w%26client%3Dca-pub-2205121062140812%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Feb 2025 02:35:38 GMT

GET
H2 200 adchoices_nl.svg
static.criteo.net/flash/icon/ Frame 96C8 2 KB
1 KB 52ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_nl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-754"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Feb 2025 02:35:38 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 96C8 308 B
637 B 48ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 05 Feb 2025 02:35:38 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 96C8 293 B
621 B 51ms
17ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 05 Feb 2025 02:35:38 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 96C8 43 B
348 B 69ms
15ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=t1Noans0ozDpsArTuCK6bh_NxFlmCaxlOJ4VsabORpx8lhQ5sqaqQf3nMpp-Iikw0_tI-p4Akopf_Prw6elxPNpzyuePldVK9oyKo1kb_25Muxzvd9tSRrdo8OW8zieiyuJcxlYqJ4gs-wJ-ozCDLB6Pkf5nvOZ8aFDlOv4I-kxcgqkLw2TuCfC67v-P6mYba2m2r6eYpnJTvLebXf2521_WWeNa-LQZLw9E04TLNwxqzxhlk2FqXJh6C5XmNM0DjkAub8kqwjFyW7mleh0wPF4KbvHhLrlaqKcWxOxE5phOx6V6mIVLBn6lkLQxsHl7VNV_bYeiMgl9I4CBRngwKHL7mS_S2CwXbSEqQFtJaHxZ2BcUiAZam-sKz3Ay1SGLEo8AOZyICp8kqGNaOB-ELUa7_TWcpT09NSYgDqh2HpOlAed9C2OLD0ua6qpdZ7uxQSM8xQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:37 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2274293
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ai.aspx
cj.esprit.nl/ Frame 96C8 60 B
60 B 191ms
72ms Image
image/gif 2a06:98c1:3200::17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cj.esprit.nl/ai.aspx?extProvId=15&extPu=esprit-criteo&extLi=281143&rnd=65c8327913511c8f428fc38765526cf2&criteoid=&consent_string=&iab=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3200::17 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-et-country: NL
p3p: policyref="https://cj.esprit.nl/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-et-bot: 0
cross-origin-resource-policy: cross-origin
x-et-monitoring: 1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: no-cache
last-modified: So, 11 Feb 2024 02:35:38 GMT
x-et-code: 0
server: cloudflare
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-et-camp: 1790
cf-ray: 8539331f1d371da2-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js Show response
pagead2.googlesyndication.com/bg/ Frame B5C9 51 KB
19 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js

