Submitted URL: https://kimcartoon.to/
Effective URL: https://kimcartoon.li/
Submission: On June 22 via manual from GB

Summary

This website contacted 55 IPs in 10 countries across 64 domains to perform 391 HTTP transactions. The main IP is 2606:4700:20::681a:ba7, located in United States and belongs to CLOUDFLARENET, US. The main domain is kimcartoon.li.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 9th 2021. Valid for: a year.
This is the only time kimcartoon.li was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
59 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 51.68.186.35 16276 (OVH)
19 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2606:2800:234... 15133 (EDGECAST)
1 2 173.192.101.24 36351 (SOFTLAYER)
13 2a00:1450:400... 15169 (GOOGLE)
1 18.214.201.148 14618 (AMAZON-AES)
1 185.104.210.16 200449 (QRATOR-)
1 104.22.72.85 13335 (CLOUDFLAR...)
13 2a03:2880:f11... 32934 (FACEBOOK)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 104.244.42.72 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 14 5.178.65.245 50673 (SERVERIUS-AS)
5 71 2606:4700:20:... 13335 (CLOUDFLAR...)
10 185.184.8.65 204995 (RTB-HOUSE...)
10 136.144.59.88 54825 (PACKET)
9 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
16 61.213.187.173 2914 (NTT-COMMU...)
2 94.31.29.128 6461 (ZAYO-6461)
1 2606:4700:303... 13335 (CLOUDFLAR...)
17 202.47.25.67 2914 (NTT-COMMU...)
20 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
6 2600:1901:0:e... 15169 (GOOGLE)
17 21 153.254.173.146 2914 (NTT-COMMU...)
2 222.230.178.20 2519 (VECTANT A...)
4 4 172.105.232.22 63949 (LINODE-AP...)
1 192.243.59.12 39572 (ADVANCEDH...)
6 6 52.2.43.18 14618 (AMAZON-AES)
31 32 185.33.221.13 29990 (ASN-APPNEX)
9 9 18.197.47.23 16509 (AMAZON-02)
14 15 18.156.0.31 16509 (AMAZON-02)
10 10 72.251.249.9 29791 (VOXEL-DOT...)
5 5 88.214.206.247 46636 (NATCOWEB)
10 178.162.133.149 60781 (LEASEWEB-...)
10 37 2.18.234.21 16625 (AKAMAI-AS)
5 67.202.110.23 32748 (STEADFAST)
5 51.89.9.251 16276 (OVH)
6 2.18.233.180 16625 (AKAMAI-AS)
1 185.64.190.78 62713 (AS-PUBMATIC)
2 7 13.248.242.197 16509 (AMAZON-02)
5 10 52.94.232.32 16509 (AMAZON-02)
28 28 142.250.186.130 15169 (GOOGLE)
1 2 169.50.137.190 36351 (SOFTLAYER)
1 35.241.40.233 15169 (GOOGLE)
1 2.18.234.233 16625 (AKAMAI-AS)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2a00:1288:110... 34010 (YAHOO-IRD)
4 4 185.29.133.52 30419 (MEDIAMATH...)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 52.208.167.91 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (TURN)
2 2 3.123.143.157 16509 (AMAZON-02)
1 1 185.183.112.148 60350 (VP)
1 1 54.198.69.15 14618 (AMAZON-AES)
1 52.19.195.165 16509 (AMAZON-02)
3 4 37.157.6.252 198622 (ADFORM)
2 2 213.155.156.167 1299 (TELIANET ...)
4 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
2 185.64.189.114 62713 (AS-PUBMATIC)
2 2 51.210.112.63 16276 (OVH)
2 2 52.48.248.240 16509 (AMAZON-02)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 185.64.189.110 62713 (AS-PUBMATIC)
391 55
Apex Domain
Subdomains
Transfer
71 quantumdex.io
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
30 KB
59 kimcartoon.li
kimcartoon.li
705 KB
37 casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
45 KB
32 adnxs.com
ib.adnxs.com
secure.adnxs.com
29 KB
29 doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
118 KB
28 vlitag.com
services.vlitag.com
tag.vlitag.com
assets.vlitag.com
stats.vlitag.com
408 KB
26 im-apps.net
dmp.im-apps.net
audiencedata.im-apps.net
37 KB
21 gssprt.jp
cs.gssprt.jp
11 KB
17 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
14 KB
17 genieesspv.jp
ialaddin.genieesspv.jp
22 KB
17 pubmatic.com
pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage2.pubmatic.com
simage4.pubmatic.com
47 KB
16 genieessp.com
js.genieessp.com
55 KB
14 e-planning.net
ads.us.e-planning.net
6 KB
13 facebook.com
www.facebook.com
305 KB
13 google-analytics.com
www.google-analytics.com
39 KB
10 amazon-adsystem.com
s.amazon-adsystem.com
5 KB
10 sonobi.com
sync.go.sonobi.com
5 KB
10 lijit.com
ap.lijit.com
5 KB
10 a-mo.net
prebid.a-mo.net
2 KB
10 creativecdn.com
prebid-eu.creativecdn.com
2 KB
9 advertising.com
pixel.advertising.com
3 KB
7 adsrvr.org
match.adsrvr.org
2 KB
6 advangelists.com
nep.advangelists.com
1 KB
6 twitter.com
platform.twitter.com
syndication.twitter.com
149 KB
5 onetag-sys.com
onetag-sys.com
4 KB
5 33across.com
ssc-cms.33across.com
5 admanmedia.com
cs.admanmedia.com
2 KB
4 adform.net
c1.adform.net
2 KB
4 mathtag.com
sync.mathtag.com
3 KB
4 appier.net
g.c.appier.net
1 KB
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
987 B
2 crwdcntrl.net
sync.crwdcntrl.net
1 KB
2 onaudience.com
pixel.onaudience.com
887 B
2 de17a.com
d5p.de17a.com
637 B
2 w55c.net
pm.w55c.net
1 KB
2 bidr.io
match.prod.bidr.io
1 KB
2 ad4m.at
ad4m.at
2 simpli.fi
um.simpli.fi
1 KB
2 gsspat.jp
rt.gsspat.jp
499 B
2 mycdn.co
p375584.mycdn.co
165 KB
2 fbcdn.net
scontent-frx5-1.xx.fbcdn.net
10 KB
1 criteo.com
dis.criteo.com
359 B
1 demdex.net
dpm.demdex.net
1 extend.tv
sync.extend.tv
546 B
1 adotmob.com
sync.adotmob.com
689 B
1 turn.com
ad.turn.com
425 B
1 quantserve.com
pixel.quantserve.com
509 B
1 rfihub.com
p.rfihub.com
775 B
1 dotomi.com
casale-match.dotomi.com
187 B
1 stickyadstv.com
ads.stickyadstv.com
722 B
1 brand-display.com
dmp.brand-display.com
253 B
1 graniteacquitcharacteristic.com
graniteacquitcharacteristic.com
1 getawesome10.com
www.getawesome10.com
4 KB
1 googletagmanager.com
www.googletagmanager.com
36 KB
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 googleapis.com
imasdk.googleapis.com
116 KB
1 googletagservices.com
www.googletagservices.com
21 KB
1 bebi.com
www.bebi.com
945 B
1 propellerads.com
propellerads.com
655 B
1 mybetterdl.com
mybetterdl.com
32 KB
1 clksite.com
p375584.clksite.com
113 B
1 toeschistache.com
toeschistache.com
1 KB
1 jquery.com
code.jquery.com
33 KB
1 kimcartoon.to
kimcartoon.to
592 B
391 64
Domain Requested by
59 kimcartoon.li kimcartoon.li
56 sync.quantumdex.io assets.vlitag.com
sync.quantumdex.io
ssum-sec.casalemedia.com
ads.pubmatic.com
31 ib.adnxs.com 31 redirects
28 cm.g.doubleclick.net 28 redirects
21 dsum-sec.casalemedia.com 5 redirects ssum-sec.casalemedia.com
21 cs.gssprt.jp 17 redirects kimcartoon.li
20 dmp.im-apps.net js.genieessp.com
dmp.im-apps.net
17 ialaddin.genieesspv.jp kimcartoon.li
16 js.genieessp.com tag.vlitag.com
kimcartoon.li
15 ssum-sec.casalemedia.com 5 redirects sync.quantumdex.io
ssum-sec.casalemedia.com
15 ups.analytics.yahoo.com 14 redirects ssum-sec.casalemedia.com
14 ads.us.e-planning.net 4 redirects kimcartoon.li
assets.vlitag.com
13 www.facebook.com kimcartoon.li
www.facebook.com
13 www.google-analytics.com kimcartoon.li
www.google-analytics.com
www.googletagmanager.com
11 tag.vlitag.com services.vlitag.com
tag.vlitag.com
10 s.amazon-adsystem.com 5 redirects ssum-sec.casalemedia.com
10 sync.go.sonobi.com sync.quantumdex.io
10 ap.lijit.com 10 redirects
10 stats.vlitag.com tag.vlitag.com
10 prebid.a-mo.net assets.vlitag.com
10 prebid-eu.creativecdn.com assets.vlitag.com
10 useast.quantumdex.io assets.vlitag.com
9 pixel.advertising.com 9 redirects
7 match.adsrvr.org 2 redirects ssum-sec.casalemedia.com
6 ads.pubmatic.com sync.quantumdex.io
ads.pubmatic.com
6 nep.advangelists.com 6 redirects
6 audiencedata.im-apps.net dmp.im-apps.net
5 onetag-sys.com sync.quantumdex.io
5 ssc-cms.33across.com sync.quantumdex.io
5 ms.quantumdex.io 5 redirects
5 cs.admanmedia.com 5 redirects
5 assets.vlitag.com tag.vlitag.com
kimcartoon.li
4 image2.pubmatic.com ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 sync.mathtag.com 4 redirects
4 g.c.appier.net 4 redirects
4 platform.twitter.com kimcartoon.li
platform.twitter.com
3 simage2.pubmatic.com ads.pubmatic.com
2 sync.crwdcntrl.net 2 redirects
2 pixel.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 pm.w55c.net 2 redirects
2 match.prod.bidr.io 2 redirects
2 ad4m.at ssum-sec.casalemedia.com
2 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
ads.pubmatic.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 rt.gsspat.jp kimcartoon.li
2 p375584.mycdn.co p375584.clksite.com
p375584.mycdn.co
2 syndication.twitter.com platform.twitter.com
kimcartoon.li
2 scontent-frx5-1.xx.fbcdn.net www.facebook.com
2 services.vlitag.com kimcartoon.li
services.vlitag.com
1 simage4.pubmatic.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 dpm.demdex.net ssum-sec.casalemedia.com
1 secure.adnxs.com ssum-sec.casalemedia.com
1 sync.extend.tv 1 redirects
1 sync.adotmob.com 1 redirects
1 ad.turn.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 p.rfihub.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 image6.pubmatic.com ads.pubmatic.com
1 graniteacquitcharacteristic.com kimcartoon.li
1 www.getawesome10.com p375584.clksite.com
1 www.googletagmanager.com tag.vlitag.com
1 cdn.jsdelivr.net assets.vlitag.com
1 securepubads.g.doubleclick.net www.googletagservices.com
1 imasdk.googleapis.com tag.vlitag.com
1 www.googletagservices.com tag.vlitag.com
1 www.bebi.com code.jquery.com
1 propellerads.com code.jquery.com
1 pubmatic.com code.jquery.com
1 mybetterdl.com kimcartoon.li
1 p375584.clksite.com 1 redirects
1 toeschistache.com kimcartoon.li
1 code.jquery.com kimcartoon.li
1 kimcartoon.to 1 redirects
391 83

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
readcomiconline.li
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-04-09 -
2022-04-08
a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA
2020-10-06 -
2021-10-16
a year crt.sh
toeschistache.com
R3
2021-06-03 -
2021-09-01
3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-05 -
2021-11-09
a year crt.sh
*.mybetterdl.com
Sectigo RSA Domain Validation Secure Server CA
2021-04-26 -
2022-04-26
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
pubmatic.com
Go Daddy Secure Certificate Authority - G2
2020-08-05 -
2021-08-05
a year crt.sh
propellerads.com
GeoTrust EV RSA CA 2018
2019-08-26 -
2021-08-25
2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-05-26 -
2021-08-24
3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-05-31 -
2021-08-23
3 months crt.sh
ads.us.e-planning.net
R3
2021-05-24 -
2021-08-22
3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-03-30 -
2022-04-12
a year crt.sh
*.a-mo.net
R3
2021-05-11 -
2021-08-09
3 months crt.sh
*.genieessp.com
Sectigo RSA Domain Validation Secure Server CA
2019-10-30 -
2021-10-29
2 years crt.sh
*.mycdn.co
Sectigo RSA Domain Validation Secure Server CA
2020-10-13 -
2021-10-22
a year crt.sh
*.genieesspv.jp
GeoTrust RSA CA 2018
2021-03-22 -
2022-04-22
a year crt.sh
*.im-apps.net
DigiCert Secure Site ECC CA-1
2020-05-05 -
2021-08-04
a year crt.sh
audiencedata.im-apps.net
GTS CA 1D4
2021-05-01 -
2021-07-30
3 months crt.sh
rt.gsspat.jp
GeoTrust RSA CA 2018
2021-03-19 -
2022-04-19
a year crt.sh
cs.gssprt.jp
GeoTrust RSA CA 2018
2020-12-02 -
2022-01-01
a year crt.sh
graniteacquitcharacteristic.com
R3
2021-05-22 -
2021-08-20
3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2020-12-06 -
2022-01-07
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-02-05 -
2022-02-09
a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2020-06-01 -
2021-09-30
a year crt.sh
onetag-sys.com
R3
2021-05-02 -
2021-07-31
3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2021-03-30 -
2022-04-04
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
s.amazon-adsystem.com
Amazon
2020-08-28 -
2021-08-20
a year crt.sh
*.brand-display.com
GeoTrust RSA CA 2018
2020-06-24 -
2022-06-24
2 years crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-13 -
2021-11-17
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-03-29 -
2021-09-22
6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-03-22 -
2021-09-15
6 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2020-12-02 -
2022-01-02
a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA
2019-09-16 -
2021-09-20
2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-04-14 -
2021-07-12
3 months crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA
2019-09-18 -
2021-12-12
2 years crt.sh

This page contains 50 frames:

Primary Page: https://kimcartoon.li/
Frame ID: BD08D1356B748A4BAFCAC2891FD6D596
Requests: 125 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fkimcartoonfp&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=dark&font&height=21
Frame ID: 4671EDA5A87EB6A55A72276D71023D44
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&width=300&colorscheme=dark&show_faces=true&stream=false&header=false&height=160
Frame ID: 09DA5028DEA618C1D25198EFE1E99BD2
Requests: 11 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fkimcartoon.li
Frame ID: C41222D24E1F2482840F3E1477EE5165
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.en.html
Frame ID: 2E12A83D6BE04E6AEB40D4576F1EC14D
Requests: 2 HTTP requests in this frame

Frame: https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56187&divID=vi_1422756187_538&w=728&h=90
Frame ID: 00946DDA89D51AB1FF392C3E96787BA2
Requests: 11 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Frame ID: A90B5AB77DBD1D7711C7C087B1AF7E78
Requests: 12 HTTP requests in this frame

Frame: https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56188&divID=vi_1422756188_474&w=160&h=600
Frame ID: E0CF853681BB7203FD7D14618D21D5C4
Requests: 11 HTTP requests in this frame

Frame: https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56194&divID=vi_1422756194_536&w=300&h=250
Frame ID: 29CF52078120C58DF1BBE150A81A5071
Requests: 11 HTTP requests in this frame

Frame: https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56186&divID=vi_1422756186_927&w=300&h=250
Frame ID: C739D0189D13149C59A9BBA6D84BE6E3
Requests: 11 HTTP requests in this frame

Frame: https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56199&divID=vi_1422756199_946&w=160&h=600
Frame ID: 77F38EFFD54625571F530EB1721373B5
Requests: 15 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 5B8B64ACA9DED1F51098BEC893B97A39
Requests: 11 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 71FAA8A3183D644CA021D19855C03F00
Requests: 11 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 791D521FC51119F4D3DE44F71ABE63FC
Requests: 11 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: C86CAD01487E262BF39044D0F88A4FDD
Requests: 11 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 63F4603B0B241FE5BBC0BB4DCE541638
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 719ADEBBCDD3EE4E66F342642371BBB9
Requests: 10 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 958AD83013AEDF8C5E405B276448A60B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 318DBE001EA74096356E09FB8E60157C
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 39954048AF2EE21A28C966A830C5D4A4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 579AC2C00D3B6587AA986225923F81AE
Requests: 14 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: D3E5459AFA6431BAB270911600ED6AB4
Requests: 10 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 860621842979FD83948DBC88744DE415
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 43F741D03D0D14A6CF03689F4A8CA627
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: A80C91501AD7A5EA4D5DA8E56A4F2A4D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 42DAEC463DB0DE571164F7955ADFC783
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 6DC407C5882B0235037AC4DBC8FA2BCD
Requests: 10 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: F245213AE6E71839DA43446096969741
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: C360E7E5A4B2F924FDFBC179027796D7
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 295CF3D9826611F5812E05E1AF5112E3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 906B4F22A94A0FC4318C8A5654D8C655
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 5E490E190B10C78C7EECD2746C5CC032
Requests: 10 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 45A87BA2CC2C11FB7521231568F16C86
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 734A84199342D2E4757D3AB6292E9AFE
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 7EC269BBC49575E8AF2725C8D37CE40C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: F956A6DAEEDA85AD32DF66940897BDDA
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 3CAE357ADF28A66220FE8DC15C2D47EF
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 684D8623AA31553A9C7B5D22C516D9FF
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: C4B6A8635FD923B376903FE7B298851E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 2486AA0A6C4F44C30EF2F0BEBC698C2A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 385D7693FA389A756ADCB0622D50840B
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=25BE928C-91AC-4A8E-A5AA-467F3F9F45BA
Frame ID: FC4110CA696B67E62370F1073F79BADA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1811983543594905929
Frame ID: 57AFAD6DD2026D175702491187219E95
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 1F63E245194422714B2FA3572ACA1214
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=25BE928C-91AC-4A8E-A5AA-467F3F9F45BA
Frame ID: 5CF78B1E09041D991033159DDEEBFEB5
Requests: 1 HTTP requests in this frame

Frame: https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56188&divID=vi_1422756188_474&w=160&h=600
Frame ID: 19E2AFE079B482F7F537E42B4613A121
Requests: 11 HTTP requests in this frame

Frame: https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56186&divID=vi_1422756186_927&w=300&h=250
Frame ID: 8161E05E608853EFE025D228A17D6799
Requests: 6 HTTP requests in this frame

Frame: https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56187&divID=vi_1422756187_538&w=728&h=90
Frame ID: BE23BE536CC346BC45AC0926B2851C4B
Requests: 6 HTTP requests in this frame

Frame: https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56199&divID=vi_1422756199_946&w=160&h=600
Frame ID: 95BE97A0C3731B08336E1451949576BE
Requests: 6 HTTP requests in this frame

Frame: https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56194&divID=vi_1422756194_536&w=300&h=250
Frame ID: 1DC9CFAC7C785A8EBF6ADF7DE7B070E9
Requests: 6 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://kimcartoon.to/ HTTP 301
    https://kimcartoon.li/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i

Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i

Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

391
Requests

98 %
HTTPS

32 %
IPv6

64
Domains

83
Subdomains

55
IPs

10
Countries

2393 kB
Transfer

5776 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://kimcartoon.to/ HTTP 301
    https://kimcartoon.li/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://p375584.clksite.com/adServe/banners?tid=OM1KIMCARTOON_DI HTTP 301
  • https://mybetterdl.com/adServe/banners?tid=OM1KIMCARTOON_DI
Request Chain 96
  • https://ads.us.e-planning.net/pbjs/1/2c995/1/kimcartoon.li/ROS?rnd=0.10265755498889062&e=728x90_0%3A728x90%2C468x60&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2F&gdpr=1&gdprcs= HTTP 302
  • https://ads.us.e-planning.net/hb/1/2c995/1/kimcartoon.li/ROS?ct=1&r=pbjs&rnd=0.10265755498889062&e=728x90_0%3A728x90%2C468x60&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2F&gdpr=1&gdprcs=
Request Chain 100
  • https://ads.us.e-planning.net/pbjs/1/2c995/1/kimcartoon.li/ROS?rnd=0.10265755498889062&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2F&gdpr=1&gdprcs= HTTP 302
  • https://ads.us.e-planning.net/hb/1/2c995/1/kimcartoon.li/ROS?ct=1&r=pbjs&rnd=0.10265755498889062&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2F&gdpr=1&gdprcs=
Request Chain 105
  • https://ads.us.e-planning.net/pbjs/1/2c995/1/kimcartoon.li/ROS?rnd=0.10265755498889062&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2F&gdpr=1&gdprcs= HTTP 302
  • https://ads.us.e-planning.net/hb/1/2c995/1/kimcartoon.li/ROS?ct=1&r=pbjs&rnd=0.10265755498889062&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2F&gdpr=1&gdprcs=
Request Chain 111
  • https://ads.us.e-planning.net/pbjs/1/2c995/1/kimcartoon.li/ROS?rnd=0.10265755498889062&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2F&gdpr=1&gdprcs= HTTP 302
  • https://ads.us.e-planning.net/hb/1/2c995/1/kimcartoon.li/ROS?ct=1&r=pbjs&rnd=0.10265755498889062&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2F&gdpr=1&gdprcs=
Request Chain 166
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2 HTTP 302
  • https://cs.gssprt.jp/yie/ld/cs?dspid=lamp HTTP 302
  • https://rt.gsspat.jp/yie/ld/gcs?v=WAs0ex4iHFQFHErSnn_adLYsWcBBEmHr1rcsEKk8eDrs2VkjrqZqKH5BM4YA7LKfJWOmPucH0RIi5VvCEmp4TeqTWX96GQvan6Tsc9WO6s0=
Request Chain 167
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2 HTTP 302
  • https://g.c.appier.net/ge HTTP 302
  • https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=TIJH40R1CTuZeD_SwarRYA
Request Chain 168
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=yeahtargeter&format=gif&vid=2 HTTP 302
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA7gOnO4-6PRmJ5l7l-UsksOX83nvWBsLhDJIIilLPJfSC6J2LUO05jywuQPqFRhy7g&format=gif
Request Chain 171
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2 HTTP 302
  • https://cs.gssprt.jp/yie/ld/cs?dspid=lamp HTTP 302
  • https://rt.gsspat.jp/yie/ld/gcs?v=WAs0ex4iHFQFHErSnn_adL8Ss0x-JtX_FRelTma8GkJNrfuAzs-_cqKygSKzd_fVtaWMan2s3-Ai5VvCEmp4TeqTWX96GQvan6Tsc9WO6s0=
Request Chain 172
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2 HTTP 302
  • https://g.c.appier.net/ge HTTP 302
  • https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=mNgHGhINDz2d-Mc0warRYA
Request Chain 173
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=yeahtargeter&format=gif&vid=2 HTTP 302
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA00o4eYPEsXJa6VvJUOYspH6x-GwNMc08MjfxvyjP3aQETNSGM-mExjCPkEQ-AT22w&format=gif
Request Chain 176
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2 HTTP 302
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=lamp&v=I_BhyJMsY9jQvRpQO_mAvAz5M0LeJtKY00T175URjJRV5UqWBwRK8sGYZ7CsseNjgvx36XHqd68OSmsdTyOETE4Cl0VJB1XmHNVWaYIpAKGME35xR34TMsVOkVvVGEL3fVWEVcGxkS24HaoRhfaiUA&format=gif
Request Chain 177
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2 HTTP 302
  • https://g.c.appier.net/ge HTTP 302
  • https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=kJqyfxHgB_qruZZ6warRYA
Request Chain 178
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=yeahtargeter&format=gif&vid=2 HTTP 302
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA00o4eYPEsXJa6VvJUOYspH6x-GwNMc08MjfxvyjP3aQETNSGM-mExjCPkEQ-AT22w&format=gif
Request Chain 180
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2 HTTP 302
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=lamp&v=I_BhyJMsY9jQvRpQO_mAvAz5M0LeJtKY00T175URjJRV5UqWBwRK8sGYZ7CsseNjgvx36XHqd68OSmsdTyOETOrmhMm63uX3tBW4qstfrCjDC5IVtkLsXvcuf30dfW14tJpwuqTWSxMhjG2PZnsqVg&format=gif
Request Chain 181
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2 HTTP 302
  • https://g.c.appier.net/ge HTTP 302
  • https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=kJqyfxHgB_qruZZ6warRYA
Request Chain 182
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=yeahtargeter&format=gif&vid=2 HTTP 302
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA00o4eYPEsXJa6VvJUOYspH6x-GwNMc08MjfxvyjP3aQETNSGM-mExjCPkEQ-AT22w&format=gif
Request Chain 184
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2 HTTP 302
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=lamp&v=I_BhyJMsY9jQvRpQO_mAvAz5M0LeJtKY00T175URjJRV5UqWBwRK8sGYZ7CsseNjgvx36XHqd68OSmsdTyOETOrmhMm63uX3tBW4qstfrCjDC5IVtkLsXvcuf30dfW14tJpwuqTWSxMhjG2PZnsqVg&format=gif
Request Chain 185
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2 HTTP 302
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=appier&v=I_BhyJMsY9jQvRpQO_mAvAz5M0LeJtKY00T175URjJRV5UqWBwRK8sGYZ7CsseNjgvx36XHqd68OSmsdTyOETItl6T8EugbIgUM_99X-sSBn2WcIIkoj6rT1FGokz2Qna2_fQSMLOXldaum3K9GdEA&format=gif
Request Chain 186
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=yeahtargeter&format=gif&vid=2 HTTP 302
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA00o4eYPEsXJa6VvJUOYspH6x-GwNMc08MjfxvyjP3aQETNSGM-mExjCPkEQ-AT22w&format=gif
Request Chain 192
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-bd6293c3-6b53-4758-b5a3-48f9c332523f
Request Chain 193
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6562459018269791952
Request Chain 194
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb90999c9-d33a-11eb-b67c-02efc58c1128 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb90999c9-d33a-11eb-b67c-02efc58c1128
Request Chain 195
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=87de54acf6133004306388a2
Request Chain 196
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=61e7b019d7d1b74d282592b287201fb615ecbe76
Request Chain 197
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-QZlHqQpE2uEUzHHhyUdLTpzCTS9QEaHytQWh2Wo-~A
Request Chain 198
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=6562459018269791952
Request Chain 199
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1808910678779486814
Request Chain 200
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=a602aabb-9dca-4d47-aa6a-0b3c447b6663
Request Chain 202
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 207
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-b4a7d6ae-6801-4fc4-b8a8-cbddd096ea94
Request Chain 208
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4783870619476292446
Request Chain 209
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb90999c9-d33a-11eb-b67c-02efc58c1128 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb90999c9-d33a-11eb-b67c-02efc58c1128
Request Chain 210
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=005d0449477af5fadc10065e
Request Chain 211
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=61e7b019d7d1b74d282592b287201fb615ecbe76
Request Chain 212
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-QZlHqQpE2uEUzHHhyUdLTpzCTS9QEaHytQWh2Wo-~A
Request Chain 213
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1808910678779486814
Request Chain 214
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1808910678779486814
Request Chain 215
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=3e02c13a-cc97-400d-a207-7e1f5f88b299
Request Chain 217
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 222
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1808910678779486814
Request Chain 223
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb9124c77-d33a-11eb-b15b-024864d1a278 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb9124c77-d33a-11eb-b15b-024864d1a278
Request Chain 224
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=87de54acf6133004306388a2
Request Chain 225
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=61e7b019d7d1b74d282592b287201fb615ecbe76
Request Chain 226
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JgDLHRRE2uHl8_aGloXHpCHeyxB8XnoSf4tC2jU-~A
Request Chain 227
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1808910678779486814
Request Chain 228
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4052093728269332812
Request Chain 229
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=515db520-859e-4e9c-a880-006b3854fe15
Request Chain 231
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-09b3d1a2-802f-4675-93d8-7e2548876692
Request Chain 232
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 237
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4052093728269332812
Request Chain 238
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=005d0449477af5fadc10065e
Request Chain 239
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb90cce01-d33a-11eb-b4c8-065a80081292 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb90cce01-d33a-11eb-b4c8-065a80081292
Request Chain 240
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=61e7b019d7d1b74d282592b287201fb615ecbe76
Request Chain 241
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JgDLHRRE2uHl8_aGloXHpCHeyxB8XnoSf4tC2jU-~A
Request Chain 242
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=931814452106676262
Request Chain 243
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2976178559415520495
Request Chain 244
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=594b67f9-850c-49a2-8b4c-4d91fbc47c90
Request Chain 246
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-a78ce25b-9ef3-4ed1-b333-f50ac19217ef
Request Chain 247
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 252
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6562459018269791952
Request Chain 253
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=87de54acf6133004306388a2
Request Chain 254
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb90999c9-d33a-11eb-b67c-02efc58c1128 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb90999c9-d33a-11eb-b67c-02efc58c1128
Request Chain 255
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=61e7b019d7d1b74d282592b287201fb615ecbe76
Request Chain 256
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=2976178559415520495
Request Chain 257
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-QZlHqQpE2uEUzHHhyUdLTpzCTS9QEaHytQWh2Wo-~A
Request Chain 258
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6562459018269791952
Request Chain 259
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=4d79795e-8753-4335-976b-842c0cf5b640
Request Chain 261
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-e933864f-0fc3-4e5a-8698-865077143572
Request Chain 266
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 269
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwfesQyNWdvWyLYu6IQAABJoAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwfesQyNWdvWyLYu6IQAABJoAAAAB&dcc=t
Request Chain 270
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNGqwZpQzfu-ft0J-vesqgAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YNGqwZpQzfu-ft0J-vesqgAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG5C9C6wxPgESRHYejMPjZ4&google_cver=1&gdpr=1
Request Chain 271
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNGqwfesQyNWdvWyLYu6IQAABJoAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YNGqwfesQyNWdvWyLYu6IQAABJoAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPekA2OIv9mP8l0aB1BPDcU&google_cver=1
Request Chain 272
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=657DA4341BA84D3FBAE1E9FD88A9E3FE&gdpr=1
Request Chain 275
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1624439873&gdpr=1
Request Chain 278
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNGqwZpQzfu-ft0J-vesqgAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YNGqwZpQzfu-ft0J-vesqgAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEI4rx5ymGez7LppCxFe5GDA&google_cver=1&gdpr=1
Request Chain 279
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwfesQyNWdvWyLYu6IQAABJoAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwfesQyNWdvWyLYu6IQAABJoAAAAB&dcc=t
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNGqwfesQyNWdvWyLYu6IQAABJoAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YNGqwfesQyNWdvWyLYu6IQAABJoAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJyT61tSd5bykklH90uFSJQ&google_cver=1
Request Chain 282
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=360160d1-aac2-4f00-bb32-801988af4efe&gdpr=1&gdpr_consent=
Request Chain 283
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471596111178827
Request Chain 284
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=Pvosv2mrK78l-S3sbvhl6z__Krol_3G_P_rojl1P
Request Chain 287
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNGqwZpQzfu_ft0J_vesqAAABIAAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YNGqwZpQzfu_ft0J_vesqAAABIAAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEwu_e9HAxJNS3HyicfFZ4c&google_cver=1
Request Chain 288
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNGqwZpQzfu-ft0J-vesqgAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YNGqwZpQzfu-ft0J-vesqgAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGtUfCQygpMbMthaaCuxSJ8&google_cver=1&gdpr=1
Request Chain 289
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwZpQzfu_ft0J_vesqAAABIAAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwZpQzfu_ft0J_vesqAAABIAAAAAB&dcc=t
Request Chain 291
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-13e07987-f1ba-4af5-8be1-e5db2f624a20
Request Chain 292
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAn9E7Bo1YAADf4JQroRw&expiration=1625563075&gdpr=1
Request Chain 293
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3225279588603495307
Request Chain 296
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNGqwZpQzfu-ft0J-vesqgAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YNGqwZpQzfu-ft0J-vesqgAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB_kLkQwOtsbRk-DbaCrOnY&google_cver=1&gdpr=1
Request Chain 297
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwfesQyNWdvWyLYu6IwAABKAAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwfesQyNWdvWyLYu6IwAABKAAAAIB&dcc=t
Request Chain 298
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNGqwfesQyNWdvWyLYu6IwAABKAAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YNGqwfesQyNWdvWyLYu6IwAABKAAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJ8jYQ0AMf84lYXgXfh5t5M&google_cver=1
Request Chain 299
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=5zDWHyoD1LVCxB5&gdpr=1
Request Chain 301
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06612204077486095ca2cfc6&expiration=[EXPIRATION]&gdpr=1
Request Chain 302
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=32fcf986-060a-470c-971d-d5a62041a14c
Request Chain 305
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNGqwZpQzfu_ft0J_vesqgAABH0AAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YNGqwZpQzfu_ft0J_vesqgAABH0AAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELUM6D7PxtKNIVsHZdyAEmY&google_cver=1
Request Chain 306
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNGqwZpQzfu-ft0J-vesqgAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YNGqwZpQzfu-ft0J-vesqgAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHpCsKyz0JrOrVTSNp1alRU&google_cver=1&gdpr=1
Request Chain 307
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwZpQzfu_ft0J_vesqgAABH0AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwZpQzfu_ft0J_vesqgAABH0AAAAB&dcc=t
Request Chain 310
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2bc360d1-aac2-4e00-b0e5-3af48433d961&gdpr=1&gdpr_consent=
Request Chain 313
  • https://c1.adform.net/serving/cookie/match?party=14&cid=25BE928C-91AC-4A8E-A5AA-467F3F9F45BA HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=25BE928C-91AC-4A8E-A5AA-467F3F9F45BA
Request Chain 314
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1811983543594905929
Request Chain 317
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Jb6SjJGsSo6lqkZ_P59Fug%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Jb6SjJGsSo6lqkZ_P59Fug%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 318
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3cb360d1-aac2-4100-a653-8771e5000eaa
Request Chain 319
  • https://pixel.onaudience.com/?partner=214&mapped=25BE928C-91AC-4A8E-A5AA-467F3F9F45BA HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=e891b34acbac8c0f9e2f3794346c5372 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=149f33d1c1eafbd4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5f05af02-0c8f-4481-7864-413adc51fb08&reqId=3dfc1be1-8f4c-4c5d-5dc3-7cfa241939d6&zcluid=149f33d1c1eafbd4&zdid=1332 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5f05af02-0c8f-4481-7864-413adc51fb08&reqId=3dfc1be1-8f4c-4c5d-5dc3-7cfa241939d6&zcluid=149f33d1c1eafbd4&zdid=1332&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEBX23Yitvb0YD6n_wMTH_5U&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5f05af02-0c8f-4481-7864-413adc51fb08&reqId=3dfc1be1-8f4c-4c5d-5dc3-7cfa241939d6&zcluid=149f33d1c1eafbd4&zdid=1332
Request Chain 320
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjVCRTkyOEMtOTFBQy00QThFLUE1QUEtNDY3RjNGOUY0NUJB&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjVCRTkyOEMtOTFBQy00QThFLUE1QUEtNDY3RjNGOUY0NUJB&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 321
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI-7aSB595y4z7q6U7HB718&google_cver=1
Request Chain 323
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5939490055835893043
Request Chain 324
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:32ee60d1-aac2-4500-839a-4750cdd0861a&gdpr=0&gdpr_consent=
Request Chain 325
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9048f4b9-485f-47a0-a619-40962149104d
Request Chain 326
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1808910678779486814&gdpr=0&gdpr_consent=

391 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
kimcartoon.li/
Redirect Chain
  • https://kimcartoon.to/
  • https://kimcartoon.li/
128 KB
14 KB
Document
General
Full URL
https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f92c4e1346a6468e9130b9fcfcca7dd1e13411077fd13a8760feb4006b9972e0

Request headers

:method
GET
:authority
kimcartoon.li
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:48 GMT
content-type
text/html; charset=utf-8
cache-control
private
cf-cache-status
DYNAMIC
cf-request-id
0ad49c0668000031285480c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=o13YJcSaSebrP%2FXzAiBTXhQUKlLk1UbXkZGR59rUaNZ%2FskUxkP1yfthdP%2BGYPcvCcZVrmJemkD5ayDWVsZiu9xyjb%2B2iQ%2FJLmACKETz%2BwXgazWaAPKfkH9XIKa5upSGN1K%2BQezu5"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
663462b70f653128-FRA
content-encoding
br

Redirect headers

date
Tue, 22 Jun 2021 09:17:47 GMT
cache-control
max-age=3600
expires
Tue, 22 Jun 2021 10:17:47 GMT
location
https://kimcartoon.li/
cf-request-id
0ad49c063a0000c2818f9c0000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=r8f9ejZ4tzNd6U5o1FJNTfgAIRvOVolehYfi407Kpdi5jdM1FLA9NoCeRa%2FoeBlqCrcyZFXITwUgRoq92Zn4HE9s7nUTHY7tgzzV5We4ScTQPk%2BPWS%2BB5Z1pMgEiOlqpijeSeanpWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
663462b6cec1c281-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
jquery-1.7.min.js
code.jquery.com/
92 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.7.min.js
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:48 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 00:16:07 GMT
server
nginx
etag
W/"54499a47-16f44"
vary
Accept-Encoding
x-hw
1624353468.dop020.fr8.t,1624353468.cds252.fr8.hn,1624353468.cds220.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33254
common.js
kimcartoon.li/Scripts/
2 KB
971 B
Script
General
Full URL
https://kimcartoon.li/Scripts/common.js?v=1
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
892446b6fc7ec9f18e9adb42e84bd178d3bfa714adcddda3112e9016e6a422ea

Request headers

:path
/Scripts/common.js?v=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2810
cf-polished
origSize=2396
cf-request-id
0ad49c0a0500003128461d0000000001
last-modified
Thu, 16 Mar 2017 01:50:50 GMT
server
cloudflare
etag
W/"509b5bbdf79dd21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tq4GlqDTeNAzzWcv40NtJpRhuhug4cgl2cS8sUGK9QjYgAtzy5oCoNFE4aHkkfxqVQIB%2F1fRLIPysr7jVFwiKdjSfx2tJk%2BvQGeA4iNWJWYZnwwB6gLcKpH%2BjMk%2Bp93I0EfL5LVQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
663462bcceca3128-FRA
cf-bgj
minify
tpl_style.css
kimcartoon.li/Content/css/
20 KB
5 KB
Stylesheet
General
Full URL
https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b7b0a2762ce7182456b16464e33f025e9a24a4274b1df5d5a06694fd2baefa9

Request headers

:path
/Content/css/tpl_style.css?v=10.14.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5086
cf-polished
origSize=29409
cf-request-id
0ad49c0a01000031284e13d000000001
last-modified
Thu, 18 Apr 2019 03:33:23 GMT
server
cloudflare
etag
W/"f49e327a97f5d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kq3D52N9UVfY7th%2Bov6%2F7957cbPE429%2BJ34ZyE%2B0CCeGIThbXstgNfaS7j1N8RCzUY%2B%2BUt3ThkLpg1qo%2BICSR8k0Vl2GLXAuAcF%2BLT1lVzQme74G5JxekxIX7QPB8LE3B7ys7DV8"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
663462bccec33128-FRA
cf-bgj
minify
upload-progress.css
kimcartoon.li/Content/css/
613 B
563 B
Stylesheet
General
Full URL
https://kimcartoon.li/Content/css/upload-progress.css
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a06db8dd7c05e79c587945cb8e38c2506a83c2e34177083d15a7d21a529e3744

Request headers

:path
/Content/css/upload-progress.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3028
cf-polished
origSize=669
cf-request-id
0ad49c0a01000031282503c000000001
last-modified
Thu, 12 Mar 2015 15:28:28 GMT
server
cloudflare
etag
W/"70968e30d95cd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dGVsdC0scv410EEAB303UGk3QPEUOTr7ZEifEhABmUj9RbuYsm2%2BXe0MUzVJ2GCLWZMpPnSu5RndD3vs19a0hOQhTaylDeQHI9noCnQ6wH6ycmzwS7qVcHOBTuRcimntPXbr9BFk"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
663462bccec63128-FRA
cf-bgj
minify
jquery.ui.all.css
kimcartoon.li/Content/ui-lightness/
58 B
456 B
Stylesheet
General
Full URL
https://kimcartoon.li/Content/ui-lightness/jquery.ui.all.css
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
017602605e734c453272401eb659211450072d457c4be57e04a42fd95199a18f

Request headers

:path
/Content/ui-lightness/jquery.ui.all.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1870
cf-polished
origSize=291
cf-request-id
0ad49c0a01000031285618b000000001
last-modified
Thu, 12 Mar 2015 15:28:33 GMT
server
cloudflare
etag
W/"70386233d95cd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DRopXVigUyBDkfd96WsVAUiNYmqP%2BCUU5F3wpPlXmQqO794ijHQ79xgqBBrg%2FnwFBLI5%2BGoVGT3WPMKdvZ%2BF5USHwqiG6yR7X00sOacoBjb5a92%2B8D6ZK7rkCMBG8JnSXk2Vms5J"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
663462bccec93128-FRA
cf-bgj
minify
10526
toeschistache.com/1clkn/
6 B
1 KB
Script
General
Full URL
https://toeschistache.com/1clkn/10526
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
51.68.186.35 , France, ASN16276 (OVH, FR),
Reverse DNS
ip35.ip-51-68-186.eu
Software
nginx /
Resource Hash
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=1
Keep-Alive
timeout=20
/
services.vlitag.com/adv1/
933 B
1 KB
Script
General
Full URL
https://services.vlitag.com/adv1/?q=064b31ebe1436b09c01ac0d0c8ea96d0
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceda705c91986f440cc05a43fc167c8160c05a2fedc33629bf523f6689f2f749
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad49c0a6f0000324492926000000001
pragma
no-cache
last-modified
Tue, 22 Jun 2021 09:17:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ct%2BNAhDMCfEvhJCt%2Fk2pBhHaVvOYmuZzqL84WQk9DRDJogUtdNRU%2FHBpE4W2Rw9P0vqF5vnxWE9MinXB00BxMBtPVIde6mIidEqwcjLbQL%2BDCLDgdJ4gsMQOJd6Qnm9TW6W7utS96Lm5UiWn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
663462bd7fe63244-FRA
expires
on, 01 Jan 1970 00:00:00 GMT
adb.png
kimcartoon.li/Content/images/
6 KB
7 KB
Image
General
Full URL
https://kimcartoon.li/Content/images/adb.png
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bc0a5b35eabe7e056ae4f57e798c92415310942a93deb703f6e985cea44792f