Requested by

Host: kimetsuyaiba.online
URL: https://kimetsuyaiba.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b36148a7ba888782e5fa1d52baa3db9045256fbea35a369412938cec151fff4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 23:45:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 96591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19835
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 23:45:47 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 96C8 12 KB
5 KB 69ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 716355
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TfVBznH%2B91eYskfXKQXomtTnc0ijAr%2BRDR6QIPQtmbJoEVRBKEQfmSOvnR5mQTS1wn1k4zjE2GISU9gf5tzOSUrmUDdGLyCXqFu%2FnjhMJOlDhd33uT2nKXSThHt0hBa0GhxtDCJwgmp3wSvYoFq4Fln9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8539331eafb837cc-FRA
expires: Fri, 31 Jan 2025 02:35:38 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 96C8 12 KB
6 KB 47ms
17ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Feb 2025 02:35:38 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 3C1C 31 KB
12 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CfMNikj6c6NPXn8kMCa6VhG3Dsv4En7fOobzswJMVXi_GuGr6Xmx9M9ifPMBNev2J77m0sLb2Tr1_PHUj0-8gfl0wERIbtPfJ2mY6MQsS5dKNvtsqavSl_sQxgp1uy2dY8AnCM4t5n3N0ux3yfReniYqUeqHulKhlUYW259AnOMPC50WQ&cry=1&dbm_d=AKAmf-D7YUESp-J-VZUnFiFRsWe7tUo_mTecCJdjuCDAszwrp4iSS2yV-y7mLQdD-Gp_0bVxSaNQQ-fcnDo0gQ1Gjri2f9OmAFEfigLVsAzaSy67VMLiSXON_uIhMUl9eCpWbAHZhmJvXUSBhm_ZoEMKdGWvGDmt8jIHgZ58js-_68lqegVzQuzPM6ynEFg3gbyGbXMr38AP8G2_SWGrjXH2G9eiJiEaiOlTlkgRIXyid2V6L2FpDjTao5zNKsp6KMkvkgWltCVoENaCen4TMjLzVrBxuXWmedSrV1Sf84Cs0zqcJeRBqTxYQ_Y1ZJfnC9qO815VS_0K56eX8FPk1S-MYjzFhwnmhK7Rms1RclGW7sJb8vtatRiHR8cQffpuA52Jeg4WNwm5ynr_TpBQj1Zp5sXJjhrM5tofhHhuMZ9VBVXNevhgR93Rvd_PDqZDl15mH-xGBPWK0F5v0YdqwvjU-mreebMlXvUeJN6IRtRy3L2e4U8I6tLSF8tGnZ_VR9s9BsRQ0EzUPUf5Pb2Ya84apPl3VrrVwvD7ni4NG4yU1CV0j_49PQN2CCH85O_hiLu_3Fot_W_bqxn8gPcI4a4NCeelZBTrfCU55kPAjjvEhEJsL0DXLkh6uAuNC27GvAjNEQkjxaDudMiMboHt2YhFDmkIeh-FRYa-zkAmEqJUYsAVG7yFAcIz8rbL2OPHD_HisZW_dG0cSpM2_YfWaqpcjae0LcSg8MA2sfxeIuYzUedUt84cWmTHvntWZi2F-UGacbdOs0ZEG3nz9G8unPLRUDQ2gRAnjOXbv6kdVZjKehqvJ7vxMMGc9aPd9E7iQfG-NRGUIzsHlFINo3wrU_S4Z2n9Wn4MrWzItyOnrWa827uGLn5a5wjAeHbIrTBLWuP6ccWoGt4TAmTlJVL5d2zchQOY8VJFTZoxFiASilwCYcqHfKsQZKU82bJCXLsSYdyix7FWdVrmRSibAZph_bDjYbuUzf9wyYRNT1Dk0j_vwDIAHDiiilp-dffeCbMcc1SSSPOvdEtA1bjGLkocBd0qPtPzqejbjNgWuGEm1nR2ALE1gxBEiAQjccMcx_-oWl2o5DizxE8Zx4SMfwQBDo46vyqnAc8cQr4lphvJFoVvOrxmfSoubqHe2S0_R1RrG_7kCqspkYj0DunwXwjB0FItS5GIZDnisarmWQ0mQ7zplrCS74RZMYlpaAqG_DPyDo0IfY9TwB4X_k6trMnvYNmMO53PDsxLQHSJaM-1h1mkEMR3xERzLw8tf15ohi2fD0FAjTbLJKeUqLlU8PQyHveWAgJGZcJFYy65Iti23fbiq7Ys0EEazt1s_WNLDi1_cdLvVmRjiUVe_XB3f9d4ZFzrgxSSYVWUI0SCZ-3B40C0EmjYTpzxgRk1zfa8Ux1inZAAB9oqZxylys9cTf4vtx56gRKXjc1br7wmJcSu5SoTwvodiP7Rs-TR09ySMuAmjNNacv9WtAmUIwlCFZafz8_WA4Ea1dwi_oGLl_rlRPxUTfUf7wWRks-lQT2hL5r5DJcN9kJIivwBTo_wBbee6wUhfaxaPTHLwrgBRdRdyCrkQX4jc8UedqwLNict7irqnmtsu7B8gSVdMLqa4nK7fTwlgdOtmwUmBuSqtakwMlootOFggwlE1eHgOc_QCpmNWVKNhS3em7NCQg0y3Vpp7xm817CNrsLPIH6e2phTPN-KPLw2h8KyPJ7ascJFyLuUi5ER45iQK0QnfKQbxfrrCMFzCqSh6nc8BabYl0D6LBQLLSherhRmeLFZmcpsjoMxB-FhGGntgrinKd3y10a9ezcMeuMMPudmsbzpPE2KWaBfmpiZlFPsRvzHjg0surDYahBtnVLlBSeiceRjCiTVNxJ5wgGhjvQtnnb5wMkQQKM8tpvF8wkdnhY_jclawtRVBXJ-TH8ZOjLq7ed8mlrUxCZKZkzWIwUpaiLZ2Wy6logWhzSczL1sFLB91q_5exKSwMc4BSKZzC9Rrv-Ia8cGQREzBCnMderpig4uOMz74eKOpCot1xUPWFysjqkPd-Okb_O7lE18zzWv7LIBqY4nHko2Da2OcKk2lAHS41UniKI5h2Xky_rzfHHYSiCqXbLQVTtreFQ3jKuqtDB6OuGHE1wagJgeP618NX7kuwg9kGUXMyFtCZv8dDo3CI3Mp75en0wVACCCh_sBOi1MmEVPB4SM-bfCcN7llQGd-n-EEJVHhoBvczd623ZktSBjvunlJ1i5QosFYEsu3ehr_qr2LAy4PldPbb-_yvvsLlN3dPQCjhvysSyASEG_3fCgysqyNoF3RrHMrpW48XaAVPtSOH4CIBtfheNooIRxqzY8whkS1Ll-kOh0Gh8IgZGZg2cIaXMh7CZ3j09jkb8ACeHJocxrHMKaLvHeJSWVL_1csoTxDBh8v8OfVLNb47F07AeCOxOBuePXH7xyU274kDzWe1SQ9KaG0PjTSafADjimSZOGaIFBYYqXLmn4PMZ2MBz3xmaGg3IEzZnmueShDMxJBNSpOEREWvdNQo6k0PzJ0ZO_7hWjcOtEIZFjdV76c89T85dDjr5rActGs67G7nvdOeyxM8bbMDu58FtNVQoOKri6s1IWp3VNQrFN25_OEnrpZ-UWo2fxyKKoNo5AJr2njwr22vkOZp30OOLCgX-9JUSmUGW3dIuaeS2zN4oPD2-x4QnJPZrYG4-BksXNiBK17PunhEC6Vb81-IQ7axs4h2z1jUkGK0JBBr6rR_eZuszdeJPtkGPBwqnSV0ZjUb_oTmBevBwWrR4FvZNCMNpQYy7fFDwySKblEAHx9clxXXyz-e8KNl01IQpGDxdAmTC8NK8Bm5joIlrFML3GusayO9Ae10TdmYU8uCIQqL37q2ZwV2kIH27jB6x8l-bmdKyLOANoEbfgjRhrIg2Cs8GTBm2NLcZjkUbuPuhE_pUR7JpIB3DGuyB9zlPe5SOaz7DtboKRfPO2WjyUH50nXMeIt1V6YXfgGMcxwDsmwpXxk6icBbx956Or3UAQfN5rb81-WDjJ5uNR-3YDmleXIC9TNog2mRocR3BzE-JCd_q681jOjmKN4O0itIalHARnIlQy2hXGtFuZVHvIzcShyrwY_EYkXASe1aTEwYPnUQnXS-2b0bVSIEaAubHNsdkooZIS42Pg3uCXLMpwdkXI2dvyxksrT67NhJt7Nw5DoYiKRhlaUzXe_z55hxx3in2e7MQz8K1nka7Ok0ehx9N6kxY0w1lOk0ba3gYpNF_DM0aKQXw5GnDpzBL1J6Qpou_QtGO4MHlLqkh4TKdgIqhCk03lguGhV3vO-JvNjU33hIvP7VV_djxi9lOVO4YaS_MtC0T1waf7LP2GRTu1AN8MhsNlxfVeqhd91GFrM4CknhMw14ODLg380kzEYm6A59c-JldALm2OfJVkP2elThIG5U7Lyx0Lbiz-MeV13m87QKAe9PPGluTlIi8QMoPLRsvVqifulOsui-8Cu69CdVC0t2R4UZB5mS0sknk-wduAeam4zTgPN1h45PLx8d2BGaXv6xACzq6-Q7hZUEIBizhAR2J4yr1uv2mSejw77szeZ_I21R0y-z48jd5lqf1pEboKc82Jlq3aY3fcpzkCo2thSSch8PyZRHAfpo77Hi_g7KB4e1BeD8ZKbh1Zthx2yuPd7awd0C6AWth-Apdyn5tTagxrlbCpPFsuU8yJSEMXPsMQmnicb1EquBhPd1u37veBRvbhrehk4cWBc473ydVIdldBybZ6C3OMx98vx-vEptOlIF3H_HPD1LvDcA7HTL8MFWMqggaX3wagL6xsKXa5QymF27E9u0qWv666BJy8knaNjvxGR8m5Ht2pxnXs9KaL1hulejQvTMnrcU0kD2lrWXeempHYUnrm79A-u-0&cid=CAQSTwAvHhf__pBpiTAhPYhe_C2PYblpSxXSFQ8Tz5Lm6ekCcmN8-sv7k0gSeq5DXQVLaeoiA9OMqfgO4vIi5JBAsjtXBowBHAnxd3y6mbf64uIYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fkimetsuyaiba.online%2F&ds=l&xdt=1&iif=1&cor=13848542361697610000&adk=1726166463&idt=48&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69f5d3191dc883795ffd06149c49d8b097e4aa1c053433db3f2531d3d6074d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 01:55:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2421
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11930
x-xss-protection: 0
server: cafe
etag: 15760894069517589058
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 01:55:17 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 3C1C 41 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 19:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 111527
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 19:36:51 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzYxODkzODU1NzMyNAogIHNlcnZlcl9pcDogMTQ2NTMzODk4CiAgcHJvY2Vzc19pZDogMzMwNTg4MjIyNQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3...
ad.doubleclick.net/ddm/activity/ Frame 3C1C 0
476 B 55ms
54ms Image
image/png 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzYxODkzODU1NzMyNAogIHNlcnZlcl9pcDogMTQ2NTMzODk4CiAgcHJvY2Vzc19pZDogMzMwNTg4MjIyNQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly96YWxhbmRvLmRlIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDIKZXZlbnRfaW1wcmVzc2lvbl9pZDogODc1Mjg0NTcxNTYxNDI4Njg5MQpkZWJ1Z19rZXk6IDEyMjYzODYxNzMzNTgzNjMxNzk4CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMi0xMSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMyNzY4MTcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzNTc2Nzk2MzYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExMTE3OTk3NDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjA5ODkzNDYzOTkKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0NjcxMjAzMTcKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vemFsYW5kby5kZSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3phbGFuZG8uZnIiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly96YWxhbmRvLnBsIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xae49f3c248190bbe0000000000000000","13":"0xda76d104d68743160000000000000000","14":"0x66b548900dbc71d20000000000000000","15":"0x2afa37cceb9630060000000000000000"},"debug_key":"12263861733583631798","debug_reporting":true,"destination":"https://zalando.de","expiry":"172800","filter_data":{"14":[],"21":[],"8":["3276817"]},"priority":"0","source_event_id":"8752845715614286891"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg Show response
ads.revjet.com/ Frame 3C1C 43 KB
18 KB 120ms
47ms Script
application/javascript 168.119.0.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 168.119.0.148 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.0.119.168.clients.your-server.de
Software: nginx /
Resource Hash: 1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Sun, 11 Feb 2024 02:35:38 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Sun, 11 Feb 2024 05:35:38 GMT