Request headers

:path
/Content/images/adb.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5090
content-length
6568
cf-request-id
0ad49c0a69000031286f2af000000001
last-modified
Thu, 18 Apr 2019 02:46:52 GMT
server
cloudflare
etag
"076ffa90f5d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vdTeyIi5ErnB4sa%2B8zepX2%2FZVzDPgogT8C12XeR1l0xMl05C74sqhTF6lT1Wj2NKaSDd7H4WCdkDGhU374vuHsvtiUVcc17gYmLQV9EgYoMDhzXBpXgRv5893RtSYuEqpqu3G0%2BV"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd785b3128-FRA
user-small.png
kimcartoon.li/Content/images/
3 KB
4 KB
Image
General
Full URL
https://kimcartoon.li/Content/images/user-small.png
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d660eab52c2636d2de2a42173f071af45892b035a5fe65a0b4691b84d8a55495

Request headers

:path
/Content/images/user-small.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5191
content-length
3542
cf-request-id
0ad49c0a6a000031285a994000000001
last-modified
Thu, 12 Mar 2015 15:26:43 GMT
server
cloudflare
etag
"b08fc1f1d85cd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9cb6lhVIsw94uLCDdc%2B4%2FeMiZgvpUZaYiwq7wwN3%2BWe6dQvVhT5Rjpp2WNqw3omPFdOio9WtaDlPRWwhs63ScxDhqOo2o5E16uyqZktFWIqRXuzPWs0HR7nmz%2B6PmXI5U2L8T%2BII"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd785e3128-FRA
search.png
kimcartoon.li/Content/images/
2 KB
3 KB
Image
General
Full URL
https://kimcartoon.li/Content/images/search.png
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
872ef2eb7e062c1cea3fb5e7a4c1e5553818d68fc2d0b476c3af20baae42df89

Request headers

:path
/Content/images/search.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5276
content-length
2539
cf-request-id
0ad49c0a6a000031288f3e0000000001
last-modified
Thu, 12 Mar 2015 15:28:17 GMT
server
cloudflare
etag
"50b5e2ad95cd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3mFOYxZ03k40Y%2Fo2SZypnQ9juxko4sqzPS5A7Lq0cP21ujiEQF6dWXUQj41k5Yt589eD67IKROEmhEqqi%2Bg%2BiD6ACaY5NBNZJTdPTcQ7CQoZCRlfFWeURazxnjWvo0F9YvRZTdjZ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd785f3128-FRA
widgets.js
platform.twitter.com/
95 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F3) /
Resource Hash
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:57:32 GMT
Server
ECS (frb/67F3)
Age
917
Etag
"9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28779
read.png
kimcartoon.li/Content/images/
4 KB
5 KB
Image
General
Full URL
https://kimcartoon.li/Content/images/read.png
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92e3577523bda5413fa3d9b324eef4248416f70f95cfac5090ede23969ed9f05

Request headers

:path
/Content/images/read.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5190
content-length
4224
cf-request-id
0ad49c0a6a000031288c082000000001
last-modified
Thu, 12 Mar 2015 15:28:19 GMT
server
cloudflare
etag
"502ee02ad95cd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hXeDJvZQz8xtVQlX8lBL3VPpvrIk15oBvSHSJXE6YgcChnibZubQ1IOsSk3G3lPhtBLf%2FhsgromeKY9O8vH4%2FiJPRuC%2B%2Ff7EJQAjVI0b0v3ofaf%2Bdu4SeRAtnaZtd6pHLyuvXiE5"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd78603128-FRA
customjavascript.js
kimcartoon.li/Scripts/
1 KB
714 B
Script
General
Full URL
https://kimcartoon.li/Scripts/customjavascript.js?v=1
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b087fa4289ff1b61934d2a04f72cb25b22b605b5d6383f29d14e3587a908acae

Request headers

:path
/Scripts/customjavascript.js?v=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
205
cf-polished
origSize=1647
cf-request-id
0ad49c0a210000312834bd1000000001
last-modified
Fri, 24 Mar 2017 14:54:21 GMT
server
cloudflare
etag
W/"30fe4c85aea4d21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=420%2BMXV3hrRRuLgWb69shqi%2Bb5FWvwIPoHbdp3g9RvZcRXfUiGZuviBWOGmAw48VkQeYJwoiuuyjboc0EaII%2B7Z%2FsAgYxkdukHuivVtAurG%2BkuH1ReXgYlBrRhJ5IPg65D%2FXcbKp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
663462bcff243128-FRA
cf-bgj
minify
jquery.tools.min.js
kimcartoon.li/Scripts/
6 KB
3 KB
Script
General
Full URL
https://kimcartoon.li/Scripts/jquery.tools.min.js
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b28adeacc32ef2e6ec9eb10c10dd34af58c7de59dec50a21614af19a4e988751

Request headers

:path
/Scripts/jquery.tools.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Mar 2015 15:28:39 GMT
server
cloudflare
age
193
etag
W/"b09b1537d95cd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MDQAX8Mn1xjyoh0ReT%2F0ytsCTvvYuJ%2BytKw6OgqaIJNmU2nt8MGSdVjEQi9g4QDu37QAf2Miduomcv2yUFKLrnXDyAFTg4QtLtZdp1scpSdiyYfY2fLH%2FZP2bG%2B1CVZ%2B%2BpHaTUom"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
663462bd0f5a3128-FRA
cf-request-id
0ad49c0a28000031283707c000000001
65068011157.jpg
kimcartoon.li/Uploads/Etc/4-27-2021/
24 KB
25 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/4-27-2021/65068011157.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7582e40f59b95bf52549f14817b33ef6c5ab68b4a7939c190dc8659a30caee2c

Request headers

:path
/Uploads/Etc/4-27-2021/65068011157.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5500
content-length
24826
cf-request-id
0ad49c0a6a000031287eba8000000001
last-modified
Tue, 27 Apr 2021 09:53:27 GMT
server
cloudflare
etag
"643ec72b4b3bd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pl9yVhYQ5hAebIRW2P85N7pKWm1jvKyNGwBEDiZFLiu9Ze4eMzyobsXopMBWlT87ZZtyuMw6Nqa5kb5ZzzHo3P5vOjX6bANDGk4UaLsNph224RH8WUTMTuNh3Wi9zB%2FDvZtR%2Bqcj"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd78623128-FRA
cf-bgj
h2pri
42310811158.jpg
kimcartoon.li/Uploads/Etc/9-28-2020/
28 KB
28 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/9-28-2020/42310811158.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
694cbfe5a568a8fa0edddea7dd06534e0434dde2c01fbc0ea79a2b3a5b83b3c8

Request headers

:path
/Uploads/Etc/9-28-2020/42310811158.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2419
content-length
28162
cf-request-id
0ad49c0a6a000031286f869000000001
last-modified
Mon, 28 Sep 2020 04:29:06 GMT
server
cloudflare
etag
"5f53f0e64f95d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CjRoX5YYAsaKJ1u1lsnM%2F3%2Fzc4v8xJESh7htztFi7nIEWTeB4RowQaLavBYkkYi2A%2BcMOEEwElzwArU0T481v1m2Ac83hydouerOF%2FK%2F1EABTwYC66IxY6tpyMb03eoXtZm%2B7qdb"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd78643128-FRA
cf-bgj
h2pri
27173811155.jpg
kimcartoon.li/Uploads/Etc/6-21-2021/
26 KB
27 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/6-21-2021/27173811155.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bee42feb2d9663cec71c9bba3f83b1f5f4d11d4301e28b70a63557c969b50074

Request headers

:path
/Uploads/Etc/6-21-2021/27173811155.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3205
content-length
27112
cf-request-id
0ad49c0a6a000031283b389000000001
last-modified
Mon, 21 Jun 2021 09:22:16 GMT
server
cloudflare
etag
"8d2028ed7e66d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qtSO0vWVD1606tVEdphQ4yuZOPM1b5arEuVWpRKCJnkxKG6bM4M9H7MrrEUm4mOzvBVSHMCUKZLVGqWUeJwrMHUNimo6Fr%2F1j9ftCiwAN%2FpugVmzTFb%2F41f%2BWh5o8q4D20bQj%2BSM"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd78653128-FRA
cf-bgj
h2pri
53394311153.jpg
kimcartoon.li/Uploads/Etc/5-15-2021/
26 KB
27 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/5-15-2021/53394311153.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e09e2ceb758d702fa96e5207bc655668d611e7788af0db8a4302dac270dfeff4

Request headers

:path
/Uploads/Etc/5-15-2021/53394311153.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3229
content-length
26844
cf-request-id
0ad49c0a6c000031288aba9000000001
last-modified
Sat, 15 May 2021 00:12:20 GMT
server
cloudflare
etag
"29824f91e49d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vL5102pXOz1sJ2micq3fLSdhoE8oyIB9Tk8XUHaAOHhed4%2FrNk71PvOtluxmRGl948NVWLwyHjNJ88ZJ%2FMSaWg3Ogb5Re7mYrljqv%2BlMHg01XLmtZo6pplAPmIA8mYGQa4%2FUL%2F2Y"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd78663128-FRA
cf-bgj
h2pri
3723611153.jpg
kimcartoon.li/Uploads/Etc/4-17-2021/
21 KB
21 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/4-17-2021/3723611153.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6de83c8e74656756d7604e8240718bff48718ca8cd6c86d1e962d47e1c0ed62

Request headers

:path
/Uploads/Etc/4-17-2021/3723611153.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1023
content-length
21407
cf-request-id
0ad49c0a6b0000312852a6d000000001
last-modified
Sat, 17 Apr 2021 14:05:43 GMT
server
cloudflare
etag
"675647c19233d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FGZI4fFOWaUEJ4DpSQp8km2Fp2zraoYtfikDleGgv%2BUvbamS1Dbx3Zdqjos1%2F1qwW4QTmbAU5Qu56RZDKDd%2F6TplxqXh3W8pVavjba%2BMgVOPE7PdIUovJR1TbcU2CxTtIJaNUQdo"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd78693128-FRA
cf-bgj
h2pri
74766611153.jpg
kimcartoon.li/Uploads/Etc/5-5-2019/
29 KB
29 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/5-5-2019/74766611153.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
525de37019a193567ba66fecc5a72c7fa3f82698365ea7b77a8a56176f001a0c

Request headers

:path
/Uploads/Etc/5-5-2019/74766611153.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2821
content-length
29687
cf-request-id
0ad49c0a6b000031282f97d000000001
last-modified
Sun, 05 May 2019 03:14:30 GMT
server
cloudflare
etag
"6fed67a7f02d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KvM%2FXgoz7OJvSccI9zp%2BY%2FpT%2BNAt%2F3ps%2FJlvz9A1G9t2DM3NP379J9mB3Gd64KMehGjgWq2ln51RjQPHxDVNlGD7KXGEVYA%2FPvfnM9uNg9XZKq9KcRheqWqFcwligWA8QmPQvZhn"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd786a3128-FRA
cf-bgj
h2pri
16045811152.jpg
kimcartoon.li/Uploads/Etc/1-28-2019/
23 KB
23 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/1-28-2019/16045811152.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
882debb607c47e7d1bc6a2b3e27a4ddda3ceac685567bc229ce4f1f0a0db2b26

Request headers

:path
/Uploads/Etc/1-28-2019/16045811152.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3601
content-length
23496
cf-request-id
0ad49c0a6b000031283f95d000000001
last-modified
Mon, 28 Jan 2019 03:04:00 GMT
server
cloudflare
etag
"a2e0c81db6b6d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BCr3cXqxqdfqzyY6HlFxGYtPx2We7PLqizs7pAXiBbs0z3H%2BnVuBJwkE8wNMQoYN10nPkRKjNnkxeZf6JS2S0xPfw8sMjknOkR%2BGBVUQb%2FlqyHGPvg57VxWswYfg99ynZGlPWybZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd786d3128-FRA
cf-bgj
h2pri
94097811153.jpg
kimcartoon.li/Uploads/Etc/6-24-2020/
24 KB
25 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/6-24-2020/94097811153.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34db023a3a5e9109b4be18e51392d33747ed7e9e8eb29995ad99f9823df1ec62

Request headers

:path
/Uploads/Etc/6-24-2020/94097811153.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3673
content-length
24721
cf-request-id
0ad49c0a6c0000312815208000000001
last-modified
Wed, 24 Jun 2020 04:06:18 GMT
server
cloudflare
etag
"c73cd7cfdc49d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZJMMumuA6YApfWm%2F0ofnBB06rscHfQkDNTdhrt5XcAVIityJG5%2BVaF4%2Beqn4JN8hWoM0X1w5kfN2280bMNXUp6sJ2U%2FR1GS%2BJBJdXkBenooOwgoh%2Bqms1HcvQiuRfK7qWy7YHFGS"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd786e3128-FRA
cf-bgj
h2pri
38342711154.jpg
kimcartoon.li/Uploads/Etc/6-19-2021/
22 KB
22 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/6-19-2021/38342711154.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
239945bc7788464d88fc9ec74d7a25ec8a1301c09f206a4932ea08fe2a66a5fb

Request headers

:path
/Uploads/Etc/6-19-2021/38342711154.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1524
content-length
22327
cf-request-id
0ad49c0a71000031288abaa000000001
last-modified
Sat, 19 Jun 2021 12:41:37 GMT
server
cloudflare
etag
"ea4aa371865d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZkzBlh6pGEj22j8zktS2Omc%2BDSku3V3zrR4GGd9Q4AeGelROyY2C%2FcfmbxWk0AbXcP%2BZsh%2Fgb7gEaxuKzB05RxsnExJgQ%2Ft5%2BJ77MgUBoH1Ts3q%2BBxLRgwhunnUMmXtW1qrXk0xn"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd786f3128-FRA
cf-bgj
h2pri
29295611153.jpg
kimcartoon.li/Uploads/Etc/6-19-2021/
21 KB
22 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/6-19-2021/29295611153.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7087436cb374d78d4737301b09a6da27786486738298e70efb79317cb1773c0

Request headers

:path
/Uploads/Etc/6-19-2021/29295611153.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1756
content-length
21547
cf-request-id
0ad49c0a6c000031286ba15000000001
last-modified
Sat, 19 Jun 2021 12:37:11 GMT
server
cloudflare
etag
"93a14d3765d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bfTM1JINx8NojS4Uv2PJ3sDKW4zt6XBwODjCpFEubmrylkl8N5lgzpAjE4JFnau4RJpqCHnLANp2isQjGWgexCzl5AK2EUtdGCW4O3hFkb6f%2F3A%2FovEQK7jz%2BFQb%2FFGE6nE%2FpH9j"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd78713128-FRA
cf-bgj
h2pri
banners
mybetterdl.com/adServe/
Redirect Chain
  • https://p375584.clksite.com/adServe/banners?tid=OM1KIMCARTOON_DI
  • https://mybetterdl.com/adServe/banners?tid=OM1KIMCARTOON_DI
81 KB
32 KB
Script
General
Full URL
https://mybetterdl.com/adServe/banners?tid=OM1KIMCARTOON_DI
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
18.65.c0ad.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
58226e498bdf3ffebf70debb9d017f73adc1ff350d1c34af18921e826111915c

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:17:49 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://mybetterdl.com/adServe/banners?tid=OM1KIMCARTOON_DI
date
Tue, 22 Jun 2021 09:17:49 GMT
server
nginx
content-length
162
content-type
text/html
1.png
kimcartoon.li/Content/images/numbers/
1 KB
2 KB
Image
General
Full URL
https://kimcartoon.li/Content/images/numbers/1.png
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f71f0a68c4e86347110d217130e4be29f8ea65b20de5e46b3c36d545b63af20

Request headers

:path
/Content/images/numbers/1.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1871
content-length
1343
cf-request-id
0ad49c0a6c0000312856195000000001
last-modified
Thu, 12 Mar 2015 15:28:17 GMT
server
cloudflare
etag
"b016112ad95cd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jvE4PNVpr1gmXRO4hAapn46uGEQRs4pTTX7Qlo2FeeQbI9VKWZlNHXN%2FKcL2k94pViTpe%2Bx%2Btbg%2B%2B0Ktrg4wzwzXNhTg45RuyCPKGYuaTVgWjCaf%2BSNvvP8fQkcL4Ec%2Fc4k8kfHP"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd78723128-FRA
2.png
kimcartoon.li/Content/images/numbers/
1 KB
2 KB
Image
General
Full URL
https://kimcartoon.li/Content/images/numbers/2.png
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e22635da0cc43dd962c2c6f355e54de93fb7fd8080d25f01f628986c7c77bcf

Request headers

:path
/Content/images/numbers/2.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1871
content-length
1412
cf-request-id
0ad49c0a6d000031284d8db000000001
last-modified
Thu, 12 Mar 2015 15:28:17 GMT
server
cloudflare
etag
"b016112ad95cd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hS5hNWG2hVWZKj2lnNONVVLADnMxEf9aY0%2F2ZPTBGep3SgUUiWy4iNVi6jOtd%2FWpanvVY%2B4a7jZ3%2BFlXNEAajuttqFsWDnmijeKFwSBiydX000YHUcrJRrPc2pIMkg6fZjkLPWpF"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd78753128-FRA
3.png
kimcartoon.li/Content/images/numbers/
1 KB
2 KB
Image
General
Full URL
https://kimcartoon.li/Content/images/numbers/3.png
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0717c315cd8271bfcdc743539f6dd5650f4181a7a5b08facc38df2893de3e3eb

Request headers

:path
/Content/images/numbers/3.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1871
content-length
1415
cf-request-id
0ad49c0a6d000031282d029000000001
last-modified
Thu, 12 Mar 2015 15:28:17 GMT
server
cloudflare
etag
"b016112ad95cd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cuJB%2Bhyd38cczlq9VrwNywv%2FF0xawh6YXFeTAZPp0fmU%2FdnwJ692QBDPEBTfs%2FZerzCpZoJY%2BfP3Bo7jmpqYuiSWOffhDUqlEvDiQrkwCIwZCICbShDirPJIUrZkYR%2FLjM0Tbkfj"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd78763128-FRA
4.png
kimcartoon.li/Content/images/numbers/
1 KB
2 KB
Image
General
Full URL
https://kimcartoon.li/Content/images/numbers/4.png
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e3d4949e651cab52f30bf53b2503921e1f9b9b3f9ffef63939b13132556e47f

Request headers

:path
/Content/images/numbers/4.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1871
content-length
1330
cf-request-id
0ad49c0a6d0000312877130000000001
last-modified
Thu, 12 Mar 2015 15:28:17 GMT
server
cloudflare
etag
"50b5e2ad95cd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ljMaB6I7IIn23Y08kZkPN4OkIhqPjNPxnvaFtDENC4kc2VBUgt2A%2B2Jv7uV4vmQxjIhUSpbsK0cxcgOrrSPMUmXI9teuAHqnxnfqNIaUg7pPtYBtOvZR%2BlUEPUjfEDK7EEiL6gPh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd78783128-FRA
90861511152.jpg
kimcartoon.li/Uploads/Etc/6-19-2021/
23 KB
24 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/6-19-2021/90861511152.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95912cce26c1216a8557ff4eea3af3c44c59a0c9b76566fc9ed95066a0f9906b

Request headers

:path
/Uploads/Etc/6-19-2021/90861511152.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
271
content-length
23830
cf-request-id
0ad49c0a6d000031286099e000000001
last-modified
Sat, 19 Jun 2021 12:32:13 GMT
server
cloudflare
etag
"935cec21765d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7t2i2bbvv3TPaDy71%2FChRDknqgwbNxrI32TAyZ4VSvzy%2B%2FeM1haWZGMHgfieO7%2BaSNvwHb9P7yimfiTm%2BiT8HpUhbs%2FZscUzS5jLWvY2THB%2B0zekuZ8fpYgmlxMnrjEm3VT4aAiC"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd78793128-FRA
cf-bgj
h2pri
5.png
kimcartoon.li/Content/images/numbers/
1 KB
2 KB
Image
General
Full URL
https://kimcartoon.li/Content/images/numbers/5.png
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1a527bea817e86dcce6a64fa1505b274a221ef954370eaab51e373036d75f22