GET
DATA 200
OK truncated
/ Frame 3C1C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 687e775e1675c7eaa92c86248950444ed464911fd81485d88747cacfe7332422

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 96C8 11 KB
11 KB 77ms
26ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=92&m=0&partner=3130&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3130%2F230301%2Fdd1660c0258a40098fd2876e067714e4_logo_n_horizontal.png&v=3&w=668&rid=4&s=m2qTYQXRD5m_lLJtZ0Z4RHpN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f52d7663171b52c4e3263764a924f8e9f5939cd1084e6cba934f915ea7ceb8bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:37 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 10851
expires: Mon, 06 Jan 2025 06:52:19 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 96C8 2 KB
3 KB 66ms
15ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3130&q=80&r=0&u=https%3A%2F%2Fesprit.scene7.com%2Fis%2Fimage%2Fesprit%2F992EO1G310_001_93&v=3&w=400&rid=4&s=1uT7z77YYmikw-mjVlwi_jj2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

67906bf3e331f66660124f968c0e8e2496abf0075e9447685c79e2c84441bde7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 2550
expires: Mon, 06 Jan 2025 06:42:50 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 96C8 0
128 B 58ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=zHWneBpoo2AfdUv4-RW3XiwtEJdIeEGZvh3u34hyq8_f-XU4klkyBHoEFAOs-EnRVLGe5Loap8fAi2evMyP79SSbr5g6xb7hvIVyvxrC53qvG-GN8Xh1J9e-OYSbwW9SAk5AEjpyGiUjJaHSO9L8zdUWfiE7YAvws5D-aF3A7_eEhREV2F125QWDLW1QQ2yRGIuFVCn_-xJHdvgpChd0r9_bMFcvDRHF26vRDGVcG7x-Pnk9S77eFOEJjdc&sds=2&rev=90562.7&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 11 Feb 2024 02:35:38 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 96C8 2 KB
1 KB 20ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Feb 2025 02:35:38 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E0C2 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B2jNLejLIZdWnCOv-x_APv9Os-AoAAAAAOAHgBAI&bg=!jo2ljcLNAAaxkZ3akZE7ADQBe5WfOFTYHJx5jk6z_fWKH1ckBoYu-Ct8vLpJXiK9aGWekUU_FDesucn0MysqoUvixdYKAgAAAK1SAAAAAWgBB5kDI9aLq1_AO3UfmjT2QlmdMKrrPuspDynPBMDPqBMuFqA2jp3yRzUvh8W1Tu0gIf8sGNNUzyvs8Kt1tfywwylmLFuxpWK0ZVPIBfDTkqIu7JGgbE3dMB9r0OnqkcrjIpJJiNcQURvM2lOPI_u7XWkZp2J-YK3NVnUj9DppUX0j4VJXZbFwZxycOIgzDBxZX6tumIVGFoKGHfxh0sBXJlkUNHWkxb3lp2Uc5rn8iFTu7WXq9HSefdd2Di36bjUMw8hm5aJPJ2jYc124TIXh2B2cNyfPy6TmxpZnAjzweAFnfq64VhdpOP6GKY1cRAoyGq9oyzVFEkNew07MluU3J4HTsMm2RpyISeNMEU6HkmoQgHFb2xtrWzr3iyAZ2nWa3c0mG2jsrg_ERMVSZYe-6UAAdkCEIoIDfBqn5OWCTWWufaKL95ikUXaZclPanXqlq91ywuXXHSn1saMvXkH84dGJuYRasb0EHHuqJZgQrwZ586Boi7ngCHUDNSOtv0BWRhqwDi-1PMyHIdXIeBG7A9RpW8_JIoPjedcS71dFxLon-9TfvIXgAJj9eBpOEky69U8Dck2_aMpPJ2ywnH5mFvlHiznHYu4H1nN-bsKZE2SWBh_P-3gMhmyIDTuihTgRCOKzoGb6WzZOV6G7UJtffiL267L9Tgg3smZXxuEU2dVyXR0m9FClcd1gC0mPlxfgxK-URiramO0BiIBAUyu3XSeYqRbSQhwhe3W8JxpfClzwJ8jcvsgEqiK9mmVM192gQb_gzx1KAjYwBBcGBt4gnbJ5xP3tzgJgTNhC-xM8Db81pcj5_bqUfwFSZ5h_B4Uq6m5fEE3na0WZH5jyXEXT82I6FistgfM2UHsVR-4KUY7PHhnO81inl2hdZ3Mp24GLfGpZ1JM90HP1rWsuEdLrTiiy1hybff3oh-D94x8Oh2yby0FuRdWBfMTF7xg59FM6qtLgYRr7Z8ipUeI9rMZ5ZEr0AWOLNMzEOTKVrGDLVG7VoGuCEXPzVwoA5L7Daqkbk3xmvmZV1_YruORLYnijLCjPOXgDo90FcpudFHNu_EyKyhYjOwQ-

Requested by

Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 90CF 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 93888
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 00:30:50 GMT
expires: Sun, 09 Feb 2025 00:30:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900018.redintelligence.net/ Frame A58D 4 KB
2 KB 73ms
27ms Document
text/html 144.76.91.199

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/request_content.php?s=41942700006765204444474012597018&a=cf8409d8
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=kqb6i1ypdv7u&nw=20&renderingType=javascript&namespace=ab7401ef4e&subid=&uid=c4a7af3dfb91c860&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu_KNeTLIZdLnLayh7_UPt6ywyAPM-Yagaau0x__3D_AuEAEgsZPteWCRBMgBCakCXUrA9bAXsj6oAwHIA5sEqgT2AU_QS2IJZzoVeIKqIFbHfQvSutOyYd4wzeZYpMdfkoEq-DmO9yhhGK498aYC9C9VsPfMDryAa00F_loFV2qCJSqmQErCjY8NwKJXuR_ho2bi4lM0hquzeEqlVqps2mUNmDCSv7OD5HwcXB7ChhDKcagWZvWijoF4YIQliXSua0l9RqKvACx5OW3p8dThGo6zzxB_2kH3zflhawK-yNeF8sct4D9wvdW9Ha6GKDVFk_TMPmInHjFJGDLQI5rGvzOEtpA1zvg-SfwJrMXIhmD09CAj5okb5PYGfo7NPpVGOxprZeU5cElQ88eEMHfduo5QPOCoDn4SMsAE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYqfrHoaCihAOACgOYCwHICwGADAGqDQJOTOINEwjHocihoKKEAxWs0LsIHTcWDDmwE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwGyGAUYTSIBAA%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_RM4LsHjbOVe1UU-MvTHt1GXGf1w1ISwgjY-9z1BU02cxfUsDq5FwSCWopfz7iRVCx8JGFqTkZbm8ZKwAOEsNODdj45gwTDozolIYAQ%26sig%3DAOD64_10ssyIYBpYHKgmLy6sD8U237m70Q%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-AfM2YMuq5wuErzhaETbWSHIHhMRXe-bDOAto5_zYBI3DOAvDHbFA_BOCUXU_cdl6MD6VzdHM0wr6uRclG7sKtLaLNJylwXbTHBjXVJfmvipeLXRnJdY3M9mKTmTaxjsVB89H3oCp2-5dLrq-eUn4hkHJau1J45qaK620ixXRfAeMbr6ug%26cry%3D1%26dbm_d%3DAKAmf-BbNnZv3wNxElnaE0cHrrd9YP6kzzqbNBJyODnJQdvsi6T9bE7zLiMp52-tXCZkvjGcZRfXm7iU8vniy5mdsFG-K9tR80BCiuxtIabC1stoaZCTsqZ_azvZGXZDlN5rDR_ZWAGBn0m9_TKi7FxjiRYcFDFIrGeOzS65cZ_-HF_9P0MpNb7jSI0hb6S0RhFykm9k1-q88fCtACpEGqsy6mUqLyAFu3PxPO8J1P-PnMVtcVopI9IaFpF_zkiw9f-sxWtI_w4ZdMEuqkZWzGjP1PCXxd_fJT2K0vYcB2eYxyLOlcBf7OgktGs_i4p0cmgiduJLgiS1lTPUBXdX2jyVKf1smZxFcwqN1lTKRIpa4nMXQd2KnltDU5NFN_FraTAigm6kp3vPPouqREPwPDaiDqvKfwmPqo80MuGF_zpgXIR1fuIKwrotQWPLHP01W4s755KAjdYcR8rAUzgW1ohMV6QEEnUopFHJ0BCImMTQCKWzpBWaBEMGfSa9k5QNXIT6fJkg0F_M0RcgYxmuTwdMennDw3Faa1wIWTim0wtvZ1M3VxenfYp8u9el2LT2XfKDxOwUy8OL%26adurl%3D&documentReferer=https%3A%2F%2Fkimetsuyaiba.online%2F&ancestorOrigins=https%3A%2F%2Fkimetsuyaiba.online&random=9765430182956&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 Bad Bellingen, Germany, ASN (),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: dda3f628ca00057595da5d1300d821318955ed174f2b3912033c138a336cd311

Request headers

Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1414
Content-Type: text/html; charset=utf-8
Date: Sun, 11 Feb 2024 02:35:38 GMT
Expires: Sun, 11 Feb 2024 02:35:38 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame B701 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5170eecac43a311dd69405e7d79ba4e091ed48b4381621a433f6aa5d2ff9fe98

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 96C8 2 KB
899 B 17ms
16ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Feb 2025 02:35:38 GMT

GET
H2 200 opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame 96C8 2 KB
900 B 14ms
14ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Feb 2025 02:35:38 GMT

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 90CF 39 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 17:53:28 GMT

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 96C8 16 KB
17 KB 53ms
26ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Feb 2025 02:35:38 GMT

GET
H2 200 opensans-700-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 96C8 16 KB
16 KB 29ms
29ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-3ff4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Feb 2025 02:35:38 GMT

GET
H2 200 rectangle.js Show response
cdn.revjet.com/~cdn/JS/03/3.5.2/modules/ Frame 3C1C 20 KB
7 KB 84ms
14ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.2/modules/rectangle.js
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA2) /
Resource Hash: 5a1ddbeff783a01f29d36d8bb187a62d9cc8fffe95616aba3cd5fc080b9e16d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
content-encoding: gzip
last-modified: Tue, 23 Jan 2024 22:00:26 GMT
server: ECS (amb/6BA2)
age: 536
etag: "65b036fa-4e4e+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7257
expires: Sun, 11 Feb 2024 02:45:38 GMT

GET
H2 200 sync.html Show response
cdn.revjet.com/~cdn/JS/03/ Frame 3090 2 KB
1 KB 79ms
13ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2F3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B83) /
Resource Hash: 71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7

Request headers

Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
age: 125
cache-control: max-age=600
content-encoding: gzip
content-length: 942
content-type: text/html
date: Sun, 11 Feb 2024 02:35:38 GMT
etag: "64e38302-744+gzip"
expires: Sun, 11 Feb 2024 02:45:38 GMT
last-modified: Mon, 21 Aug 2023 15:30:10 GMT
server: ECS (amb/6B83)
vary: Accept-Encoding
x-cache: HIT

GET
H/1.1 200
OK S-336x280.gif
cdn.contentspread.net/24i/content/soberfb/EN/ Frame A58D 77 KB
77 KB 94ms
34ms Image
image/gif 85.114.131.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/EN/S-336x280.gif
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=41942700006765204444474012597018&a=cf8409d8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21037.dus4.fastwebserver.de
Software: nginx /
Resource Hash: 0a946d52ac8890900833e2996c926ddabba3d9aa7dd4d9d7a1b4e5cd1db8dd34

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900018.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sun, 11 Feb 2024 02:35:38 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:52 GMT
Server: nginx
ETag: "5b55f218-13517"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 79127

GET
H/1.1 200
OK viewability Show response
hal900018.redintelligence.net/ Frame A58D 0
150 B 70ms
25ms Script
text/html 144.76.91.199

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/viewability?s=41942700006765204444474012597018&a=ba1c15e3&vb=m
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=41942700006765204444474012597018&a=cf8409d8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 Bad Bellingen, Germany, ASN (),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900018.redintelligence.net/request_content.php?s=41942700006765204444474012597018&a=cf8409d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sun, 11 Feb 2024 02:35:38 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame A58D 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 90CF 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BOs-rejLIZYyCIorc7_UP8YSvqAwAAAAAOAHgBAI&bg=!hYalhsnNAAaxkZ3akZE7ADQBe5WfOMLdF_IDx2aUDE3SCQwyMf9co6zAh-bodD7MCx4mqH-Y85ZccqRIfViLO6vzdgMuAgAAACpSAAAAAmgBB5kDVo6ID3xaqpL0cp8hR_bo4qAA-3Qq9uABG5JdkvBzZn6sdX92PMj0w-rpBCfNKbxKhvWdEvqzpJ7MQUZps5hdwvWCtUnC1ulPa6jeQk7wXiC6a5QEdRJEqbkxroi423nhwe7Zi-cm2kzGTvnXiRplAhj0DdopNfrMB1UWJA5x-CeQpKXhwGeOQeRj8lSXZQwSYCsEsbo7jv1ud8rhEaMqePNmel7-1UMwIvOVp28_h1RdpAPPpI01eoldbZ055iD88WbQCLYscZJ1RXKdzs0tHbUxhgOT5LtAAYFAaZxEXUrFNGsG4JGE4-tIPpTWmiom-I-p34Cn2TgXOnJ0Z0F9dpOF_RuXXZrWsoyNNCTk0PmH6FtFJMjfgSxGHjtD1LsevmuI1YO3JGdrgVM3dOW80-S1zt-QoVhYtv42UYJc104LVCPVB-tRGnmnTFUmxTCQZ2X3m5PDzR_um7T9CFfTyueTr1adlQcfEwerYfVSXHJnbwoXOjVaurfLZHp4k0gfzGvOKOjNRhp9vsQfQ1kEJvvMPRnzbHeeHoOx_ioKK0HvkVDe_E9d6X6fPu-KBGMp5aNYaPo7YTfPYzAqXWNbC9WoYL3tYmq0DMPNzsqI1O8F5SEEzsOZjR6iHKW9-qOiRZzOj3UaKPqBrU6Lq3Zvusht2WJBS1J4V05WBPZuFb0Nana7gf1k5kHo_t3hSr0EniSrJNYtTHqMmrwiiRdCckJFunNv8RBtcUbGiTi8n8140s_KRLFai12MMKiDc6iH9A6Wf3Fk8Cpx2GfRcMELvDCzYv1FZcPBk79WhIOF_FsnWbK7AAtoztt3w9tcSua6ZjFgzshoOlLDsUg-xKClQVpHtmg8-hduV8DOMIQPahqQ05a9QLY8uo4g8u5W4g9CwY6hoMFta7sYwilPppml9Ba6l7ivEkZCBtScYVc8kA_G7Xj68fNlxCHIk4SBW8rxFQ69wWuxd54szsat-F6XXiidkK2AnXGR4JK5EWzXk9W3s6ofzUW8m8Q6WWG7-r09d7Tv8APxec9UkeUxqOXZWZAkKqhkOVdxD5Tyu3z01QOcZHT54XshJKvus_Ay88QmZzKU9XFTboAFBe4dJXJ4T1U5gy0I42CNPau0n8J5XtPhMkXO0dto