Request headers

:path
/Content/images/numbers/5.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
454
content-length
1430
cf-request-id
0ad49c0a6e0000312879943000000001
last-modified
Thu, 12 Mar 2015 15:28:17 GMT
server
cloudflare
etag
"f053c2ad95cd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LQ23%2BJSadqTBU9gtUKV1uOqt54686T33G4Z4yOG3Uc21nmAFHGM0ubmYfxzvNubzqmEzg0pggNUA7c1vFARnknOnO%2FTHACXenX%2Bln5xKhFpfOg5L9NyjEkO1jwGhH9%2F%2BSjHPA9OV"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd787b3128-FRA
295023245534.jpg
kimcartoon.li/Uploads/Etc/2-8-2017/
22 KB
22 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/2-8-2017/295023245534.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a05d63372739f664f358e0225b64d59e9a75a214478a21d5bac73428d751f20

Request headers

:path
/Uploads/Etc/2-8-2017/295023245534.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3074
content-length
22625
cf-request-id
0ad49c0a6e0000312837081000000001
last-modified
Wed, 08 Feb 2017 01:04:29 GMT
server
cloudflare
etag
"6ae9b44ca781d21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wnq3jOSaC1zKLzRuaYXhO3oKvz6bD%2FJ50eipYNBKQ2wvdr5jFwrr2OskBMuNmd2E4%2BlQ4nWpx5BkRyMBqbRtqJaZG0KeYYVdwsn99OKg27mpVDmXPZn6OdP6xOGglCxFxYC54ARu"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd787d3128-FRA
cf-bgj
h2pri
6.png
kimcartoon.li/Content/images/numbers/
1 KB
2 KB
Image
General
Full URL
https://kimcartoon.li/Content/images/numbers/6.png
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2d058b839840c84cb123a13a1d2b558e4ac173bccd96d653991b85ca3accf24

Request headers

:path
/Content/images/numbers/6.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1736
content-length
1429
cf-request-id
0ad49c0a6e0000312866a28000000001
last-modified
Thu, 12 Mar 2015 15:28:17 GMT
server
cloudflare
etag
"b016112ad95cd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4q7bWcOEG6%2FA%2BZs4WkpgJuWeSdI1RyO3f00B0kL0MngNp6Ci9YxK5R5IGRaF1W7h%2F3XuPE8MRvKYtA54GuUspm9UdYuGuMnur2ebiF6VEEscjiylkwl%2FXrH4FbQgjcmRCi0XV6NI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd787e3128-FRA
34565311159.jpg
kimcartoon.li/Uploads/Etc/7-8-2018/
17 KB
17 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/7-8-2018/34565311159.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4c0f72d6ddb57339934c8341bec057505c3b46482f300349cd4d468f61090c2

Request headers

:path
/Uploads/Etc/7-8-2018/34565311159.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5177
content-length
17186
cf-request-id
0ad49c0a6f000031282504b000000001
last-modified
Sun, 08 Jul 2018 00:27:30 GMT
server
cloudflare
etag
"3f5ca0745216d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GK9Cvs6Gg24zWjwdMMSnQwiSWOGXeV7z8bIsOubQFwKM72h%2FGb92%2FQcQ1nWXaUHiwmzjgp6S%2FiWiwcMACj6bpU3XS27A23XqSFCarhniKe36fmc9LRBsLwy7ek9yTaeTfaEtUNdb"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd78803128-FRA
cf-bgj
h2pri
7.png
kimcartoon.li/Content/images/numbers/
1 KB
2 KB
Image
General
Full URL
https://kimcartoon.li/Content/images/numbers/7.png
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6848602ae544be3979f9ae0d1cd68f78748e10ce6f513bf782aa136e02d8a9d

Request headers

:path
/Content/images/numbers/7.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1736
content-length
1413
cf-request-id
0ad49c0a6f0000312884157000000001
last-modified
Thu, 12 Mar 2015 15:28:18 GMT
server
cloudflare
etag
"50e15a2ad95cd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0udD2Zf9IlH9MIpde9mmGVAvNYrgxe8U3I7R8HwLM2fbkwnUuoHIs5zBZRz8frrmn86nMifeiguQ%2FsUnSyc5JqenzD%2FhaiLGPV6bVy0F54dGs27Vy2xbybG0Pv1EsqOiQD9lAwxc"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd78843128-FRA
8.png
kimcartoon.li/Content/images/numbers/
1 KB
2 KB
Image
General
Full URL
https://kimcartoon.li/Content/images/numbers/8.png
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b25f693880a21d4a9b7ab43071f3808ee93ab04038a5f812a22949297bfd2829

Request headers

:path
/Content/images/numbers/8.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5371
content-length
1432
cf-request-id
0ad49c0a6f000031287eba9000000001
last-modified
Thu, 12 Mar 2015 15:28:17 GMT
server
cloudflare
etag
"b016112ad95cd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HXBKkA9BmpbhiDCE3KkGFVd2Sow004unP7xE91TdCvjIMSy3q1meO5GyTBcGBwQdyZvtd5CaJwZgOP3bKeyZK8qeYezbpaKr4Rs7k04DJlrGzKVeDxEj9Z2PC5%2FLDaxn0aCwLivN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd78853128-FRA
16578011151.jpg
kimcartoon.li/Uploads/Etc/6-15-2021/
25 KB
26 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/6-15-2021/16578011151.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d084b4d472ec86be4179de9fd0edd0196428f0b63f582c2709e51e1fe1a1c73

Request headers

:path
/Uploads/Etc/6-15-2021/16578011151.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4881
content-length
26049
cf-request-id
0ad49c0a6f0000312856196000000001
last-modified
Tue, 15 Jun 2021 01:29:06 GMT
server
cloudflare
etag
"c74051d58561d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Qa%2Fvi4dBBhjuQsGml2cK4KHltHEvmrg8pXog0hkniZz3%2Fgf0FBFtJjnwNxA%2B48yPGB%2FFF8XGzxl%2BUWVzLx5tkm6x6E6nEGsO80%2FtiK%2F4eu5H9AAcmL4NTZCdrJeoP4RobCztvmdl"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd78873128-FRA
cf-bgj
h2pri
9.png
kimcartoon.li/Content/images/numbers/
1 KB
2 KB
Image
General
Full URL
https://kimcartoon.li/Content/images/numbers/9.png
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
929fbf02c20ca0bd4c17be08a3ffe5f0306b7362357413efb44fcce3a894d737

Request headers

:path
/Content/images/numbers/9.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
194
content-length
1412
cf-request-id
0ad49c0a70000031285a995000000001
last-modified
Thu, 12 Mar 2015 15:28:17 GMT
server
cloudflare
etag
"b016112ad95cd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ksShVc6Z%2FmtMt8WHlx%2BnGXm63BXDtSa8ef2v9RX1H1JdbREe3r07cRMrj8u5peJTpfUU1YJmoyEsnNjUWYYKPrJPg%2BO6TRmchLQuJVyXXm4%2BR3yPfU3h%2BVphjPPiOJYfxNdecDYf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd78883128-FRA
78984411153.jpg
kimcartoon.li/Uploads/Etc/8-2-2020/
19 KB
19 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/8-2-2020/78984411153.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33dde796b53c2fc9b199011b4e14637d178593b54db89aa7e54389c2507925a7

Request headers

:path
/Uploads/Etc/8-2-2020/78984411153.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6085
content-length
19003
cf-request-id
0ad49c0a700000312822330000000001
last-modified
Sun, 02 Aug 2020 05:34:29 GMT
server
cloudflare
etag
"b1a3c0978e68d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lVrwcLrMw2zmLm0kZsDqmwOM9ZsHNV6hh33DdzqdjBUm%2FQ1s4Ncr8AGvPHZELwADX6Nt3lfVwt8m%2Ffv33vQIuyfayClCYJ5qnmNZ%2FWwauobNAtdNmf6L%2BFviQvnsY4BMEilNVZ1I"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd788a3128-FRA
cf-bgj
h2pri
10.png
kimcartoon.li/Content/images/numbers/
1 KB
2 KB
Image
General
Full URL
https://kimcartoon.li/Content/images/numbers/10.png
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6afa8f1995500b9f72a6c05ad68ca1d1b071e424828a7307014fc4216488ca0

Request headers

:path
/Content/images/numbers/10.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1736
content-length
1438
cf-request-id
0ad49c0a700000312815209000000001
last-modified
Thu, 12 Mar 2015 15:28:18 GMT
server
cloudflare
etag
"b0425d2ad95cd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cmHsrzIYhaS61sOm7WWcsS9y%2FU8H%2FU03%2Fj0sQ%2BPIVqA%2FbZSSWPBaXuWS4gz7IvCw9jxmB10tGp%2FV87oA5ArrkRhm0Cmdkyxbyat537vOYWUdDzDY%2F%2BCG%2BAo4%2Fg306PIuMzzLwBR2"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd788b3128-FRA
45547711152.jpg
kimcartoon.li/Uploads/Etc/11-11-2019/
17 KB
17 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/11-11-2019/45547711152.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f3918dd608d730b8e4731f0c6057bf405a1498b15155eba4e22ad9a4c4d9a66

Request headers

:path
/Uploads/Etc/11-11-2019/45547711152.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
387
content-length
17170
cf-request-id
0ad49c0a70000031286ba16000000001
last-modified
Mon, 11 Nov 2019 07:12:11 GMT
server
cloudflare
etag
"2b5d6a565f98d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=V%2Ffby8KYzgCMOJhBGMbWV%2Bjj1hotPO79W4S6NNiKDYJu4ji6wm5PQzbG7YGt07%2FBVkxjfMAGLgL78UAU2Cs4uR%2F%2BmSPZIdExdMJIeS%2F2b0pip98Nxi%2FxQSgVEsegWkZ7%2BSugPleE"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd788c3128-FRA
cf-bgj
h2pri
5794301owl.jpg
kimcartoon.li/Uploads/Etc/6-6-2021/
21 KB
21 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/6-6-2021/5794301owl.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a816e1c7a0d46cedc6beb532f93486f740aa44ca1d8377de2b6e8b1fe127fa2d

Request headers

:path
/Uploads/Etc/6-6-2021/5794301owl.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5677
content-length
21256
cf-request-id
0ad49c0a71000031283f95e000000001
last-modified
Sun, 06 Jun 2021 01:56:55 GMT
server
cloudflare
etag
"9aa5183a775ad71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bDSFICIYi%2BcJ1EgRywTCi3M5CbbGE3KwHZuiS3F8QExZWszh9xM3PNAB%2FLqgmIcGboGywMLciUZjJKakadSTnqDr0fjgiVpbNxYr0ibH9pd6yB8lvaedFABRAO4fNPlCCwzPdo6s"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd788e3128-FRA
cf-bgj
h2pri
17346911158.jpg
kimcartoon.li/Uploads/Etc/11-6-2017/
21 KB
22 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/11-6-2017/17346911158.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2317f2ec94517e7420f203f8e7bbc3368011d549f1b9ef9d739a37407d3164f2

Request headers

:path
/Uploads/Etc/11-6-2017/17346911158.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4881
content-length
21854
cf-request-id
0ad49c0a7200003128699a3000000001
last-modified
Mon, 06 Nov 2017 08:01:33 GMT
server
cloudflare
etag
"15db4376d556d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pukIOV6uktMhHW%2BbBXjLMq4cUPoQcmfXlU7694DXVu2M0UbmqkJXAZmgQ26VC616TzG54xkIXRn2jZrbJ0jkq398xxcn9QoEETLCXxR6I3lCMhuF4Dhg420iQWJKhgPRIVhmGQQE"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd788f3128-FRA
cf-bgj
h2pri
480944111510.jpg
kimcartoon.li/Uploads/Etc/3-27-2021/
23 KB
23 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/3-27-2021/480944111510.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46a08875424dcbf8042205582cebb7c52a36d744f72a9258c41b9c4f4516b24e

Request headers

:path
/Uploads/Etc/3-27-2021/480944111510.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4881
content-length
23243
cf-request-id
0ad49c0a710000312832bac000000001
last-modified
Sat, 27 Mar 2021 06:44:59 GMT
server
cloudflare
etag
"5fa1bab4d422d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hJmMsnOdfN0HNvRe9zXPGt10yP90cCbDlMULUuVzGwkaLAKBjzlhPZgz4jvCrAsmivToJvbj%2BBmYFPAYcafVJjIw5maaS1l65bpeJa4zOGpAit5DThAf1I8QXeON%2FDO6GLbVGuKl"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd78903128-FRA
cf-bgj
h2pri
4492023ram.jpg
kimcartoon.li/Uploads/Etc/11-19-2014/
22 KB
22 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/11-19-2014/4492023ram.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85fd3db1b489f92acfd7d781945ddabd5478af6a9d8a5089bd6c476994c9a560

Request headers

:path
/Uploads/Etc/11-19-2014/4492023ram.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1962
content-length
22161
cf-request-id
0ad49c0a74000031282a156000000001
last-modified
Thu, 20 Nov 2014 06:55:50 GMT
server
cloudflare
etag
"7dafd648f4d01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=q9bIW9rG8c5qCqCI21sDdKQKzEGKxh8iX0eoIydS9psdZ%2BG2kNMUOKQGqvCqZf0mL2G8F%2F6v5Fxk4mMQJsIdGr2F10al9VowQm5i9L1Ep4o%2B9Ms9HoN0QiGCnNdqB1afMWMnjcaV"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd78923128-FRA
cf-bgj
h2pri
83646111158.jpg
kimcartoon.li/Uploads/Etc/1-10-2020/
28 KB
29 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/1-10-2020/83646111158.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44a8393f54300763f4cf0b27e7786e65db2c3711f2e3774ebe5ff762122a14c2

Request headers

:path
/Uploads/Etc/1-10-2020/83646111158.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2310
content-length
28851
cf-request-id
0ad49c0a76000031284d8dd000000001
last-modified
Fri, 10 Jan 2020 13:09:03 GMT
server
cloudflare
etag
"799fc221b7c7d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jtpmuQnd0bDBtz5eWnD5druNk8MfPJuH7kaBwGJwmLqyVCKVtanxuY6O0pBGqJSVinMpCUwmnayD7DtkEiGJs2PESgl7uFXevUUwprx6cQ4Xd0HV5kLgk2%2B7IdEmngGkBvAgXjTp"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd78933128-FRA
cf-bgj
h2pri
63819511156.jpg
kimcartoon.li/Uploads/Etc/2-17-2018/
20 KB
20 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/2-17-2018/63819511156.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbdf7fd81553e40a82bf966a57ac6522bd38e528d6ceb770bc0ab5a02789ed96

Request headers

:path
/Uploads/Etc/2-17-2018/63819511156.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3671
content-length
20536
cf-request-id
0ad49c0a7200003128649a6000000001
last-modified
Sat, 17 Feb 2018 01:16:39 GMT
server
cloudflare
etag
"e2f79ef68ca7d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=q2XOVLoR5H6PqULwg5Aa%2B0sKj4NdgxayhrWH6iUAE7VZcPmrR%2F5cKEy7qWDvuq%2BpKCeksacNsQPtM9Pwf3Rzr%2BIal%2BMiFrcEnbXz%2Bg%2FQfmz7D9dwmbJXiuYo1TWg8PaXGupnF9EE"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd78943128-FRA
cf-bgj
h2pri
48344211158.jpg
kimcartoon.li/Uploads/Etc/5-4-2021/
21 KB
21 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/5-4-2021/48344211158.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13255ad9eeb21f9a840219e59064870f646b3535ddc3a949601885dc67dc756f

Request headers

:path
/Uploads/Etc/5-4-2021/48344211158.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3856
content-length
20999
cf-request-id
0ad49c0a720000312834bd9000000001
last-modified
Tue, 04 May 2021 14:12:53 GMT
server
cloudflare
etag
"39fb1793ef40d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BMgWUe5Uwwbi7X6oajXxS7DmSsII5kkSh7lOssNjoZ%2Fh1O0EOUZcb5R1md0woUeTNXKj1hTy3wBPhlLXHhW7ncIgiJAVnLvEfXTi%2B27BrbRdQH8i5QY0KtuwnhIz8dQitPOtkSOB"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd78973128-FRA
cf-bgj
h2pri
56642911152.jpg
kimcartoon.li/Uploads/Etc/4-16-2019/
27 KB
27 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/4-16-2019/56642911152.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0d9ef7bff4daca66632d6a883852d4e7120a840bcc700ad3c57d46ac5aa4222

Request headers

:path
/Uploads/Etc/4-16-2019/56642911152.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4881
content-length
27283
cf-request-id
0ad49c0a7200003128489a1000000001
last-modified
Tue, 16 Apr 2019 05:54:39 GMT
server
cloudflare
etag
"40d55be118f4d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fvK98aiHfAeuIovc%2F3cGuhIPRkOzJ8xZ7roKmLRdFaXmmhct5yPJNh2DbxyX%2FPRutT49colTWKEzGiSLCSpCVXALTxVMn87GYpJ%2F1PzvNQ8Ryi5o1DILK2VlUnJXQoHLlt1CVQ3v"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd78983128-FRA
cf-bgj
h2pri
61564111510.jpg
kimcartoon.li/Uploads/Etc/6-12-2021/
17 KB
17 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/6-12-2021/61564111510.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b380ce5ab5189c126b53a04545ac12662f5ea4f26ebcafd7e8a7bd3a97f8c24b

Request headers

:path
/Uploads/Etc/6-12-2021/61564111510.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4881
content-length
17163
cf-request-id
0ad49c0a7200003128849e6000000001
last-modified
Sat, 12 Jun 2021 01:07:44 GMT
server
cloudflare
etag
"9c0d759275fd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dKCU9%2BxbtZ5%2FQSqGpKPaIRB5ML%2FnJcn8Y0rotpB9ySqE1delbRR8nXDLDals54B0rX6vQmBcUClpS4yL%2FA1UIWQsOtJElcWNN9bXZ44zj2LR%2BZbzAO%2B1gAtOMLLs5UThJTkSGShf"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd78993128-FRA
cf-bgj
h2pri
54312211151.jpg
kimcartoon.li/Uploads/Etc/7-12-2020/
21 KB
21 KB
Image
General
Full URL
https://kimcartoon.li/Uploads/Etc/7-12-2020/54312211151.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74938ec91786bf2536964dc687293728899f2ef49f562428b58b74a34ae94157

Request headers

:path
/Uploads/Etc/7-12-2020/54312211151.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3601
content-length
21534
cf-request-id
0ad49c0a7200003128461dd000000001
last-modified
Sun, 12 Jul 2020 00:27:49 GMT
server
cloudflare
etag
"849a9d45e357d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EQZ9qdQIKsDsVjtPuv1%2FlHRPhZxay6YQHGLwYf4XVP%2F6mCPzAL4nmshh%2FxjqgdQapcEgJpqvz5VXVakFh9jzUeQ5Wg%2FQ%2BEAiFPZ6mueePoyWCq2nxLRleGtc5TqvyQ6Kk65Q8Muz"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd789b3128-FRA
cf-bgj
h2pri
bullet.png
kimcartoon.li/Content/images/
470 B
940 B
Image
General
Full URL
https://kimcartoon.li/Content/images/bullet.png
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1150dbdd179d43374fa3e8bafb9f810a733be07e131a63eb8bf135f6785435fd

Request headers

:path
/Content/images/bullet.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4569
content-length
470
cf-request-id
0ad49c0a73000031283b38a000000001
last-modified
Thu, 12 Mar 2015 15:26:43 GMT
server
cloudflare
etag
"b08fc1f1d85cd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zXr0neLbYBz8p2x%2FETuQbSt3%2F%2FmCYQQcNYLdBSkLMmB%2BNQRLeNgZmIiPnASTU9DVu9vcNB8Ple7nwrNPCDw62Le6CBdsyvfzSh7589uBjNEDDGQZef9HmCz%2Fy6TV%2Fgv2Ckei90X%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd789f3128-FRA
jquery.ui.base.css
kimcartoon.li/Content/ui-lightness/
64 B
433 B
Stylesheet
General
Full URL
https://kimcartoon.li/Content/ui-lightness/jquery.ui.base.css
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/Content/ui-lightness/jquery.ui.all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3764e9c02cc33dbd4242c588f2d4898594c5e46bf3650d8c55f4d93d69b462cd

Request headers

:path
/Content/ui-lightness/jquery.ui.base.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
kimcartoon.li
referer
https://kimcartoon.li/Content/ui-lightness/jquery.ui.all.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/Content/ui-lightness/jquery.ui.all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
632
cf-polished
origSize=76
cf-request-id
0ad49c0a3600003128260ce000000001
last-modified
Thu, 12 Mar 2015 15:28:28 GMT
server
cloudflare
etag
W/"d0f79030d95cd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DeuxeOdASK6tCPSh0mtwu6qdhK%2BRbwK6qM7psa5ANRTH6NDmCAUPe6dRPGOrA3D%2Fs4WNW5qn3Mgm9%2FNS22V7ZcvK2eOFQgrVwbFayVS9kDoPsdF4YfO7KZSVRFF84tOgFTzGCMYT"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
663462bd2f923128-FRA
cf-bgj
minify
jquery.ui.theme.css
kimcartoon.li/Content/ui-lightness/
14 KB
2 KB
Stylesheet
General
Full URL
https://kimcartoon.li/Content/ui-lightness/jquery.ui.theme.css
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/Content/ui-lightness/jquery.ui.all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4a9352722d0ba4602b6398fe1a8447ce2755c87b90b38eb61573d3d9e6cce51