Requested by

Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag236643 Show response
ads.revjet.com/ Frame 3C1C 245 KB
40 KB 44ms
44ms Script
text/javascript 168.119.0.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag236643?_plc_id=111757271&_key=b8f&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTST9eTLIZbqxOO7Z7_UPt5OJkArtuunXdafyyoz1EvAuEAEgsZPteWCRBKABuayQiynIAQmpAl1KwPWwF7I-qAMByAObBKoE-gFP0D4M7eZBA-K4YvknH7dwZRcZMUFn7RaPn4zD8_O1wxurKUzMczBD1vNimMopQE_OAI19Z9NYptbDfWHRA1tpnkqrLKcwyb4nV2f5sUEyWEacYz1LYh84hPelEz7Jalf_hkyHYjBAB1jwru_0w-j6z5KdUgaZdZ3xl00Ba3utT00H7VLFWJeleTDmZe4IfoeCfuQwVTZbcwIwGQU9tvCvG-lTvBuujzF3Ef8wMDlJxjlxnyLl86SdjZKZTI4BzwrpSyFO__UgkNU43MiOjwZ3OdV9s3Hn337A3viVPAS9UNh89R1tDJcN5QEOQvvflEqM2e3OfOhfSvv_wASOhdWLyQTgBAOIBd-EwJhOkAYBoAZNgAe55ODqA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOliG_sehoKKEA4AKA5gLAcgLAYAMAaoNAk5M4g0TCPqryKGgooQDFe7suwgdt0kCorAT6tXUFtgTDYgUBNgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf__pBpiTAhPYhe_C2PYblpSxXSFQ8Tz5Lm6ekCcmN8-sv7k0gSeq5DXQVLaeoiA9OMqfgO4vIi5JBAsjtXBowBHAnxd3y6mbf64uIYAQ%26sig%3DAOD64_0PZNbwJScHvFtp1ro64DUTEYHZpw%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-D8VAEXZU5JT_heDXZDMktZud2SrbI0QbU8roR5FSpJwhzh_4tVBdcwF_givTsmBRvYPZi2nQtwlo56CSo1QMMJoO9EbvjoZsqzjEF6tSZ7wgFea-ngy7VmjcPskdVFTK0Pd1JChvOTv1EMvEvWjUCrxwsWg07bEMMRmbrZtcGLGteQ0iI%26cry%3D1%26dbm_d%3DAKAmf-BUL84W4VobsIiTxTiEZzdPZ8nA1vmtvTYAH1GshJE1VeI8croJby-HOCws57ZAk4EuucVcI255ucwXn_9PF1eDLMzubje7XOqWmfb4Wtq8tr6WvghxE6Y9Zu4sP7V5rt1JouxCqktm3E9xz7JoLJK36p_NqmMr4JReuNVTHrnXJJ53rK2doyEVBzu55JDQ1H6CWlNezeo0LzXlOsRo88UqWmnyVgkTZ49bdOpfCp25cFxUAgnDXxbwX2Rrmx4oSVwBn9ia3D_NFj9yFS1pSg7cszTHWGYTSstVIZWa_9TC_jDoj8H6tN8r5djHRO3Bwl21VLzOfhyny6LKzlnfIFCsSn3PfuALWQVwyW8vkPUhVEz8PruWTJ2BaxZHN7SxngUc-kdMgJVllMmys3DjtGUjNjp_9hEAENRkdakEw4GAcIwWf2T01I2I16Mqb7Z457zNyInXHgD66xEtuH3Ztwq3DEuBgyEl3NtCsdrej4P5m34iQakhqE0P8W-gISJImw73jh7R0WOaNaFZ9ovLuh6yj_JiBtKybrUGWm5qAOj1LBQ4YB6wmgfdGel4CN7Gb_mHUFG3%26adurl%3D&dv360_cmp_id=20989346399&dv360_li_id=1015707858&dv360_crv_id=467120317&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2F3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&_js_site_ref=https%3A%2F%2Fkimetsuyaiba.online%2F&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=fc3153ec35bca2d7577_1707618938850&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2F3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fkimetsuyaiba.online&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.2&_js_tstamp=1707618938852
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 168.119.0.148 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.0.119.168.clients.your-server.de
Software: nginx /
Resource Hash: 755707db2083412d39df9683f0e5fea18cc6782e81718c9e4d59db1ce72ab16e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: adscsp1-1.sde10524
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
53ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402080201&jk=500805677477176&bg=!8fKl8r3NAAaxkZ3akZE7ADQBe5WfOMp9rW6PsDlLcqXCGLPmL3mblpFhEntrhkWbCFuNfDm3CgYfLFEd5MP4ARuzIjQyAgAAAKlSAAAAA2gBBwoAtssHZKhEJ9L5SYFUJVZFANR8sR3-6Kl9p6_HwLWhWQ66HJDsG22gRKAA29mTvnSzaK7rEL8Jc2FlaIKfnrxf9cmU6coAWCkRFtMe-1zL7vuaz8VYLB_2qvtR-nbJFJUna4rFypQ-SXappZtZTZWP2DZV_pX5lddiqMQR_fhTDwIzG3Op8yqN_T_9l0uibqPJSotMxtOvN_RHyRYy5jdgQ1WDJz4IBm6uXLLRm9uGa7AdoxTH18yCmQLEcqEilZMMTeMY67bzAu5TNrZ2dGQVS83RbyES6UUSdDIHm-sG0X_Ph-rIGb5zGKeqPAH9RvYMFGMEcXOVr1m9mpTzomUbyh7qKHeqxWvcNv9wR65rQMM1LotLJdqoRUbtCSvpfYUgUMTUD5qKV_CcivvIF1_8QUBtMZRiKKCf2j5hHrxRWP3CpvlK4elL_VRGByxQ6W1M7f7ErsstF2KyXg5zYcvKf6TujTZVqAZgwUP1ZvzNNlt83wQfvGMnHVK75xTaGM6meiua5TyL9Hb5OxoQcnYgJS9TKx3RVIc0mnz-c_uTUndVpg6_oVIYhiRZYSaWmPz4SYZD2emXZ48-L2fgOHqQG1iekBjR4mvg4gdKY5DfAxjJu9HTcGKkGhVqrjHtl2Dmj1LqBvU0H2UmZQjIO7OWtMShuKVKshg0YJDTDuQsn2LEIbGkul_ImDDutMFlBzdSxj9aa-iqENZyJ9eiwrHbE_rrf7uUSSCLKg_AAhRgFMwA3QGyMuejhrdJCt7WH1ccu-VvBF5EpIAzbp_ty-NFTodN0Hm3ETy-XZbV576cvrB9dUBpFnDMQ78OTgMuVm0535h_kfeQopipmfhGaMBBE1-VDk_bZaBaqzs4OuRN8s3UXKUlUxng8IzxPvrE2VTZmsmR3emDOsLqLgwik5SId_B6WrOX0ENq_fCeiEShmehiTPf1FqD39z3g6T91HZqRreZN21p81bt1PA4D2vPBdrOWYbRWcmUP0h2W2C8x630ZygdHeE5jfBp8QrVPtylYqLtgcnx-W67sjU503xDqRHMppkuLZKs-rVI_8hpTq4vi0hPKPO8jLe4te83P83azHdkHAhtgi_f5OEOa44uwQpbiE1N_0KC3ecjg_c8_IGQXd9TDDi3odDKFeHA5Pfu1ROuMr4wcZCQRY2QyYZ26cSJl-V0fd852znRHlEYq
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kimetsuyaiba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 elements-2.12.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 1D26 170 KB
50 KB 67ms
27ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBC) /
Resource Hash: 6ffe3e06e87f10c9951b52db90f612780366c729ce623b70a95897818c8094b8

Request headers

Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
Origin: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
content-encoding: gzip
last-modified: Fri, 26 Jan 2024 18:05:26 GMT
server: ECS (amb/6BBC)
age: 214
etag: "65b3f466-2a821+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 51382
expires: Sun, 11 Feb 2024 02:45:38 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame 1D26 43 B
170 B 98ms
24ms Image
image/gif 157.90.6.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=03a1e0cfc53013cdd2493e4efbf8f5d1&__adt=8240603838312093558&__ade=1&vid=5110160633987674093
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.6.85 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.85.6.90.157.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 11 Feb 2024 02:35:39 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 gallery-2.1.9.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 1D26 56 KB
15 KB 14ms
14ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9B) /
Resource Hash: 4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 19:13:24 GMT
server: ECS (amb/6B9B)
age: 18
etag: "62717ed4-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Sun, 11 Feb 2024 02:45:38 GMT

GET
H3

200

B29251383.357501253;dc_pre=CIWkkqKgooQDFUKOgwcdi5YAtg;dc_trk_aid=548435067;dc_trk_cid=185424923;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1707618938876
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame 1D26
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251383.357501253;dc_trk_aid=548435067;dc_trk_cid=185424923;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17076189...
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251383.357501253;dc_pre=CIWkkqKgooQDFUKOgwcdi5YAtg;dc_trk_aid=548435067;dc_trk_cid=185424923;dc_lat=;dc_rdid=;tag_for_chil...

42 B
64 B

39ms
39ms

Image
image/gif

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251383.357501253;dc_pre=CIWkkqKgooQDFUKOgwcdi5YAtg;dc_trk_aid=548435067;dc_trk_cid=185424923;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1707618938876

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:38 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251383.357501253;dc_pre=CIWkkqKgooQDFUKOgwcdi5YAtg;dc_trk_aid=548435067;dc_trk_cid=185424923;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1707618938876
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1D26 49 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 162455845.woff
cdn.revjet.com/s3/fonts/162455845/ Frame 1D26 470 KB
470 KB 46ms
15ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162455845/162455845.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB1) /
Resource Hash: 6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35

Request headers

Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
Origin: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
x-amz-version-id: kVq59ccinPiVDgarv_TkFQgofQrkf2s4
age: 38191
x-amz-request-id: 7ARZXYF7BCHGE181
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 480984
x-amz-id-2: ZduJP+AF7H1XJ00eKBMa4a5nUDOwXD53gqoWzurAlAeKLTuciWPcfDPZ1b1Nnfi9kO/R7/sDVw0=
last-modified: Thu, 16 Nov 2023 19:47:31 GMT
server: ECS (amb/6BB1)
etag: "a7d9ee6baf67661e8e26d1e5c04f7fd5"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 12 Feb 2024 02:35:38 GMT

GET
H2 200 GeorgiaW01Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/ Frame 1D26 33 KB
33 KB 57ms
41ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/GeorgiaW01Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB1) /
Resource Hash: ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5

Request headers

Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
Origin: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
last-modified: Fri, 04 Mar 2022 15:24:09 GMT
server: ECS (amb/6BB1)
age: 81
etag: "62222f19-842c"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 33836
expires: Sun, 11 Feb 2024 02:45:38 GMT

GET
H2 200 162453298.woff
cdn.revjet.com/s3/fonts/162453298/ Frame 1D26 13 KB
13 KB 30ms
14ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162453298/162453298.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B88) /
Resource Hash: 489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036

Request headers

Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
Origin: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
x-amz-version-id: .Is8JR1jYDeMhMM7ZjPhsnsyUTdaBiJa
age: 31427
x-amz-request-id: FTQ7PK9WP7JNMXEE
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 12940
x-amz-id-2: zedzHceWObv+lYaJRhIbvcQS564esHUMsZEnqjMVk7FrchwTBtdOoA/YB5g5Ijp3j6ryzOJgQkg=
last-modified: Thu, 16 Nov 2023 19:31:22 GMT
server: ECS (amb/6B88)
etag: "31b663ffd91c821398bdd07236df4b22"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 12 Feb 2024 02:35:38 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame 1D26 286 B
563 B 14ms
14ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9E) /
Resource Hash: d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:38 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 14001
x-amz-request-id: 98CWRX85K9A4CGS6
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: CcAfdanegoItbJQvaCDUyEanotbPCQlGtdVb1DUBJIr2Nijs9yRFhmTAGIPE3S7JKU6RRGP6Mq4=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (amb/6B9E)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Mon, 12 Feb 2024 02:35:38 GMT

GET
H2 200 542210746_f16c85446abd43a8a70f5a3b1294c96a.jpeg
cdn.revjet.com/s3/csp/1706578978096/ Frame 1D26 39 KB
40 KB 14ms
14ms Image
image/jpeg 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1706578978096/542210746_f16c85446abd43a8a70f5a3b1294c96a.jpeg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B7A) /
Resource Hash: 5a7786e310d161b114c0b238d1c28d4b28def027e456897e5abf476ca198879a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:39 GMT
x-amz-version-id: Eof907eC8VLUH69tMtp.JRYFa7w1Pc3w
age: 34866
x-amz-request-id: 0BJEQWGTHEN9YBKY
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 40221
x-amz-id-2: Vj1o8zn4Re2BPOkQC6tQ1BaAamG9p4F8f7c8ivizPeFJ/6idj7DXpnr/MR9JczMVkld/WosX6Co=
last-modified: Tue, 30 Jan 2024 01:43:00 GMT
server: ECS (amb/6B7A)
etag: "b05ce280af3569296a4c58873b270605"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 12 Feb 2024 02:35:39 GMT