Request headers

:path
/Content/ui-lightness/jquery.ui.theme.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
kimcartoon.li
referer
https://kimcartoon.li/Content/ui-lightness/jquery.ui.all.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/Content/ui-lightness/jquery.ui.all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
456
cf-polished
origSize=18264
cf-request-id
0ad49c0a36000031284899c000000001
last-modified
Thu, 12 Mar 2015 15:28:25 GMT
server
cloudflare
etag
W/"b09f742ed95cd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SBp9wcYI8gx3FVdP85Xp9R6KEPqpsOoI3y2HanFahe7jzUxGtFkHeZIYpeaSvhZtu9biErzsnucWsqnv2Fp51Yxt8UVPe1tnzisjHMBOTkaibGdSnvz6TyTr%2Bkq%2BLTVfd6ISw8pz"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
663462bd2f993128-FRA
cf-bgj
minify
jquery.ui.core.css
kimcartoon.li/Content/ui-lightness/
776 B
636 B
Stylesheet
General
Full URL
https://kimcartoon.li/Content/ui-lightness/jquery.ui.core.css
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/Content/ui-lightness/jquery.ui.base.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e2d6cde540a3ec53262aba8013bcf3d467dff7c773ccb1fa9abf0e61b467f0b

Request headers

:path
/Content/ui-lightness/jquery.ui.core.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
kimcartoon.li
referer
https://kimcartoon.li/Content/ui-lightness/jquery.ui.base.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/Content/ui-lightness/jquery.ui.base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2810
cf-polished
origSize=1459
cf-request-id
0ad49c0a47000031281713a000000001
last-modified
Thu, 12 Mar 2015 15:28:25 GMT
server
cloudflare
etag
W/"102dc32ed95cd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WhZD1wXjoQFqCbPHAgjkxjPaw35R1D5%2FGssTGa95Ly9RHKja91I70C%2BpjA2b3vRq6TmBN%2BXCP6wO5c%2FkEcWNCT2TxmA1r%2BIHFpRzlZP%2FPuFMruuqWFKd3Xtx7WgD5tl7T1%2F2O22o"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
663462bd3fdd3128-FRA
cf-bgj
minify
jquery.ui.progressbar.css
kimcartoon.li/Content/ui-lightness/
105 B
401 B
Stylesheet
General
Full URL
https://kimcartoon.li/Content/ui-lightness/jquery.ui.progressbar.css
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/Content/ui-lightness/jquery.ui.base.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02fe7d91d1158027ef13c051d8289781b4b849a7a3595fce782d958c82aa2b38

Request headers

:path
/Content/ui-lightness/jquery.ui.progressbar.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
kimcartoon.li
referer
https://kimcartoon.li/Content/ui-lightness/jquery.ui.base.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/Content/ui-lightness/jquery.ui.base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1736
cf-polished
origSize=357
cf-request-id
0ad49c0a470000312852a68000000001
last-modified
Thu, 12 Mar 2015 15:28:25 GMT
server
cloudflare
etag
W/"b09f742ed95cd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ub0%2BQE8%2B%2Bu6AQTzpgigh7AkIBhTy8otP5eNX%2FugUyoLz85ogGWPuKK9yIfgG4JZGcbzXYEpjjYWEaptScIn6fNZ%2FRxdV5VgRqX9oMx0z5yahn5SO32g8UptEsx1Mu6NRcMdLg3MJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
663462bd3fe03128-FRA
cf-bgj
minify
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
3189
date
Tue, 22 Jun 2021 08:24:40 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Tue, 22 Jun 2021 10:24:40 GMT
jquery.alignHeight.js
pubmatic.com/wp-content/themes/pubmatic/js/
0
0
Script
General
Full URL
https://pubmatic.com/wp-content/themes/pubmatic/js/jquery.alignHeight.js?ver=1.0&_=1624353469031
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.214.201.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-201-148.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

radiantthemes-tab-element-four.js
propellerads.com/wp-content/plugins/radiantthemes-addons/tabs/js/
148 B
655 B
Script
General
Full URL
https://propellerads.com/wp-content/plugins/radiantthemes-addons/tabs/js/radiantthemes-tab-element-four.js?_=1624353469032
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.104.210.16 , Czech Republic, ASN200449 (QRATOR-, CZ),
Reverse DNS
Software
QRATOR /
Resource Hash
e09909f9e8b5852bb9899351b7ea51a94f51e55ba2f1f7e8c64667be6f3c5d34
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.propellerads.com;
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 29 Oct 2018 16:29:25 GMT
Server
QRATOR
X-Frame-Options
deny
ETag
"5bd73565-94"
Strict-Transport-Security
max-age=1
Content-Type
application/javascript
Cache-Control
max-age=315360000
Content-Security-Policy
frame-ancestors https://*.propellerads.com;
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
148
Expires
Thu, 31 Dec 2037 23:55:55 GMT
plugins.js
www.bebi.com/js/
898 B
945 B
Script
General
Full URL
https://www.bebi.com/js/plugins.js?_=1624353469032
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.72.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cfcb6186cbc21da31394ea02ef26d887a9cea9cd2ab7c086a2bda369b1bc51bc

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
663462bddf412c2e-FRA
date
Tue, 22 Jun 2021 09:17:49 GMT
via
1.1 google
etag
W/"382-13593566840"
cf-cache-status
DYNAMIC
last-modified
Sun, 19 Feb 2012 02:00:08 GMT
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad49c0aa700002c2ef4ba8000000001
like.php
www.facebook.com/plugins/ Frame 4671
31 KB
13 KB
Document
General
Full URL
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fkimcartoonfp&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=dark&font&height=21
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6dd8f9961f6a5c10a8d1cd75f6609999feb143e9585ae427f08f90c7028c974b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fkimcartoonfp&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=dark&font&height=21
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kimcartoon.li/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://kimcartoon.li/

Response headers

vary
Accept-Encoding
content-encoding
br
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report","include_subdomains":true}
x-fb-rlafr
0
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coep_report"
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
swhU/8fFs8cLRde9tFjsnkixiETGPzQA1ymlDHX/nz240jEQVh8K21LA06YZ7hB1I7o5z6S6P2FtkodyE2BCFQ==
date
Tue, 22 Jun 2021 09:17:49 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
body_bg.gif
kimcartoon.li/Content/images/
11 KB
11 KB
Image
General
Full URL
https://kimcartoon.li/Content/images/body_bg.gif
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07b968f6566378b91936898db46bf0c5024513658194a8f66aa4847fd9840b3d

Request headers

:path
/Content/images/body_bg.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4445
content-length
11287
cf-request-id
0ad49c0a730000312842056000000001
last-modified
Fri, 24 Mar 2017 02:58:47 GMT
server
cloudflare
etag
"808d5a8e4aa4d21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BdYeAitUMG0jf3aikQ7mCahSuWYHQLH8GJ6SrnwBSjIlIG0m6pU34yxlKx01pxfpoXrrdYvZzFGv8D3HQcIor3p9s%2FAdFLy%2Bcii8c2PNjfj%2BoU%2FaRCgHZGFYW2s9Pa84ogbGD30z"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd88a13128-FRA
tpl_input_bg.gif
kimcartoon.li/Content/images/
3 KB
4 KB
Image
General
Full URL
https://kimcartoon.li/Content/images/tpl_input_bg.gif
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba233b29c19c0e9fc90d01b572c05cbc0844ba9595eca12d66f704ffbfa13424

Request headers

:path
/Content/images/tpl_input_bg.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4445
content-length
3451
cf-request-id
0ad49c0a730000312856197000000001
last-modified
Thu, 12 Mar 2015 15:26:43 GMT
server
cloudflare
etag
"10f1c3f1d85cd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZqRr7SPhA9mV3vY3yo3OlmNClTvJG8RVVuQe97mIF0YpTmEBcenz0xgfbyo0IDRKKJq69A%2F807bPZFx5XePbUHqOHj1bWvI2zRwFAOWuH9kRZz9%2B7Wl7Nqd15FVwcFSNLbmRFiG%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bd88a23128-FRA
likebox.php
www.facebook.com/plugins/ Frame 09DA
45 KB
14 KB
Document
General
Full URL
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&width=300&colorscheme=dark&show_faces=true&stream=false&header=false&height=160
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c11f1cec06c69c237928042b78478710aa885d4ab893576fab3586c782dfbe1a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&width=300&colorscheme=dark&show_faces=true&stream=false&header=false&height=160
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kimcartoon.li/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://kimcartoon.li/

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
7vlNtpKtsPLQjaIDj1xnsgmB14bvHGhcfgHwkZqYErv65wI45VHrzNHzWbEmX/vzmtQxYdif330HEbaXyGKuKg==
date
Tue, 22 Jun 2021 09:17:49 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
logo.png
kimcartoon.li/Content/images/
21 KB
21 KB
Image
General
Full URL
https://kimcartoon.li/Content/images/logo.png?v=4
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e11e5b545c945273300b9eea5835e2735eb06781ee9e879f90dd8ed9522052c8

Request headers

:path
/Content/images/logo.png?v=4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4445
content-length
20997
cf-request-id
0ad49c0aa60000312821993000000001
last-modified
Mon, 29 Jan 2018 01:16:36 GMT
server
cloudflare
etag
"07276ce9e98d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BmDpOFmazoptTfVeZ0i1v8pUcxfFY%2FJbTFHSqDiHoHMkfPW6jmF8s3yPXCcVYkIRvhQJzViRzfWCIG17fSAN8swe4BlqOtDGrsrT0V7DkjVr96SXbIDFWYj9PknhaOPDdu3CGj0M"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bdd9583128-FRA
arrow.png
kimcartoon.li/Content/images/
1 KB
1 KB
Image
General
Full URL
https://kimcartoon.li/Content/images/arrow.png
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f02b2354eb23c578b393ccd9bb370e7bad0f456309ee5071c337d14201a6e4e

Request headers

:path
/Content/images/arrow.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
970
content-length
1194
cf-request-id
0ad49c0aa6000031285d046000000001
last-modified
Fri, 24 Mar 2017 02:32:53 GMT
server
cloudflare
etag
"80f818f046a4d21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GzhoaGDG7JLgNQxJnTWj72HWxb3kDvfK6mvQOroRvOWyubJ61etz0nfgISkeDn89mvIgxFDwg2RulstG9EStr%2FiYMLdPgljgzYyGtevvUEOEAUgvMh%2BHMoEKucLwiPV76Cti0Zyt"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bdd95a3128-FRA
tpl_box_shading2.png
kimcartoon.li/Content/images/
229 B
611 B
Image
General
Full URL
https://kimcartoon.li/Content/images/tpl_box_shading2.png
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa4f416dc8f8de74af85ad0a003a50868d57f6c1d49230eb3ecd1bd7618a80fa

Request headers

:path
/Content/images/tpl_box_shading2.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
970
content-length
229
cf-request-id
0ad49c0aa6000031281c9ad000000001
last-modified
Thu, 12 Mar 2015 15:28:17 GMT
server
cloudflare
etag
"108e392ad95cd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mp2Ig%2FFx%2BNprBMoih2aF7aw9OPLuoG2ke3ZTScGG1hEA0n%2FDTIBs6lxWdP3x%2F2teNosbgy%2BLfozpIHuqRYaZ50ETJ07kMoSI0wT08NhuWRh0ZtYcimvc0k8BbqyOK%2BXLH33Hp7ie"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bdd95b3128-FRA
star.png
kimcartoon.li/Content/images/
2 KB
3 KB
Image
General
Full URL
https://kimcartoon.li/Content/images/star.png
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0b8fd2914c47e70c733bb0bf2c65edcb6e949ab81a3a570d7013186fd7c3e10

Request headers

:path
/Content/images/star.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3435
content-length
2386
cf-request-id
0ad49c0aa7000031286ba1b000000001
last-modified
Fri, 24 Mar 2017 11:01:43 GMT
server
cloudflare
etag
"80456558ea4d21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6xERga6iNdIavfFDLcR2dg9qeBJ741rCvU9DAGLitMZbrpspND9%2BNbtTElamtn8WDELDj%2BFFQulRm9PYBVOYZX7Z5rIxATrC0zhaq99OoxHzigaF4JMtg0bT1kn2QpnF5esNLNMR"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462bdd95d3128-FRA
tpl_footer_bg.png
kimcartoon.li/Content/images/
3 KB
3 KB
Image
General
Full URL
https://kimcartoon.li/Content/images/tpl_footer_bg.png
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a77934c9ba958163b297b2adf4eeab588ef21268f594e45bcee29905c632b269

Request headers

:path
/Content/images/tpl_footer_bg.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kimcartoon.li
referer
https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4445
content-length
3236
cf-request-id
0ad49c0ad700003128649b2000000001
last-modified
Thu, 12 Mar 2015 15:28:18 GMT
server
cloudflare
etag
"50e15a2ad95cd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=65lZCtwKmRexVgp5LGu4btQ3a4BSl6ymqKLWi5Rz565mk0R8AVsqcbiNfgxgmaTeRD%2FV4Y4gn9uwp7qcprFjb%2B7Zuicw3jclL5aF%2B%2B2Ub7kQtV8OQrEVbup7Xd1nSYs4jXrGOmvS"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
663462be2a1b3128-FRA
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1908846607&t=pageview&_s=1&dl=https%3A%2F%2Fkimcartoon.li%2F&ul=en-us&de=UTF-8&dt=KimCartoon%20-%20Watch%20cartoons%20online%20FREE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1833558468&gjid=1941573086&cid=190638717.1624353469&tid=UA-63783416-9&_gid=1922115985.1624353469&_r=1&_slc=1&z=366144354
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:17:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://kimcartoon.li
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget_iframe.06c6ee58c3810956b7509218508c7b56.html
platform.twitter.com/widgets/ Frame C412
319 KB
103 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fkimcartoon.li
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6723) /
Resource Hash
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://kimcartoon.li/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://kimcartoon.li/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
41454
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 22 Jun 2021 09:17:49 GMT
Etag
"dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:54 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6723)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105298
OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 4671
400 B
449 B
Image
General
Full URL
https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fkimcartoonfp&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=dark&font&height=21
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fkimcartoonfp&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=dark&font&height=21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
eA1V1rkaGyOaHvtHwObCBxVeQE5AKr6FK3EecdVrnaveHii+qpnjGb2OKSIZ+1jaHdmFg56ROnvYfnraycu1Jw==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
uF0RL4E+h23ClLQmPOTTMw==
date
Tue, 15 Jun 2021 06:48:15 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
content-length
400
x-fb-rlafr
0
expires
Wed, 15 Jun 2022 06:48:15 GMT
6E0h9dKxhvH.js
www.facebook.com/rsrc.php/v3ixBN4/y_/l/my_MM/ Frame 4671
510 KB
133 KB
XHR
General
Full URL
https://www.facebook.com/rsrc.php/v3ixBN4/y_/l/my_MM/6E0h9dKxhvH.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fkimcartoonfp&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=dark&font&height=21
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45be50e28b2a693f1520f2c7cc90ecb54bfc95b4ba8093af4a95002574abad85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fkimcartoonfp&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=dark&font&height=21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 01:38:30 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
jYTeMttUUJ2qGcvcvPhVnA==
cross-origin-resource-policy
cross-origin
content-length
136159
x-fb-rlafr
0
x-fb-debug
9HjNv+lcuB+3x3FT2w1iZn8t+falhPBBjW30+RTCY6h3fA/lyHwrE87Tbr0JtJEHAVA312kccehKiQdb2xXStw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 22 Jun 2022 01:38:30 GMT
/
services.vlitag.com/uv/
13 B
715 B
XHR
General
Full URL
https://services.vlitag.com/uv/?page_url=https%3A%2F%2Fkimcartoon.li%2F&mtk=14227
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=064b31ebe1436b09c01ac0d0c8ea96d0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
13
cf-request-id
0ad49c0b6600004e434d81d000000001
pragma
no-cache
last-modified
Tue, 22 Jun 2021 09:17:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4TNHURUC4AknhGaUeB8c52HZS9d7VhRApmlothApykMSw7i9wZF%2B3U%2BXhT0SXVH6JzBQWTLSWDqEUy0QWGE29DyVjporBoNs2ZS2rxLCq6Iy2Rso7KLfc%2BwrM%2FrfLnvaokS8hubmMJgO39lg"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://kimcartoon.li
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
663462bf08964e43-FRA
expires
on, 01 Jan 1970 00:00:00 GMT
064b31ebe1436b09c01ac0d0c8ea96d0.js
tag.vlitag.com/v1/1624350011/
495 KB
114 KB
Script
General
Full URL
https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=064b31ebe1436b09c01ac0d0c8ea96d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed94ab681852a6c3e75018648f13fb1ade2cbab0ee22219321cf51a785e3b552
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3455
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad49c0b4f0000324451094000000001
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=w7U3e8KFP8xzZ6JfHwFNFxOMwnwKnao7yIbFfyR0S56GHVnOP2WaQQ2AUXMfRH0EU5sz8jcIMZc%2F4Pp%2BD8FxyyqLOiUsO45bqUMgLIJybR4ryrwdx1peRlnzR59SoSqglTuXtFosTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000, immutable
cf-ray
663462beeaf73244-FRA
_hrhjt2ZynB.css
www.facebook.com/rsrc.php/v3/yx/l/0,cross/ Frame 09DA
23 KB
5 KB
Stylesheet
General
Full URL
https://www.facebook.com/rsrc.php/v3/yx/l/0,cross/_hrhjt2ZynB.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&width=300&colorscheme=dark&show_faces=true&stream=false&header=false&height=160
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
33fa54efce746e49810171fdb06583067379d8866b1fd11eff53902430509af5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&width=300&colorscheme=dark&show_faces=true&stream=false&header=false&height=160
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 22:24:30 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mM2ywETyQF5eSkxIqlGpxQ==
cross-origin-resource-policy
cross-origin
content-length
5305
x-fb-rlafr
0
x-fb-debug
OG7+tsaE1xGqBwrX475xjpq7HWF9r5prONLjXKaKBvOyM+Xud778en7NnS47RPNcsdEHJ++89txb8C1avH1T4A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 21 Jun 2022 22:24:30 GMT
ggzcJLJkhSr.css
www.facebook.com/rsrc.php/v3/y2/l/0,cross/ Frame 09DA
3 KB
1 KB
Stylesheet
General
Full URL
https://www.facebook.com/rsrc.php/v3/y2/l/0,cross/ggzcJLJkhSr.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&width=300&colorscheme=dark&show_faces=true&stream=false&header=false&height=160
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b3408a1b744ce1351e9554b861c45480f39e54c059f3b11f4e77f9f13564ba4f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&width=300&colorscheme=dark&show_faces=true&stream=false&header=false&height=160
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 23:43:32 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ywe+5CCuBA6nTAXpv0OCFQ==
cross-origin-resource-policy
cross-origin
content-length
1102
x-fb-rlafr
0
x-fb-debug
3+4j1ykubwYFku1ScjEyNtMW5oB9SV82187DaaZSt7siJA5lxpO0gyicSR9S+82rJEd3f8ByNTrvIcIZFFnMiQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 14 Jun 2022 23:43:32 GMT
jXrsEmrUaEC.js
www.facebook.com/rsrc.php/v3/yk/r/ Frame 09DA
297 KB
80 KB
Script
General
Full URL
https://www.facebook.com/rsrc.php/v3/yk/r/jXrsEmrUaEC.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&width=300&colorscheme=dark&show_faces=true&stream=false&header=false&height=160
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d5a915d50f69eefcd76b8b57ce8b439080c67d16fb77def91b9d6ba947d662c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&width=300&colorscheme=dark&show_faces=true&stream=false&header=false&height=160
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 23:20:08 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
u4XoyvmBU4eRGoHYqdK/aQ==
cross-origin-resource-policy
cross-origin
content-length
82192
x-fb-rlafr
0
x-fb-debug
p0naGKt/O1BXTK18T5RXjisGGxVUxsdVRulA15JalNfYl4Mr3BGuYOvkHhxjlkoeM4LpBHkwGUXe7W8DlbjAMw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 18 Jun 2022 23:20:08 GMT
IEOQM8FL8ot.js
www.facebook.com/rsrc.php/v3/yr/r/ Frame 09DA
5 KB
2 KB
Script
General
Full URL
https://www.facebook.com/rsrc.php/v3/yr/r/IEOQM8FL8ot.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&width=300&colorscheme=dark&show_faces=true&stream=false&header=false&height=160
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&width=300&colorscheme=dark&show_faces=true&stream=false&header=false&height=160
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 04:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mrvV7Xg6Liq29ANLrbPdkw==
cross-origin-resource-policy
cross-origin
content-length
1630
x-fb-rlafr
0
x-fb-debug
OdKsDzsNhr9sjZ/JbXj0gS7XVoMbhsXKM0SCQeWKtb75+F9PSOddU43A7GPij9eebBYBv4OL6ArptG+oyZphMQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 15 Jun 2022 04:07:44 GMT
izNpnVzjaFg.js
www.facebook.com/rsrc.php/v3/yu/r/ Frame 09DA
64 KB
19 KB
Script
General
Full URL
https://www.facebook.com/rsrc.php/v3/yu/r/izNpnVzjaFg.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&width=300&colorscheme=dark&show_faces=true&stream=false&header=false&height=160
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0a97514722de8ae5975077745ae7cf17543bb809e20a85ce4afa57ef61ff26b9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&width=300&colorscheme=dark&show_faces=true&stream=false&header=false&height=160
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 17:40:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Ek9hLdAByDLugS0gNUcNrg==
cross-origin-resource-policy
cross-origin
content-length
19882
x-fb-rlafr
0
x-fb-debug
SsMoZimwBS1cF4hrSJRL3QyLofqRkYZlruHVXX1545S3Hw5l/M9u687UF1PwZZNjgcJMEdYo44+7ltjhYeVsag==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 20 Jun 2022 17:40:59 GMT
Fp1EygFCqwY.js
www.facebook.com/rsrc.php/v3iAxA4/yI/l/de_DE/ Frame 09DA
130 KB
36 KB
Script
General
Full URL
https://www.facebook.com/rsrc.php/v3iAxA4/yI/l/de_DE/Fp1EygFCqwY.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&width=300&colorscheme=dark&show_faces=true&stream=false&header=false&height=160
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a975180709786e8cb1207381cd146ae131a5d57be1910fc249507b424a64cbb0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&width=300&colorscheme=dark&show_faces=true&stream=false&header=false&height=160
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 00:42:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
pkGsCNF31FiDzYYoq59GaQ==
cross-origin-resource-policy
cross-origin
content-length
36874
x-fb-rlafr
0
x-fb-debug
l3/SMt38KjJusNh6LctnxlDTSfg7BxgV/sIhzfx+sfELq1Nbzl/wLbAE/4kceR1gG5JwWcgjgHrL6VG7xxXCwQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 22 Jun 2022 00:42:33 GMT
VGuXbDgeBk9.js
www.facebook.com/rsrc.php/v3/y-/r/ Frame 09DA
1 KB
572 B
Script
General
Full URL
https://www.facebook.com/rsrc.php/v3/y-/r/VGuXbDgeBk9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&width=300&colorscheme=dark&show_faces=true&stream=false&header=false&height=160
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
20aee8d80ee838e99d01de9b1d0308999080ae8eae2c0243f91b24f73391d317
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&width=300&colorscheme=dark&show_faces=true&stream=false&header=false&height=160
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 17:40:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Jpynzh/ocvSrdFSn2TC8uA==
cross-origin-resource-policy
cross-origin
content-length
521
x-fb-rlafr
0
x-fb-debug
mA+QY3skFU8YND99wJCYELHrxbihAtF//JhE+X5rda6bdZzhnYgb5Mg2N4DsWPL3Y0g1SB8zmnHD0nnDmieqWw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 20 Jun 2022 17:40:59 GMT
162342871_183238523608903_6303861586648926081_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.6435-0/p168x128/ Frame 09DA
8 KB
9 KB
Image
General
Full URL
https://scontent-frx5-1.xx.fbcdn.net/v/t1.6435-0/p168x128/162342871_183238523608903_6303861586648926081_n.jpg?_nc_cat=110&ccb=1-3&_nc_sid=dd9801&_nc_ohc=zD2w006fGfMAX_kSVE5&_nc_ht=scontent-frx5-1.xx&tp=6&oh=c543c7c361f9b3d9d4ee30d5040861ef&oe=60D7011B
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&width=300&colorscheme=dark&show_faces=true&stream=false&header=false&height=160
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3c8d7f8904463be99a2ef498a646224f1e617731e2ecd343a51a15e95eb518c8