GET
H2 200 logo_word_black.svg
cdn.revjet.com/s3/csp/1662732637080/ Frame 1D26 3 KB
2 KB 14ms
13ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637080/logo_word_black.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B89) /
Resource Hash: c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:39 GMT
content-encoding: gzip
x-amz-version-id: 6dP9WoKtkjdaRlsO3V7DUipbqdCKLzpR
age: 73272
x-amz-request-id: 3N6C2HW8J8TSHVW3
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1556
x-amz-id-2: /ipsMiX6fe6Mr8HpUdffcTqrSPCQjxiEsirosAL+JLpf6vkCuXc6LazrJ4UC3fUDuAN311kvUi4=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (amb/6B89)
etag: "4e3f110ca066e6b8dc4a9827ae6e6f50+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Mon, 12 Feb 2024 02:35:39 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame 1D26 632 B
626 B 15ms
14ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBA) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:39 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 13150
x-amz-request-id: Z3C48FGP07NX0MDA
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: Y1eQiE58wi3Pay2nwldRRcMO/7l83+1t0YVxkoKdMxqtNjCQ/gCt7rY8MRwRjDysdQ+utnDk6Vs=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (amb/6BBA)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Mon, 12 Feb 2024 02:35:39 GMT

GET
H2 200 Logo-Wordmark-White.svg
cdn.revjet.com/s3/csp/1680256735421/ Frame 1D26 7 KB
4 KB 15ms
15ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1680256735421/Logo-Wordmark-White.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B72) /
Resource Hash: 63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:35:39 GMT
content-encoding: gzip
x-amz-version-id: AwNg3pZ_b3UTO1Gv2fLqLaH_CNFtNLJM
age: 13992
x-amz-request-id: 4K28AKKAPA5SVS4S
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3628
x-amz-id-2: ZAFQsYYBa4CNbZ0XfQpa0eLmrC40GHN0KUSl5VlZV1fCtRKme9EUgQK8u8uAwnwB7xQl3mx+3pY=
last-modified: Fri, 31 Mar 2023 09:58:57 GMT
server: ECS (amb/6B72)
etag: "6802dc95d8e5a742e4e3e3e09650a7c7+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Mon, 12 Feb 2024 02:35:39 GMT

GET
H2 200 1000
pix.revjet.com/interaction/ Frame 1D26 43 B
169 B 24ms
24ms Image
image/gif 157.90.6.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=03a1e0cfc53013cdd2493e4efbf8f5d1&__adt=8240603838312093558&__ade=1&vid=5110160633987674093&__clstampdif=162&__stamp=1707618939089
Requested by: Host: 3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.6.85 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.85.6.90.157.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 11 Feb 2024 02:35:39 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0B24 42 B
174 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZPCIHsvYrxZf6aoFy6gro89oe-16lg_MP8ACLGG9oQZEuk2PI1o2iEHVVgssbWY-0ohntOKOmMIz5UyF_IPJduPz2siakbXEGaAV32Gb32LgZW2G-sLfY5SsS_rVTEo6Xz-Oo5A&sig=Cg0ArKJSzAjDWgwyBn0aEAE&id=lidar2&mcvt=1000&p=692,632,972,968&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4117190546&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=355173800&rst=1707618938394&rpt=161&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 96C8 0
127 B 13ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 11 Feb 2024 02:35:39 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3C1C 42 B
64 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqYg-vgtRF1fYkAWLJUDbVw5XWgefuXq3H1fNYqmdp0dHsix4qIR1nekwLDtP3B0NuxGkdjjybmq8rNMajQkvOlogCzbyG9Nd-2T3z6rohGAn1SDvntGiHLCS4nXYyBdYGSuq5DZ_mD0GExJJdi5hEWkqYA-Q-xPE-bg&sai=AMfl-YRUDy3tRt_D0GnYXUPWzCQ6ZqulH4cJdUEVuuy4MinUdg9cObUnzHp3gJmKf4eundsSFRI_pbdtf_MDHb-AnNpCJqfjd6hh2njnV6SgDu_Lg1nGxFmJXxPARydqr1RjRfRCZNv-1sTvgkC7R3jBxg&sig=Cg0ArKJSzK2Wcji1RTW1EAE&cid=CAQSTwAvHhf__pBpiTAhPYhe_C2PYblpSxXSFQ8Tz5Lm6ekCcmN8-sv7k0gSeq5DXQVLaeoiA9OMqfgO4vIi5JBAsjtXBowBHAnxd3y6mbf64uIYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=321,821,1000,1066,1066&tos=321,500,179,66,0&v=20240208&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=617229251&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=355173800&rst=1707618938461&rpt=172&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B701 0
20 B 51ms
51ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=828514713115&version=m202401290101&ct=77&x=1&cor=1286606688356330200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 900
pix.revjet.com/interaction/ Frame 1D26 43 B
169 B 24ms
24ms Ping
image/gif 157.90.6.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.revjet.com/interaction/900?__ads=03a1e0cfc53013cdd2493e4efbf8f5d1&vid=5110160633987674093&__adt=8240603838312093558&__ade=1&latent=0&vis_type=8&__stamp=1707618940054
Requested by: Host: cdn.revjet.com
URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.6.85 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.85.6.90.157.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 11 Feb 2024 02:35:40 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C1C 0
20 B 50ms
50ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8078600269046&version=m202401290101&ct=77&x=1&cor=13848542361697610000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 02:35:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kimetsuyaiba.online/	1970-01-21 03:56:18	Name: _ga_3DDFRY46J3 Value: GS1.1.1707618937.1.0.1707618937.0.0.0
.kimetsuyaiba.online/	1970-01-21 03:56:18	Name: _ga Value: GA1.1.280376746.1707618938
.doubleclick.net/	1970-01-21 03:41:54	Name: IDE Value: AHWqTUmN14n0wLlvvA-pX1IK5lhQnn_3vASyOweRXZuwGuYhZqAaM3A_at2wEN-l
.adnxs.com/	1970-01-20 20:29:54	Name: XANDR_PANID Value: SGQ5uZolGQ0QPnfVcCZ0waJXf1ros1zVskImtrVT3JNPz-LOx3CiSgjfISOE43y2vxg91w6AHxAu0yCWCWD6uVe04V0_zLDZW1VtdyVui0E.
.adnxs.com/	1970-01-21 03:56:18	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:29:54	Name: uuid2 Value: 461367783006569542
.casalemedia.com/	1970-01-21 03:05:54	Name: CMID Value: ZcgyermqPWQAADLnACeLFgAA
.casalemedia.com/	1970-01-20 20:29:54	Name: CMPS Value: 3199
.casalemedia.com/	1970-01-20 20:29:54	Name: CMPRO Value: 3199
.doubleclick.net/	1970-01-20 22:39:30	Name: APC Value: AfxxVi48R8Ijy9YbfQbja7gBCTen_wiP4UM-sZBUtX7-fy-Mag65PA
.doubleclick.net/	1970-01-20 22:39:30	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:29:54	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In6oQ@tC!]tbPl1M>e)ZlrFUfJ+tGXxoLHK^?SKA`rFSD@ggLw9U.Cf0Jzb#pOx%jHVW3If)y3KL9D3I?+wwyk8L
.doubleclick.net/	1970-01-20 19:03:30	Name: ar_debug Value: 1
.kimetsuyaiba.online/	1970-01-21 03:41:54	Name: __gads Value: ID=e052e615b4197c9a:T=1707618937:RT=1707618937:S=ALNI_MY8rlrmPuTqO9m_hWoMtaflFJQNMA
.kimetsuyaiba.online/	1970-01-21 03:41:54	Name: __gpi Value: UID=00000d5553851682:T=1707618937:RT=1707618937:S=ALNI_Mbt8bNqT3KFDqUtFIyNewtFL368iw
.kimetsuyaiba.online/	1970-01-20 22:39:30	Name: __eoi Value: ID=f8269061ac1b9faa:T=1707618937:RT=1707618937:S=AA-AfjZdJ2DNSk21XZFZ0NBsFpdA
.redintelligence.net/	1970-01-20 20:29:54	Name: 8lcfmzhxc8d6_uid Value: 47f9ce4ece173747
.doubleclick.net/	1970-01-20 18:20:22	Name: DSID Value: NO_DATA
cj.esprit.nl/	1970-01-20 20:29:54	Name: exactag_new_gk Value: d514e9baf95b4a33a780cbb37982df3a%7C11.04.2024%2002%3A35%3A37
cj.esprit.nl/	1970-01-20 22:39:30	Name: exactag_new_uk Value: 79d007c30d3f46ee85cfd9b68ad58cd3%7C
cj.esprit.nl/	1969-12-31 23:59:59	Name: session_session Value: 88ef650d7a7d4794a2a24dae
.revjet.com/	1970-01-21 03:56:18	Name: trx Value: 5110160633987674093
.revjet.com/	1970-01-20 18:21:45	Name: ads Value: 03a1e0cfc53013cdd2493e4efbf8f5d1