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
795370204
date
Tue, 22 Jun 2021 09:17:49 GMT
x-fb-trip-id
917726464
last-modified
Fri, 19 Mar 2021 06:18:24 GMT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
363229752
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
8601
162229644_183238520275570_1673401946077976617_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/ Frame 09DA
1 KB
1 KB
Image
General
Full URL
https://scontent-frx5-1.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/162229644_183238520275570_1673401946077976617_n.jpg?_nc_cat=100&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=j7Xf_1ICEvgAX_5cGC5&_nc_ht=scontent-frx5-1.xx&tp=27&oh=54d0f20c62ee9662f94c4d7f87fa5f0a&oe=60D79545
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&width=300&colorscheme=dark&show_faces=true&stream=false&header=false&height=160
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
509b1babc6919d1841909a1dd945239fe1455e5b507adb446fd97d3545ec4f50

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
601219185
date
Tue, 22 Jun 2021 09:17:49 GMT
x-fb-trip-id
917726464
last-modified
Fri, 19 Mar 2021 06:18:24 GMT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3468434697
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1384
cavalry_endpoint.php
www.facebook.com/common/ Frame 4671
67 B
97 B
Image
General
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1624353469225&t_start=1624353469225&t_domcontent=1624353469262&t_layout=1624353469271&t_onload=1624353469271&t_paint=1624353469271&t_creport=1624353469271&t_tti=1624353469262&lid=6976545026878990097-0
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fkimcartoonfp&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=dark&font&height=21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
br
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
qUnLGdIcY8Re5Nkqz2Q6pPdvKmWc/KER5tJgr4JvRZaQY7aEkAx74xH0LJukrPxnqrjsmQDMwuDAvs4oB/Nc3g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 22 Jun 2021 09:17:49 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
settings
syndication.twitter.com/ Frame C412
257 B
442 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=b2efce72cb3c88fdae846563e79f3e804d0f79d4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fkimcartoon.li
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
74a68024cd95156e421483199ca2b204cb4c5f30381352cce69a1f5f7338cd8e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
content-encoding
gzip
last-modified
Tue, 22 Jun 2021 09:17:49 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
5a4b2e7eaa085f962c7e2ceba9d587e042bd0e5d64052389829bd2a42fa99172
content-length
177
ApcBOUT5FoS.png
www.facebook.com/rsrc.php/v3/y_/r/ Frame 09DA
573 B
623 B
Image
General
Full URL
https://www.facebook.com/rsrc.php/v3/y_/r/ApcBOUT5FoS.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yx/l/0,cross/_hrhjt2ZynB.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/rsrc.php/v3/yx/l/0,cross/_hrhjt2ZynB.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
xrEoyZu0esf8HhnYPAneyLQDt4dUTpVvsP1uTT9Eq/lT1+2HTA0qu7FJ6/tf9CaNNgq2BnFXZjn1uuADlNL8/A==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
Y/eW3MWFNJnkcpEqoXzG3Q==
date
Thu, 17 Jun 2021 00:36:28 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
573
timing-allow-origin
*
priority
u=3,i
x-fb-rlafr
0
expires
Fri, 17 Jun 2022 00:36:28 GMT
cmp-v2.0.1.js
assets.vlitag.com/plugins/cmptcf2/
267 KB
68 KB
Script
General
Full URL
https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2548303
cf-polished
origSize=489839
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad49c0bd20000324465883000000001
x-robots-tag
noindex, nofollow
last-modified
Tue, 29 Dec 2020 02:18:12 GMT
server
cloudflare
etag
W/"5fea91e4-7796f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uHxO0aUQSObnBJLATUjO0ILuw80l8edxp2HxRCzw7ZwuVFyznJFvYOUf8nH77yI98affopaNJUv51IY2VkyAaQGTznGMPR8wEP87m%2FpMRDI7bVPluueqT3ohdPI1hO8lxPePN7XX1u0Nng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=16070400
cf-ray
663462bfbcb33244-FRA
expires
Sun, 23 May 2021 21:56:06 GMT
prebid-v5.0.3.js
assets.vlitag.com/prebid/default/
428 KB
120 KB
Script
General
Full URL
https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be60df08d3dbb55a9354bfee50dbce87d57372552f622e36ba5e1228d7f67d69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
93747
cf-polished
origSize=438213
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad49c0bd20000324485b7e000000001
x-robots-tag
noindex, nofollow
last-modified
Mon, 21 Jun 2021 07:15:14 GMT
server
cloudflare
etag
W/"60d03c82-6afc5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5teq%2FGAkFzO61pOaCCYXocWh74lu9tTR4KlPn4f9Nn2YzJNGs1beAWZcS1TPFATEqU9PK0%2Fu2AonY48zfMhEBIlnuVp4dltVhIUxmcz5%2FWTtFeOxAI%2BsmZiRcES09kN9oaxqb2ioAEp9bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=16070400
cf-ray
663462bfbcb03244-FRA
expires
Mon, 21 Jun 2021 07:45:22 GMT
gpt.js
www.googletagservices.com/tag/js/
63 KB
21 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
672ee93fa92bd7023c85efbf05a63134150818532ec650e4409c79cafede4f49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"909 / 115 of 1000 / last-modified: 1624316847"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21780
x-xss-protection
0
expires
Tue, 22 Jun 2021 09:17:49 GMT
viPlayer_v45.min.js
assets.vlitag.com/plugins/vlPlayer/
13 KB
5 KB
Script
General
Full URL
https://assets.vlitag.com/plugins/vlPlayer/viPlayer_v45.min.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cce2306a2b7a641280a0e61d53b3cd645edb91d9389edaa2ba961a29337cfc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
661681
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad49c0bd300003244983ea000000001
x-robots-tag
noindex, nofollow
last-modified
Mon, 14 Jun 2021 17:20:56 GMT
server
cloudflare
etag
W/"60c78ff8-34ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rovXK70RT5y3Ngui9fx4PO8WUTpLxhKjmpaWHG9L8Z5HW%2BriXeMFT%2BFkfFq%2BLPNFpHMYdJISt1uXrMYu4y5lY3uTJd%2FU083ENNtH9JUu14oMQwiB16VaKb11cno2mKwY2Rjxlgye9aPcDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=16070400
cf-ray
663462bfbcb63244-FRA
expires
Mon, 14 Jun 2021 17:59:48 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/
338 KB
116 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
522fcf7edad25c53f9931e20f4900a7e33e7f5063e1296460d9ea8193f22ca7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118727
x-xss-protection
0
expires
Tue, 22 Jun 2021 09:17:49 GMT
sf_host.min.js
assets.vlitag.com/plugins/safeframe/src/js/
38 KB
16 KB
Script
General
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
664573
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad49c0bd300003244493be000000001
x-robots-tag
noindex, nofollow
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-9806"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BsMKjfOpO5AxTQi%2FxV9v6ysB2LY4Hnppw5whVZnflHIS8QvRP1zoGyWGEb58kC%2BacpAGE5ku5R93lfL5fsBgMGhtySnwk1euD5zYVar3iJhQlP0OAWg6OBh47yyFe4rePGiz2s5v5bTASg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=16070400
cf-ray
663462bfbcb93244-FRA
expires
Mon, 14 Jun 2021 17:11:36 GMT
pubads_impl_2021061703.js
securepubads.g.doubleclick.net/gpt/
326 KB
114 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
9ac3d5c3304b0bea0841274d96097a2ce348bc46e544499ef4e9803211816638
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 17 Jun 2021 23:53:25 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116094
x-xss-protection
0
expires
Tue, 22 Jun 2021 09:17:49 GMT
button.5573c974dc31bbdab5ea7923a0bd5cf3.js
platform.twitter.com/js/
7 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/button.5573c974dc31bbdab5ea7923a0bd5cf3.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F3) /
Resource Hash
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:56:41 GMT
Server
ECS (frb/67F3)
Age
41454
Etag
"382be2960021b88f6ce982d997cdbd01+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2294
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210622
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb3bf54962b37b247aebca62a8ee45c582feb5223ca57c71d34511c9b86a9c82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
22563
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad49c0c7400004edaba339000000001
x-served-by
cache-fra19124-FRA
timing-allow-origin
*
server
cloudflare
etag
W/"6a6-13c59XwfRJak5U5N5nbP+HaZkeo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
663462c0ba104eda-FRA
ROS
ads.us.e-planning.net/hb/1/2c995/1/kimcartoon.li/
Redirect Chain
  • https://ads.us.e-planning.net/pbjs/1/2c995/1/kimcartoon.li/ROS?rnd=0.10265755498889062&e=728x90_0%3A728x90%2C468x60&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2...
  • https://ads.us.e-planning.net/hb/1/2c995/1/kimcartoon.li/ROS?ct=1&r=pbjs&rnd=0.10265755498889062&e=728x90_0%3A728x90%2C468x60&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=htt...
62 B
381 B
XHR
General
Full URL
https://ads.us.e-planning.net/hb/1/2c995/1/kimcartoon.li/ROS?ct=1&r=pbjs&rnd=0.10265755498889062&e=728x90_0%3A728x90%2C468x60&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2F&gdpr=1&gdprcs=
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
4e246bac944dc8cb65009d45604e66f5bcf8b96b27b1f12ab8048f2d2a684947

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://kimcartoon.li
expires
Tue, 22 Jun 2021 09:17:49 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
62
x-sid
AMS-610

Redirect headers

date
Tue, 22 Jun 2021 09:17:49 GMT
server
openresty
access-control-allow-origin
https://kimcartoon.li
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2c995/1/kimcartoon.li/ROS?ct=1&r=pbjs&rnd=0.10265755498889062&e=728x90_0%3A728x90%2C468x60&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2F&gdpr=1&gdprcs=
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-610
quantumdex
useast.quantumdex.io/auction/
0
387 B
XHR
General
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://kimcartoon.li
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EQbPmN%2Fs%2FMSPAoJrVk1ALYpE2H7tL%2Bh7Q45auzXDW00SKL%2Bh0A23H7utkeMBs0Cg74B4TUlUeY0mWV0z1i7FNypZ1S%2B1ZrasJYY8ZfD90JTJQt8WNYyusicW1QQRSTvX0JomCzdhy1ReLI4Wrw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
663462c0ddef4e43-FRA
cf-request-id
0ad49c0c8c00004e4347949000000001
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
175 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:17:49 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
c
prebid.a-mo.net/a/
0
364 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:17:48 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
2
vary
origin
ROS
ads.us.e-planning.net/hb/1/2c995/1/kimcartoon.li/
Redirect Chain
  • https://ads.us.e-planning.net/pbjs/1/2c995/1/kimcartoon.li/ROS?rnd=0.10265755498889062&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs...
  • https://ads.us.e-planning.net/hb/1/2c995/1/kimcartoon.li/ROS?ct=1&r=pbjs&rnd=0.10265755498889062&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=...
63 B
382 B
XHR
General
Full URL
https://ads.us.e-planning.net/hb/1/2c995/1/kimcartoon.li/ROS?ct=1&r=pbjs&rnd=0.10265755498889062&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2F&gdpr=1&gdprcs=
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
dfc4759aebb70395e2f794adf96b3c441a2b8dcdc2ecfc6de1ecbe53548f1d33

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://kimcartoon.li
expires
Tue, 22 Jun 2021 09:17:49 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
63
x-sid
AMS-610

Redirect headers

date
Tue, 22 Jun 2021 09:17:49 GMT
server
openresty
access-control-allow-origin
https://kimcartoon.li
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2c995/1/kimcartoon.li/ROS?ct=1&r=pbjs&rnd=0.10265755498889062&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2F&gdpr=1&gdprcs=
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-610
quantumdex
useast.quantumdex.io/auction/
0
648 B
XHR
General
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://kimcartoon.li
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AVpTHzP1%2F9KaPzUzUJQ%2F%2F2fJdezZZs0fQ0FrcGyY5nuFywp3vnEaGIkntL9i9sGVJ4DFCSAP8kudHEESqi1ldlDRHZeRDCmWg%2BzCCQyY5ogiVLu3v9SBQO8AnLH%2FT6vxaUwxe7BnULxlkl0LHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
663462c0edf04e43-FRA
cf-request-id
0ad49c0c8c00004e43820fa000000001
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
175 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:17:49 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
c
prebid.a-mo.net/a/
0
233 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:17:49 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
2
vary
origin
c
prebid.a-mo.net/a/
0
256 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:17:49 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
2
vary
origin
ROS
ads.us.e-planning.net/hb/1/2c995/1/kimcartoon.li/
Redirect Chain
  • https://ads.us.e-planning.net/pbjs/1/2c995/1/kimcartoon.li/ROS?rnd=0.10265755498889062&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs...
  • https://ads.us.e-planning.net/hb/1/2c995/1/kimcartoon.li/ROS?ct=1&r=pbjs&rnd=0.10265755498889062&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=...
63 B
382 B
XHR
General
Full URL
https://ads.us.e-planning.net/hb/1/2c995/1/kimcartoon.li/ROS?ct=1&r=pbjs&rnd=0.10265755498889062&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2F&gdpr=1&gdprcs=
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
dfc4759aebb70395e2f794adf96b3c441a2b8dcdc2ecfc6de1ecbe53548f1d33

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://kimcartoon.li
expires
Tue, 22 Jun 2021 09:17:49 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
63
x-sid
AMS-610

Redirect headers

date
Tue, 22 Jun 2021 09:17:49 GMT
server
openresty
access-control-allow-origin
https://kimcartoon.li
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2c995/1/kimcartoon.li/ROS?ct=1&r=pbjs&rnd=0.10265755498889062&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2F&gdpr=1&gdprcs=
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-610
quantumdex
useast.quantumdex.io/auction/
0
387 B
XHR
General
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://kimcartoon.li
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CCn%2FZuF4AuB2bYCBfb2OVt752w8JP6y4a456XxmUNHVTQxBkYED7yG4zkzfv9KNYT73%2Fp%2FF9FXJ1pkrlHlieBZ2wXQ3iHMRt03qgAJiiOSJUwpcCsfcTB0oKmNYBny3OlkfXlBEUvpvofp8jQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
663462c0edf64e43-FRA
cf-request-id
0ad49c0c8d00004e43ad2f2000000001
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
175 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:17:49 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
175 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:17:49 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
c
prebid.a-mo.net/a/
0
232 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:17:48 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
2
vary
origin
quantumdex
useast.quantumdex.io/auction/
0
393 B
XHR
General
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://kimcartoon.li
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8k6Zdh3n3mkwOuF%2BDgUYwPUBVoBY7gJPx%2BA52%2Bj%2B0Hm0VeRw%2BSIcHXre4%2FUSMaDSJ3Y72E23sZDcwdOO6jj%2BPrG8T1rRgGAiyr0wvFNJgqtKobriBNzY7VyQASCpfBgSvKmlF%2FXS6hXdkGRSTw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
663462c0fe164e43-FRA
cf-request-id
0ad49c0c9800004e43ad2f5000000001
ROS
ads.us.e-planning.net/hb/1/2c995/1/kimcartoon.li/
Redirect Chain
  • https://ads.us.e-planning.net/pbjs/1/2c995/1/kimcartoon.li/ROS?rnd=0.10265755498889062&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2...
  • https://ads.us.e-planning.net/hb/1/2c995/1/kimcartoon.li/ROS?ct=1&r=pbjs&rnd=0.10265755498889062&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=...
63 B
382 B
XHR
General
Full URL
https://ads.us.e-planning.net/hb/1/2c995/1/kimcartoon.li/ROS?ct=1&r=pbjs&rnd=0.10265755498889062&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2F&gdpr=1&gdprcs=
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
19b3b078d698b044507e8472461528a783c526580a08ba6287537f3f9fc38a7b

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://kimcartoon.li
expires
Tue, 22 Jun 2021 09:17:49 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
63
x-sid
AMS-610

Redirect headers

date
Tue, 22 Jun 2021 09:17:49 GMT
server
openresty
access-control-allow-origin
https://kimcartoon.li
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2c995/1/kimcartoon.li/ROS?ct=1&r=pbjs&rnd=0.10265755498889062&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2F&gdpr=1&gdprcs=
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-610
1592801729.jpg
assets.vlitag.com/widget/2020/06/22/
74 KB
75 KB
Image
General
Full URL
https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
10175
cf-polished
qual=85, origFmt=jpeg, origSize=103053
content-disposition
inline; filename="1592801729.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
75514
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Mon, 22 Jun 2020 04:55:29 GMT
server
cloudflare
etag
"5ef039c1-1928d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pirIiDqer9dYAOgXQxAbSPyjORqRgTJ6MeCHXIK1ZSweSoOKDX86zO%2FDG5ZkuwxDbADVPE8VCYkRnu3w7e9uQdys7xXeQ8lXiWl7k7svzrggV9Cbn%2FyTl8Pbq4yf1NEQKvUZCdcKi12h7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Tue, 22 Jun 2021 06:58:13 GMT
cache-control
max-age=16070400
cf-request-id
0ad49c0cb300004ed40ab86000000001
accept-ranges
bytes
cf-ray
663462c119974ed4-FRA
cf-bgj
imgq:85,h2pri
follow_button.06c6ee58c3810956b7509218508c7b56.en.html
platform.twitter.com/widgets/ Frame 2E12
36 KB
14 KB
Document
General
Full URL
https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F3) /
Resource Hash
2aad1dea74398906714d858498fcf050795f15a08fac55ce829a107393b5cfa6

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://kimcartoon.li/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://kimcartoon.li/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
41452
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 22 Jun 2021 09:17:49 GMT
Etag
"2619db8370b1a8c68c62850e51110674+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:42 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67F3)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
13632
truncated
/ Frame 2E12
822 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
jot
syndication.twitter.com/i/
43 B
328 B
Image
General
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fkimcartoon.li%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1624353469785%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Tue, 22 Jun 2021 09:17:49 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
5a4b2e7eaa085f962c7e2ceba9d587e042bd0e5d64052389829bd2a42fa99172
x-transaction
ebc9c907e17eacbb
expires
Tue, 31 Mar 1981 05:00:00 GMT
quantumdex
useast.quantumdex.io/auction/
0
294 B
XHR
General
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://kimcartoon.li
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=84%2FikvV2ucr78IE0rD79GUcn48UmEMnE%2Fgh%2Fl%2FkhnP9DMT58Kv0dwqxU5id8qzNag2jD5PWK%2FYJmo3X7S0%2Fz0i89O2bBBluNM%2FRVKFpcxwZTt%2FsBCZcsAWDhu6WZ6kf4gWkbByiYcE6hJ3xh2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
663462c29ad94e43-FRA
cf-request-id
0ad49c0d9d00004e4378079000000001
ROS
ads.us.e-planning.net/pbjs/1/2c995/1/kimcartoon.li/
63 B
382 B
XHR
General
Full URL
https://ads.us.e-planning.net/pbjs/1/2c995/1/kimcartoon.li/ROS?rnd=0.10265755498889062&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2F&gdpr=1&gdprcs=
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
19b3b078d698b044507e8472461528a783c526580a08ba6287537f3f9fc38a7b

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://kimcartoon.li
expires
Tue, 22 Jun 2021 09:17:49 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
63
x-sid
AMS-610
c
prebid.a-mo.net/a/
0
117 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:17:48 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
175 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:17:49 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
/
tag.vlitag.com/passback/ Frame 0094
160 B
753 B
Script
General
Full URL
https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56187&divID=vi_1422756187_538&w=728&h=90
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c73e1d1365aca4ebfc26951028e3b0ab9e8016100122bb3ad8a65868744b3107
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1682
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=URa%2Bm9rACw5fCwi%2ByOgXDb%2BfXkAHikaLTn6Bcxim4tUFOEYewky34zUs%2BDeyV3mZfGaunJzCVnN8a0Rxr9KEg3jtrZYJ3iN%2BUsuNbh%2FD9EbRW%2Bo%2FEWACXTb6QUaUs6kPB8oXnpPTxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-request-id
0ad49c0da600004ed4e83d4000000001
cf-ray
663462c2ade64ed4-FRA
/
stats.vlitag.com/pi/ Frame 0094
0
287 B
Image
General
Full URL
https://stats.vlitag.com/pi/?e=zdNBwqPKrUB-wAZA-PZPr-qwyy-MtKBMeYMPaZMRzNhqllwqe0RrNTPYYKRmNZUTMKRrtNRcsokty_orN
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=suXFWQh4PHDPX%2F9ckhiHDDQU6FR4%2FRJtn8FxtnuWulo9ABfcAOZX1FXU%2B7XNJ7NzRWeG6dmO%2FrrJ4a9flNqkhPeL%2Bhp9%2FpDvr%2BXblYxBHykCL17JlY2X8yxEOgFqkKH%2FnR1V8voWRNPV"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
663462c2aabd3244-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0ad49c0da8000032449a1de000000001
js
www.googletagmanager.com/gtag/ Frame A90B
89 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f2f073d4eba135b4c2d7059355ca69f8e8148a1501b6e8cc3d5821b92033f74f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36268
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 22 Jun 2021 09:17:49 GMT
/
tag.vlitag.com/passback/ Frame E0CF
161 B
728 B
Script
General
Full URL
https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56188&divID=vi_1422756188_474&w=160&h=600
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fa0fa4e3df51fb5c261e30d253d9c03441cfa27ed37f4a70f0666bde29fb21f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:50 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PXzb%2Bwa37Nhf1SoUQAJHYvJoL8K4EZ5rAPv4mVD3T0ZeV9En8AXpCx5yfie3lIPfrBrnlUwSrp7Z1nuixUgE%2Fiq25lFaRYWuAscWOb8uxk104PS3wm%2BBMn9euMBjZdcDcGRaCe9G6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-request-id
0ad49c0db100004ed446159000000001
cf-ray
663462c2be244ed4-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
/
stats.vlitag.com/pi/ Frame E0CF
0
337 B
Image
General
Full URL
https://stats.vlitag.com/pi/?e=zdNwMAUMqKw-YBar-PAyY-qUtB-wttMtPPBBUUARzNhqllwqe0RrNTPYYKRmNZUTMMRrtNRcsokty_orN
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:49 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XZ93mwBUYaGE45PZ%2B8ywdctNq%2B69oY%2B59A3mieJGCfXmB11MDNMDYWzULIz1Ln2i%2Fv1Bfa2qB7hGLq3PlLC7NRB53xmMGuhh6IWgAHMsb%2F5D8zE2NFiUnfxERgL5CvRTBaK7vqJEi5Kc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
663462c2bad33244-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0ad49c0db1000032447abf1000000001
/
tag.vlitag.com/passback/ Frame 29CF
161 B
728 B
Script
General
Full URL
https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56194&divID=vi_1422756194_536&w=300&h=250
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65066f6db9765ba6900cae0fc7e207ef9e96505d009430cd2d96a8324eba80c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:50 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=836p5Ik3agSBrX8lJkuIxAZqWtw0QZRYffeGJnhB8Ftt18hwp90JZWMr75FnsU8A%2BWIqaxL7vvCLZ4N0eCKBbHn3S3qtCpHsxOFHKzpQF6VRODAfgsxnysczvH8ZMbXMuKj8eYPPow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-request-id
0ad49c0db900004ed4e12d9000000001
cf-ray
663462c2ce504ed4-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
/
stats.vlitag.com/pi/ Frame 29CF
0
304 B
Image
General
Full URL
https://stats.vlitag.com/pi/?e=zdNqKYMtrUq-aBrA-PYPr-MtwB-ryKZMtaMetPKRzNhqllwqe0RrNTPYYKRmNZUTaPRrtNRcsokty_orN
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:50 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oCMTRn%2FDTrAw4oDjBshCNg3WMDBaOP7TNNykh%2BT1qLLn3wGez8wmCA4nx0h9heGFQyGklg3RaZb1hLFjiwcs7FafiUc%2B5Rx8OKKM2cZaY8L9k45%2B2e8N%2B6ez1mtE3iZv0%2BprwK8eRpTI"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
663462c2baee3244-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0ad49c0db7000032449a1df000000001
/
tag.vlitag.com/passback/ Frame C739
161 B
731 B
Script
General
Full URL
https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56186&divID=vi_1422756186_927&w=300&h=250
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d430e424beaf45f77abdd3a6cbee70b1f357cf7d6fa3fd591a007ee3034e6832
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:50 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9XDE0p%2FWJl539LzehJZPEgEHlGKRGtpf61qCCqbmHERaCOVa%2F9N42LwlBAbdZDY3HuN9SMEQAJszZCrZJAYoVgOmeCuog%2FyOi2s04P50yHsc9BqhYhKefaZ0vkShD%2Bp31z4mn0U7yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-request-id
0ad49c0df600004ed42b8d7000000001
cf-ray
663462c32f634ed4-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
/
stats.vlitag.com/pi/ Frame C739
0
276 B
Image
General
Full URL
https://stats.vlitag.com/pi/?e=zdNPyTBreqy-eYKY-PatB-qTwB-wMUZeAAwPeatRzNhqllwqe0RrNTPYYKRmNZUTMURrtNRcsokty_orN
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:50 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Tan%2B5JyXCyDGwo7vho8BmjaEJDu33TDd1HOaHsi0vFI5it0tly49auS%2FR1Fef22y%2F3ic9lRLritTcnzLBvAwPzrWb9izLVz5AOZdpCwdQ9YkRKkxM2jgBe4lzheWdhV5G5udkoLZCLu9"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
663462c32bca3244-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0ad49c0df5000032442b85c000000001
/
tag.vlitag.com/passback/ Frame 77F3
161 B
729 B
Script
General
Full URL
https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56199&divID=vi_1422756199_946&w=160&h=600
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9b643d52d6d85b078d4b49601529984ba697a08cb1a802a92dd29457d8ff9c2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:50 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Cu1IyStVsB5m82g16OYMfTJMTP%2FeOI1Z3ClBs9LKqdTo9JZxSU798Ribi%2FeEuJWX%2FMhUqo7UT0DXqz8BvdgOWCfjvdmFKdimIYLQCcWCCmOtfgOvE5s1fc3YL0DzRJo2VOighDW4uA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-request-id
0ad49c0ee600004ed4f01c8000000001
cf-ray
663462c4abc04ed4-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
/
stats.vlitag.com/pi/ Frame 77F3
0
553 B
Image
General
Full URL
https://stats.vlitag.com/pi/?e=zdNUArTqTAY-yqeK-PTYa-qyae-UqeMtetMwaZKRzNhqllwqe0RrNTPYYKRmNZUTaaRrtNRcsokty_orN
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:50 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=arDNvo%2FopZxUgExzH39%2B4XtbM6uReJnBZowlACeIUSSdigoqYZW0Xpi6vYd2l7hDORK9jgUk8suD8AXELpJ%2FeLc192Kq00uR3qPnP1U6%2BEJH5lKi6dWlvxCK5qQTMLh01AFFW%2FApGGIN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
663462c4abc54ed4-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0ad49c0ee700004ed423323000000001
a1495170.js
js.genieessp.com/t/495/170/ Frame 0094
8 KB
4 KB
Script
General
Full URL
https://js.genieessp.com/t/495/170/a1495170.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56187&divID=vi_1422756187_538&w=728&h=90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.213.187.173 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
fa42490e2190c44529231d3a40b32a44f92052cf5bb041cf60b7803b19b95b95

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 05:11:36 GMT
Server
nginx
ETag
W/"6088ee88-21d9"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=900, private
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Expires
Tue, 22 Jun 2021 09:32:50 GMT
a1495171.js
js.genieessp.com/t/495/171/ Frame E0CF
8 KB
4 KB
Script
General
Full URL
https://js.genieessp.com/t/495/171/a1495171.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56188&divID=vi_1422756188_474&w=160&h=600
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.213.187.173 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
0131224e6d4ee3df71952ea0293cc3c4a179505da607333bbb3cf94ffeebcb85

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 05:11:36 GMT
Server
nginx
ETag
W/"6088ee88-21d9"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=900, private
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Expires
Tue, 22 Jun 2021 09:32:50 GMT
a1495180.js
js.genieessp.com/t/495/180/ Frame 29CF
8 KB
4 KB
Script
General
Full URL
https://js.genieessp.com/t/495/180/a1495180.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56194&divID=vi_1422756194_536&w=300&h=250
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.213.187.173 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
a70d11139b55758bf7050152f5707babaf9f7abe71a7d00a1406c67b1ec31703

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 05:11:36 GMT
Server
nginx
ETag
W/"6088ee88-21d9"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=900, private
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Expires
Tue, 22 Jun 2021 09:32:50 GMT
di_tag_130-0.js
p375584.mycdn.co/banners/script/
580 KB
164 KB
Script
General
Full URL
https://p375584.mycdn.co/banners/script/di_tag_130-0.js
Requested by
Host: p375584.clksite.com
URL: https://p375584.clksite.com/adServe/banners?tid=OM1KIMCARTOON_DI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
601c132e9224f8fee3f1fe76a5b1bbfc13bfca932849ffa5ee2b09c350bfd4cf

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:50 GMT
content-encoding
gzip
last-modified
Wed, 19 May 2021 11:35:12 GMT
server
NetDNA-cache/2.2
etag
W/"60a4f7f0-90fdd"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31104000
expires
Fri, 17 Jun 2022 09:17:50 GMT
pubif-v2.min.js
www.getawesome10.com/public/
14 KB
4 KB
Script
General
Full URL
https://www.getawesome10.com/public/pubif-v2.min.js?dmn=kimcartoon.li&cln=OM1KIMCARTOON_DI&cb=1624353470189
Requested by
Host: p375584.clksite.com
URL: https://p375584.clksite.com/adServe/banners?tid=OM1KIMCARTOON_DI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:ca25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
54de12feff80bc3034f49bdd8638836a31dbd5f9778cebe57992ce2f60218f40

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:50 GMT
via
1.1 google
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad49c0f0c00004ec767935000000001
last-modified
Tue, 22 Jun 2021 08:27:39 GMT
server
cloudflare
etag
W/"3649-17a32d50478"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5OIv2SjvtHPqpgoaY03%2B2xuYLgYqtHf2PbHqeeXE2DN7ekuxPa9dL4pawPtp3kLNaZovdMI97PxwI9vo6CcMTN07vTigB7VJVdKl75McufSycX%2BS%2FUHmj1zJO4An1064RQvAjxfHrqD1Hoyu%2Fds%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
663462c4dc954ec7-FRA
analytics.js
www.google-analytics.com/ Frame A90B
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
3190
date
Tue, 22 Jun 2021 08:24:40 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Tue, 22 Jun 2021 10:24:40 GMT
a1495179.js
js.genieessp.com/t/495/179/ Frame C739
8 KB
4 KB
Script
General
Full URL
https://js.genieessp.com/t/495/179/a1495179.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56186&divID=vi_1422756186_927&w=300&h=250
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.213.187.173 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
71a2a4d8fbad1e1d22220938e000c7a7f1ba19a0fe072206280f3aee7e6a8c0f

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 05:11:36 GMT
Server
nginx
ETag
W/"6088ee88-21d9"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=900, private
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Expires
Tue, 22 Jun 2021 09:32:50 GMT
collect
www.google-analytics.com/j/ Frame A90B
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1265458744&t=pageview&_s=1&dl=https%3A%2F%2Fkimcartoon.li%2F&ul=en-us&de=UTF-8&dt=noBid_kimcartoon.li_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=kimcartoon.li&cm=noBid&cc=Default&_u=QACAAUABAAAAAC~&jid=1330947906&gjid=258695191&cid=190638717.1624353469&tid=UA-128776493-30&_gid=1922115985.1624353469&_r=1&gtm=2ou6g0&z=1107409465
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:17:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://kimcartoon.li
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame A90B
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=1265458744&t=pageview&_s=2&dl=https%3A%2F%2Fkimcartoon.li%2F&ul=en-us&de=UTF-8&dt=noBid_kimcartoon.li_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=kimcartoon.li&cm=noBid&cc=Default&_u=QACAAUABAAAAAC~&jid=&gjid=&cid=190638717.1624353469&tid=UA-128776493-30&_gid=1922115985.1624353469&gtm=2ou6g0&z=778089655
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 07:06:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7907
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame A90B
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=1265458744&t=pageview&_s=3&dl=https%3A%2F%2Fkimcartoon.li%2F&ul=en-us&de=UTF-8&dt=noBid_kimcartoon.li_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=kimcartoon.li&cm=noBid&cc=Default&_u=QACAAUABAAAAAC~&jid=&gjid=&cid=190638717.1624353469&tid=UA-128776493-30&_gid=1922115985.1624353469&gtm=2ou6g0&z=1278456557
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 07:06:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7907
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame A90B
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=1265458744&t=pageview&_s=4&dl=https%3A%2F%2Fkimcartoon.li%2F&ul=en-us&de=UTF-8&dt=noBid_kimcartoon.li_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=kimcartoon.li&cm=noBid&cc=Default&_u=QACAAUABAAAAAC~&jid=&gjid=&cid=190638717.1624353469&tid=UA-128776493-30&_gid=1922115985.1624353469&gtm=2ou6g0&z=1177324354
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 07:06:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7907
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame A90B
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=1265458744&t=pageview&_s=5&dl=https%3A%2F%2Fkimcartoon.li%2F&ul=en-us&de=UTF-8&dt=noBid_kimcartoon.li_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=kimcartoon.li&cm=noBid&cc=Default&_u=QACAAUABAAAAAC~&jid=&gjid=&cid=190638717.1624353469&tid=UA-128776493-30&_gid=1922115985.1624353469&gtm=2ou6g0&z=1831969616
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 07:06:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7907
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
it-ui-comp-popunder-di.css
p375584.mycdn.co/uicomp/styles/dist/130-0/
2 KB
882 B
Stylesheet
General
Full URL
https://p375584.mycdn.co/uicomp/styles/dist/130-0/it-ui-comp-popunder-di.css
Requested by
Host: p375584.mycdn.co
URL: https://p375584.mycdn.co/banners/script/di_tag_130-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
4fa74dd9dcb3b524415e79dee8f58dcde251c291c3047f736492ac944e607b58

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:50 GMT
content-encoding
gzip
last-modified
Wed, 19 May 2021 11:35:19 GMT
server
NetDNA-cache/2.2
etag
W/"60a4f7f7-9de"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31104000
expires
Fri, 17 Jun 2022 09:17:50 GMT
a1495172.js
js.genieessp.com/t/495/172/ Frame 77F3
8 KB
4 KB
Script
General
Full URL
https://js.genieessp.com/t/495/172/a1495172.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56199&divID=vi_1422756199_946&w=160&h=600
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.213.187.173 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
b994133297ed4f0928bb896cefd1a915ef7c56f05196329a68dc926b5410eecb

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 05:11:36 GMT
Server
nginx
ETag
W/"6088ee88-21d9"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=900, private
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Expires
Tue, 22 Jun 2021 09:32:51 GMT
jsk
ialaddin.genieesspv.jp/yie/ld/ Frame 0094
6 KB
3 KB
Script
General
Full URL
https://ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1495170&cb=1682914007&charset=UTF-8&loc=https%3A%2F%2Fkimcartoon.li%2F&sw=1200&sh=1600&topframe=0
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.47.25.67 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
/
Resource Hash
0c595e074c10f86b519d082fc7b73c38df7939b175782012a549d19029647749

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:51 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
im-uid-hook.js
dmp.im-apps.net/scripts/ Frame 0094
1 KB
872 B
Script
General
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by
Host: js.genieessp.com
URL: https://js.genieessp.com/t/495/170/a1495170.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
34e0e0a15150f30ff3af9a12dac2786b99f7ede6a470dd9a2f2d798fff6f2844

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:50 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Cache-Control
public, max-age=3600, s-maxage=10800
Connection
keep-alive
Content-Type
text/javascript
Content-Length
617
jsk
ialaddin.genieesspv.jp/yie/ld/ Frame E0CF
6 KB
3 KB
Script
General
Full URL
https://ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1495171&cb=82981053151&charset=UTF-8&loc=https%3A%2F%2Fkimcartoon.li%2F&sw=1200&sh=1600&topframe=0
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.47.25.67 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
/
Resource Hash
4c4790aa97ae3e37eb907eeb3aafb0363302bbc783cda03926c97112c49717d7

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:51 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
im-uid-hook.js
dmp.im-apps.net/scripts/ Frame E0CF
1 KB
872 B
Script
General
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by
Host: js.genieessp.com
URL: https://js.genieessp.com/t/495/171/a1495171.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
34e0e0a15150f30ff3af9a12dac2786b99f7ede6a470dd9a2f2d798fff6f2844

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:50 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Cache-Control
public, max-age=3600, s-maxage=10800
Connection
keep-alive
Content-Type
text/javascript
Content-Length
617
jsk
ialaddin.genieesspv.jp/yie/ld/ Frame 29CF
6 KB
3 KB
Script
General
Full URL
https://ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1495180&cb=25061605010&charset=UTF-8&loc=https%3A%2F%2Fkimcartoon.li%2F&sw=1200&sh=1600&topframe=0
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.47.25.67 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
/
Resource Hash
0f0d3900c03bbc45f0ff9a18c720d9b3d048f52db3e620cc93d094e8a3df3c53

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:51 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
im-uid-hook.js
dmp.im-apps.net/scripts/ Frame 29CF
1 KB
872 B
Script
General
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by
Host: js.genieessp.com
URL: https://js.genieessp.com/t/495/180/a1495180.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
34e0e0a15150f30ff3af9a12dac2786b99f7ede6a470dd9a2f2d798fff6f2844

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:50 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Cache-Control
public, max-age=3600, s-maxage=10800
Connection
keep-alive
Content-Type
text/javascript
Content-Length
617
im-uid.js
dmp.im-apps.net/sdk/ Frame E0CF
6 KB
3 KB
Script
General
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1a9163963ae4e7fae1d0aef79cd92d029b29843766ce501c764fc91092b2c314

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_tgYtBzv19gnEnWcQFy8CR5KdTrOcG9m
Content-Encoding
gzip
Last-Modified
Fri, 04 Jun 2021 06:41:02 GMT
ETag
"acb4a4c0b7c909aa8d76098134b478a6"
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Cache-Control
max-age=10800
Date
Tue, 22 Jun 2021 09:17:50 GMT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
2415
im-uid.js
dmp.im-apps.net/sdk/ Frame 29CF
6 KB
3 KB
Script
General
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1a9163963ae4e7fae1d0aef79cd92d029b29843766ce501c764fc91092b2c314