121 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	URL: https://kimetsuyaiba.online/(Line 108) Message: Failed to set referrer policy: The value '' is not one of 'always', 'default', 'never', 'origin-when-crossorigin', 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kimetsuyaiba.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3016d1a68106afcf310e8988d844ec3d.safeframe.googlesyndication.com
ad.doubleclick.net
ads.eu.criteo.com
ads.revjet.com
cat.nl3.eu.criteo.com
cdn.contentspread.net
cdn.revjet.com
cdnjs.cloudflare.com
cj.esprit.nl
cm.g.doubleclick.net
csm.eu.criteo.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900018.redintelligence.net
ib.adnxs.com
imageproxy.eu.criteo.net
kimetsuyaiba.online
pagead2.googlesyndication.com
pix.revjet.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
securepubads.g.doubleclick.net
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.gstatic.com
136.243.149.243
142.250.185.70
144.76.91.199
157.90.6.85
168.119.0.148
172.217.16.194
172.64.151.101
178.250.1.6
192.229.233.6
2001:4860:4802:34::36
2606:4700::6811:190e
2a00:1450:4001:806::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
2a06:98c1:3120::3
2a06:98c1:3121::3
2a06:98c1:3200::17
37.252.171.149
85.114.131.233
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09e69ffe850be535eb89f57b120e9b3e359fbae3fd0394b60a8b0c409656d181
0a946d52ac8890900833e2996c926ddabba3d9aa7dd4d9d7a1b4e5cd1db8dd34
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
175dee8b941e0557687793f2e2d3553928b1856c412d31e2efd0ab2f97327b25
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d
1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea
1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7
1ed470bb02d9d30334fae8efb2e4d141125c0593c32804b17f1c1954b73f5523
2296ad963561232639dba37439e330c1bfed2f9f79d62ca1960c242f96a11bcb
23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a
24323c81d8ec5b4424e82ab58f31cd68597f6a0c7f16cf97dab30e4feab7fac2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
320b61956b26352c8f3ec26fda5e8e3f3f296974003261f96776acb0d4f44ec9
35a6cc858f7ab90655e361272e24b444b749e3c87b72cbecde9845272ef075b6
399f09ce742e0b6b3e4a256a6d9978f14c964856819f7b76fd947708097fff86
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
3fbb60324ba018c58305566d35e4f580630b41aeb9bb737daef3314a6b100121
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5170eecac43a311dd69405e7d79ba4e091ed48b4381621a433f6aa5d2ff9fe98
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a1ddbeff783a01f29d36d8bb187a62d9cc8fffe95616aba3cd5fc080b9e16d2
5a75ade244357b72c307d1201f4e1a748951dd96f1237beed544b640bde2cb11
5a7786e310d161b114c0b238d1c28d4b28def027e456897e5abf476ca198879a
5ab6f289c1c8abc08c0a8fb6c7aea66cf8164d514c3cef0e29d9f81c474f5e65
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
67906bf3e331f66660124f968c0e8e2496abf0075e9447685c79e2c84441bde7
687e775e1675c7eaa92c86248950444ed464911fd81485d88747cacfe7332422
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
693df804abd140219b1cb47412c90e698524927c723251f9c3b93353fb97d3a3
69f5d3191dc883795ffd06149c49d8b097e4aa1c053433db3f2531d3d6074d1a
6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35
6ffe3e06e87f10c9951b52db90f612780366c729ce623b70a95897818c8094b8
70772f3c420fcde67da46a6e3bb56eddc04071db2742f0c345e7460ae41f1cd6
71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
755707db2083412d39df9683f0e5fea18cc6782e81718c9e4d59db1ce72ab16e
7a96dca7ba587579a0f071a8e23823e18d50fa7a3f6f44e63028f88e5a87193c
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
90813bce42ca05582f36fcb84e650c8e0081de6c49107cc98285c214515e732f
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9be80b4aee138897040216a12a87976850fd0016b1e7cb9beb483840b012a8be
9f0c785ba1945c5c419f212228f41d0ce8dbc5f0c67ab3340ebb984f4a97751a
9fd0ba643289a8ea99c168e3d656add50b9018f840865055ec9290ee7ad7444b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b36148a7ba888782e5fa1d52baa3db9045256fbea35a369412938cec151fff4d
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b981e75ade1b6d5e77e6e23352282c315fefeff8ac792466b6b2d737a247cb8f
ba2463b2b911c0859a8e053b1e7ef56110fa70806fba0b8f6a6d2e1a4305d0ee
be86635e4b5e3a5cfc5f07a689ed73256fc85199b993072d777b855e7061ef75
c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72
d1d4da690e11e688a3da04678a6e96aa45293acb0d6d1eb0083fd7fe7517241f
dda3f628ca00057595da5d1300d821318955ed174f2b3912033c138a336cd311
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e29560a857b80ce8718e9908fb3103c43e9e0fb53b4e0263f75b55f48a19af
e6ebe4f0c6cdf8fe56c15a6420b32dba3591993e9166bfe971a18862ff69f7c6
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ee875d1b0a82057344852ee7a374ac88a66e6b38da6b096b2fd3ed5719cd4f21
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f52d7663171b52c4e3263764a924f8e9f5939cd1084e6cba934f915ea7ceb8bc
fcb6e6855aad1bb597f6c8e7614775186673f2d59411b2e259a7310287a22134

kimetsuyaiba.online Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

142 Requests

92 %HTTPS

65 %IPv6

17 Domains

30 Subdomains

31 IPs

3 Countries

2508 kBTransfer

5085 kBSize

23 Cookies

12 Outgoing links

Page URL History

Redirected requests

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kimetsuyaiba.online Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

142
Requests

92 %
HTTPS

65 %
IPv6

17
Domains

30
Subdomains

31
IPs

3
Countries

2508 kB
Transfer

5085 kB
Size

23
Cookies

142 HTTP transactions
7 data transactions