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_tgYtBzv19gnEnWcQFy8CR5KdTrOcG9m
Content-Encoding
gzip
Last-Modified
Fri, 04 Jun 2021 06:41:02 GMT
ETag
"acb4a4c0b7c909aa8d76098134b478a6"
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Cache-Control
max-age=10800
Date
Tue, 22 Jun 2021 09:17:50 GMT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
2415
get
audiencedata.im-apps.net/imuid/ Frame E0CF
28 B
87 B
XHR
General
Full URL
https://audiencedata.im-apps.net/imuid/get?vid=01F8SG5YGDKERY9BVHCKMKNT1D&cid=3929
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
7ae50713261aba1a94afe26df21e722fa3c82a4eb136b4f95a95b50edc10bcf8

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:17:51 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
28
content-type
application/json
jsk
ialaddin.genieesspv.jp/yie/ld/ Frame C739
6 KB
3 KB
Script
General
Full URL
https://ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1495179&cb=13370937604&charset=UTF-8&loc=https%3A%2F%2Fkimcartoon.li%2F&sw=1200&sh=1600&topframe=0
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.47.25.67 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
/
Resource Hash
886431596bf713cdb2c018c6e97f1fa3141a6134fafc9723e5ec6d97c40e5850

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:51 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
im-uid-hook.js
dmp.im-apps.net/scripts/ Frame C739
1 KB
872 B
Script
General
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by
Host: js.genieessp.com
URL: https://js.genieessp.com/t/495/179/a1495179.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
34e0e0a15150f30ff3af9a12dac2786b99f7ede6a470dd9a2f2d798fff6f2844

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:50 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Cache-Control
public, max-age=3600, s-maxage=10800
Connection
keep-alive
Content-Type
text/javascript
Content-Length
617
get
audiencedata.im-apps.net/imuid/ Frame 29CF
28 B
167 B
XHR
General
Full URL
https://audiencedata.im-apps.net/imuid/get?vid=01F8SG5YGDKERY9BVHCKMKNT1D&cid=3929
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
7ae50713261aba1a94afe26df21e722fa3c82a4eb136b4f95a95b50edc10bcf8

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:17:51 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
28
content-type
application/json
im-uid.js
dmp.im-apps.net/sdk/ Frame 0094
6 KB
3 KB
Script
General
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1a9163963ae4e7fae1d0aef79cd92d029b29843766ce501c764fc91092b2c314

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_tgYtBzv19gnEnWcQFy8CR5KdTrOcG9m
Content-Encoding
gzip
Last-Modified
Fri, 04 Jun 2021 06:41:02 GMT
ETag
"acb4a4c0b7c909aa8d76098134b478a6"
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Cache-Control
max-age=10800
Date
Tue, 22 Jun 2021 09:17:50 GMT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
2415
get
audiencedata.im-apps.net/imuid/ Frame 0094
28 B
87 B
XHR
General
Full URL
https://audiencedata.im-apps.net/imuid/get?vid=01F8SG5YGDKERY9BVHCKMKNT1D&cid=3929
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
7ae50713261aba1a94afe26df21e722fa3c82a4eb136b4f95a95b50edc10bcf8

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:17:51 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
28
content-type
application/json
im-uid.js
dmp.im-apps.net/sdk/ Frame C739
6 KB
3 KB
Script
General
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1a9163963ae4e7fae1d0aef79cd92d029b29843766ce501c764fc91092b2c314

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_tgYtBzv19gnEnWcQFy8CR5KdTrOcG9m
Content-Encoding
gzip
Last-Modified
Fri, 04 Jun 2021 06:41:02 GMT
ETag
"acb4a4c0b7c909aa8d76098134b478a6"
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Cache-Control
max-age=10800
Date
Tue, 22 Jun 2021 09:17:51 GMT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
2415
get
audiencedata.im-apps.net/imuid/ Frame C739
28 B
87 B
XHR
General
Full URL
https://audiencedata.im-apps.net/imuid/get?vid=01F8SG5YGDKERY9BVHCKMKNT1D&cid=3929
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
7ae50713261aba1a94afe26df21e722fa3c82a4eb136b4f95a95b50edc10bcf8

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:17:51 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
28
content-type
application/json
jsk
ialaddin.genieesspv.jp/yie/ld/ Frame 77F3
8 KB
3 KB
Script
General
Full URL
https://ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1495172&cb=92245088939&charset=UTF-8&loc=https%3A%2F%2Fkimcartoon.li%2F&sw=1200&sh=1600&topframe=0
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.47.25.67 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
/
Resource Hash
550313a0d81969bf43c6c951adde23965113af7048bb040a554682a7b3718e6c

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:51 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
im-uid-hook.js
dmp.im-apps.net/scripts/ Frame 77F3
1 KB
872 B
Script
General
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by
Host: js.genieessp.com
URL: https://js.genieessp.com/t/495/172/a1495172.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
34e0e0a15150f30ff3af9a12dac2786b99f7ede6a470dd9a2f2d798fff6f2844

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:51 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Cache-Control
public, max-age=3600, s-maxage=10800
Connection
keep-alive
Content-Type
text/javascript
Content-Length
617
im-uid.js
dmp.im-apps.net/sdk/ Frame 77F3
6 KB
3 KB
Script
General
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1a9163963ae4e7fae1d0aef79cd92d029b29843766ce501c764fc91092b2c314

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_tgYtBzv19gnEnWcQFy8CR5KdTrOcG9m
Content-Encoding
gzip
Last-Modified
Fri, 04 Jun 2021 06:41:02 GMT
ETag
"acb4a4c0b7c909aa8d76098134b478a6"
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Cache-Control
max-age=10800
Date
Tue, 22 Jun 2021 09:17:51 GMT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
2415
get
audiencedata.im-apps.net/imuid/ Frame 77F3
28 B
87 B
XHR
General
Full URL
https://audiencedata.im-apps.net/imuid/get?vid=01F8SG5YGDKERY9BVHCKMKNT1D&cid=3929
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
7ae50713261aba1a94afe26df21e722fa3c82a4eb136b4f95a95b50edc10bcf8

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:17:51 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
28
content-type
application/json
inview.20190130.min.js
js.genieessp.com/j/ Frame E0CF
5 KB
3 KB
Script
General
Full URL
https://js.genieessp.com/j/inview.20190130.min.js
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.213.187.173 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
66d21fa22c441eac50abdd7163ebb164107c90cecb3ce0a87d0014b97c7660b6

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Feb 2019 06:15:01 GMT
Server
nginx
ETag
W/"5c650765-13cd"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, private
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Expires
Wed, 22 Jun 2022 09:17:51 GMT
gcs
rt.gsspat.jp/yie/ld/ Frame E0CF
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2
  • https://cs.gssprt.jp/yie/ld/cs?dspid=lamp
  • https://rt.gsspat.jp/yie/ld/gcs?v=WAs0ex4iHFQFHErSnn_adLYsWcBBEmHr1rcsEKk8eDrs2VkjrqZqKH5BM4YA7LKfJWOmPucH0RIi5VvCEmp4TeqTWX96GQvan6Tsc9WO6s0=
43 B
250 B
Image
General
Full URL
https://rt.gsspat.jp/yie/ld/gcs?v=WAs0ex4iHFQFHErSnn_adLYsWcBBEmHr1rcsEKk8eDrs2VkjrqZqKH5BM4YA7LKfJWOmPucH0RIi5VvCEmp4TeqTWX96GQvan6Tsc9WO6s0=
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.230.178.20 Sapporo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:52 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
//rt.gsspat.jp/yie/ld/gcs?v=WAs0ex4iHFQFHErSnn_adLYsWcBBEmHr1rcsEKk8eDrs2VkjrqZqKH5BM4YA7LKfJWOmPucH0RIi5VvCEmp4TeqTWX96GQvan6Tsc9WO6s0=
Cache-Control
private, max-age=0, no-cache
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
text/html; charset=ISO-8859-1
Content-Length
1
Expires
Mon, 26 Jul 1997 05:00:00 GMT
cs
cs.gssprt.jp/yie/ld/ Frame E0CF
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2
  • https://g.c.appier.net/ge
  • https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=TIJH40R1CTuZeD_SwarRYA
43 B
482 B
Image
General
Full URL
https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=TIJH40R1CTuZeD_SwarRYA
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
153.254.173.146 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=TIJH40R1CTuZeD_SwarRYA
date
Tue, 22 Jun 2021 09:17:53 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
97
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
acs
ialaddin.genieesspv.jp/yie/ld/ Frame E0CF
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=yeahtargeter&format=gif&vid=2
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA7gOnO4-6PRmJ5l7l-UsksOX83nvWBsLhDJIIilLPJfSC6J2LUO05jywuQPqFRhy7g&format=gif
43 B
521 B
Image
General
Full URL
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA7gOnO4-6PRmJ5l7l-UsksOX83nvWBsLhDJIIilLPJfSC6J2LUO05jywuQPqFRhy7g&format=gif
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.47.25.67 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:52 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CUR ADM OUR NOR STA NID

Redirect headers

Date
Tue, 22 Jun 2021 09:17:52 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CUR ADM OUR NOR STA NID
Location
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA7gOnO4-6PRmJ5l7l-UsksOX83nvWBsLhDJIIilLPJfSC6J2LUO05jywuQPqFRhy7g&format=gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/octet-stream
inview.20190130.min.js
js.genieessp.com/j/ Frame 77F3
5 KB
3 KB
Script
General
Full URL
https://js.genieessp.com/j/inview.20190130.min.js
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.213.187.173 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
66d21fa22c441eac50abdd7163ebb164107c90cecb3ce0a87d0014b97c7660b6

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Feb 2019 06:15:01 GMT
Server
nginx
ETag
W/"5c650765-13cd"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, private
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Expires
Wed, 22 Jun 2022 09:17:52 GMT
invoke.js
graniteacquitcharacteristic.com/cbe853cda1f5db47fc81e0eb75a752b5/ Frame 77F3
0
0
Script
General
Full URL
https://graniteacquitcharacteristic.com/cbe853cda1f5db47fc81e0eb75a752b5/invoke.js
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 22 Jun 2021 09:17:52 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
gcs
rt.gsspat.jp/yie/ld/ Frame 77F3
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2
  • https://cs.gssprt.jp/yie/ld/cs?dspid=lamp
  • https://rt.gsspat.jp/yie/ld/gcs?v=WAs0ex4iHFQFHErSnn_adL8Ss0x-JtX_FRelTma8GkJNrfuAzs-_cqKygSKzd_fVtaWMan2s3-Ai5VvCEmp4TeqTWX96GQvan6Tsc9WO6s0=
43 B
249 B
Image
General
Full URL
https://rt.gsspat.jp/yie/ld/gcs?v=WAs0ex4iHFQFHErSnn_adL8Ss0x-JtX_FRelTma8GkJNrfuAzs-_cqKygSKzd_fVtaWMan2s3-Ai5VvCEmp4TeqTWX96GQvan6Tsc9WO6s0=
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.230.178.20 Sapporo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:52 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
//rt.gsspat.jp/yie/ld/gcs?v=WAs0ex4iHFQFHErSnn_adL8Ss0x-JtX_FRelTma8GkJNrfuAzs-_cqKygSKzd_fVtaWMan2s3-Ai5VvCEmp4TeqTWX96GQvan6Tsc9WO6s0=
Cache-Control
private, max-age=0, no-cache
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
text/html; charset=ISO-8859-1
Content-Length
1
Expires
Mon, 26 Jul 1997 05:00:00 GMT
cs
cs.gssprt.jp/yie/ld/ Frame 77F3
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2
  • https://g.c.appier.net/ge
  • https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=mNgHGhINDz2d-Mc0warRYA
43 B
482 B
Image
General
Full URL
https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=mNgHGhINDz2d-Mc0warRYA
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
153.254.173.146 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=mNgHGhINDz2d-Mc0warRYA
date
Tue, 22 Jun 2021 09:17:53 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
97
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
acs
ialaddin.genieesspv.jp/yie/ld/ Frame 77F3
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=yeahtargeter&format=gif&vid=2
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA00o4eYPEsXJa6VvJUOYspH6x-GwNMc08MjfxvyjP3aQETNSGM-mExjCPkEQ-AT22w&format=gif
43 B
521 B
Image
General
Full URL
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA00o4eYPEsXJa6VvJUOYspH6x-GwNMc08MjfxvyjP3aQETNSGM-mExjCPkEQ-AT22w&format=gif
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.47.25.67 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:52 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CUR ADM OUR NOR STA NID

Redirect headers

Date
Tue, 22 Jun 2021 09:17:52 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CUR ADM OUR NOR STA NID
Location
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA00o4eYPEsXJa6VvJUOYspH6x-GwNMc08MjfxvyjP3aQETNSGM-mExjCPkEQ-AT22w&format=gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/octet-stream
gl3
ialaddin.genieesspv.jp/yie/ld/ Frame 77F3
43 B
365 B
Image
General
Full URL
https://ialaddin.genieesspv.jp/yie/ld/gl3?zid=1495172&asid=9615007&idx=0&cb=8f24d8fbd7&l=JVJve-vDOJ0FqwsSSes9TNuNAdr2QVdqEFfN9Bfaep7rcETUCYbB81XW6wYeYvwgrT1gkbth6Xp-_4PhVpTQORVol10iZoJyQ4IhyLGCtYB-bxW2Vn9D2sotPi5IbUTJJ6Iz4JWMovk8Wt5o9fNkOpKBqda3N7siIENBoBbXQ-W1MdGl29LvLKSdVEuzCi4u0tyDYMusEGsn34ziQecYqUykQjT2sbOwQlAwAFTvaUCuNhqkKRS5QiCQ32XGPOuPG-gb-Wam_LnzEHh0aEkN7Sn-hUEcpXEUPZdQN7wm3d8tty0gdaLzZcA8JdEOfunml4MUcuyxw7xqqdhUmafkPTtFyyjwgdr1iMJCa1FjpTzGDoVl9PBVjN4mQL_vfThZC8FfmHKM7QELymm_K2Z6tqPmIUMaBOVJ2Ee3sBhzXlDpodKcJAk85JoksLYZz7k96ib7jzoXo-hk8LzNVeTDIA8e1YZyphaJ_9mC9D59fTbWysFcQrE6cN91Lq3CHm-QNENlJEQvrEvRXkHMhF3f1rPNir98D_uV8Gj1ZJ_19bl30Z-kb3Xa_pscVNJ3IIkXAreXmQV22FA
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.47.25.67 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:52 GMT
Server
nginx
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT
inview.20190130.min.js
js.genieessp.com/j/ Frame 0094
5 KB
3 KB
Script
General
Full URL
https://js.genieessp.com/j/inview.20190130.min.js
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.213.187.173 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
66d21fa22c441eac50abdd7163ebb164107c90cecb3ce0a87d0014b97c7660b6

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Feb 2019 06:15:01 GMT
Server
nginx
ETag
W/"5c650765-13cd"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, private
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Expires
Wed, 22 Jun 2022 09:17:52 GMT
acs
ialaddin.genieesspv.jp/yie/ld/ Frame 0094
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=lamp&v=I_BhyJMsY9jQvRpQO_mAvAz5M0LeJtKY00T175URjJRV5UqWBwRK8sGYZ7CsseNjgvx36XHqd68OSmsdTyOETE4Cl0VJB1XmHNVWaYIpAKGME35xR34TMsVOkVvVGEL3fVWEVcGx...
43 B
544 B
Image
General
Full URL
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=lamp&v=I_BhyJMsY9jQvRpQO_mAvAz5M0LeJtKY00T175URjJRV5UqWBwRK8sGYZ7CsseNjgvx36XHqd68OSmsdTyOETE4Cl0VJB1XmHNVWaYIpAKGME35xR34TMsVOkVvVGEL3fVWEVcGxkS24HaoRhfaiUA&format=gif
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.47.25.67 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CUR ADM OUR NOR STA NID

Redirect headers

Date
Tue, 22 Jun 2021 09:17:52 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CUR ADM OUR NOR STA NID
Location
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=lamp&v=I_BhyJMsY9jQvRpQO_mAvAz5M0LeJtKY00T175URjJRV5UqWBwRK8sGYZ7CsseNjgvx36XHqd68OSmsdTyOETE4Cl0VJB1XmHNVWaYIpAKGME35xR34TMsVOkVvVGEL3fVWEVcGxkS24HaoRhfaiUA&format=gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/octet-stream
cs
cs.gssprt.jp/yie/ld/ Frame 0094
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2
  • https://g.c.appier.net/ge
  • https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=kJqyfxHgB_qruZZ6warRYA
43 B
482 B
Image
General
Full URL
https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=kJqyfxHgB_qruZZ6warRYA
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
153.254.173.146 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=kJqyfxHgB_qruZZ6warRYA
date
Tue, 22 Jun 2021 09:17:53 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
97
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
acs
ialaddin.genieesspv.jp/yie/ld/ Frame 0094
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=yeahtargeter&format=gif&vid=2
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA00o4eYPEsXJa6VvJUOYspH6x-GwNMc08MjfxvyjP3aQETNSGM-mExjCPkEQ-AT22w&format=gif
43 B
521 B
Image
General
Full URL
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA00o4eYPEsXJa6VvJUOYspH6x-GwNMc08MjfxvyjP3aQETNSGM-mExjCPkEQ-AT22w&format=gif
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.47.25.67 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CUR ADM OUR NOR STA NID

Redirect headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CUR ADM OUR NOR STA NID
Location
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA00o4eYPEsXJa6VvJUOYspH6x-GwNMc08MjfxvyjP3aQETNSGM-mExjCPkEQ-AT22w&format=gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/octet-stream
inview.20190130.min.js
js.genieessp.com/j/ Frame 29CF
5 KB
3 KB
Script
General
Full URL
https://js.genieessp.com/j/inview.20190130.min.js
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.213.187.173 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
66d21fa22c441eac50abdd7163ebb164107c90cecb3ce0a87d0014b97c7660b6

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Feb 2019 06:15:01 GMT
Server
nginx
ETag
W/"5c650765-13cd"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, private
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Expires
Wed, 22 Jun 2022 09:17:52 GMT
acs
ialaddin.genieesspv.jp/yie/ld/ Frame 29CF
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=lamp&v=I_BhyJMsY9jQvRpQO_mAvAz5M0LeJtKY00T175URjJRV5UqWBwRK8sGYZ7CsseNjgvx36XHqd68OSmsdTyOETOrmhMm63uX3tBW4qstfrCjDC5IVtkLsXvcuf30dfW14tJpwuqTW...
43 B
544 B
Image
General
Full URL
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=lamp&v=I_BhyJMsY9jQvRpQO_mAvAz5M0LeJtKY00T175URjJRV5UqWBwRK8sGYZ7CsseNjgvx36XHqd68OSmsdTyOETOrmhMm63uX3tBW4qstfrCjDC5IVtkLsXvcuf30dfW14tJpwuqTWSxMhjG2PZnsqVg&format=gif
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.47.25.67 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CUR ADM OUR NOR STA NID

Redirect headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CUR ADM OUR NOR STA NID
Location
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=lamp&v=I_BhyJMsY9jQvRpQO_mAvAz5M0LeJtKY00T175URjJRV5UqWBwRK8sGYZ7CsseNjgvx36XHqd68OSmsdTyOETOrmhMm63uX3tBW4qstfrCjDC5IVtkLsXvcuf30dfW14tJpwuqTWSxMhjG2PZnsqVg&format=gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/octet-stream
cs
cs.gssprt.jp/yie/ld/ Frame 29CF
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2
  • https://g.c.appier.net/ge
  • https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=kJqyfxHgB_qruZZ6warRYA
43 B
482 B
Image
General
Full URL
https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=kJqyfxHgB_qruZZ6warRYA
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
153.254.173.146 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:54 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=kJqyfxHgB_qruZZ6warRYA
date
Tue, 22 Jun 2021 09:17:53 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
97
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
acs
ialaddin.genieesspv.jp/yie/ld/ Frame 29CF
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=yeahtargeter&format=gif&vid=2
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA00o4eYPEsXJa6VvJUOYspH6x-GwNMc08MjfxvyjP3aQETNSGM-mExjCPkEQ-AT22w&format=gif
43 B
521 B
Image
General
Full URL
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA00o4eYPEsXJa6VvJUOYspH6x-GwNMc08MjfxvyjP3aQETNSGM-mExjCPkEQ-AT22w&format=gif
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.47.25.67 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CUR ADM OUR NOR STA NID

Redirect headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CUR ADM OUR NOR STA NID
Location
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA00o4eYPEsXJa6VvJUOYspH6x-GwNMc08MjfxvyjP3aQETNSGM-mExjCPkEQ-AT22w&format=gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/octet-stream
inview.20190130.min.js
js.genieessp.com/j/ Frame C739
5 KB
3 KB
Script
General
Full URL
https://js.genieessp.com/j/inview.20190130.min.js
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.213.187.173 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
66d21fa22c441eac50abdd7163ebb164107c90cecb3ce0a87d0014b97c7660b6

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Feb 2019 06:15:01 GMT
Server
nginx
ETag
W/"5c650765-13cd"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, private
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Expires
Wed, 22 Jun 2022 09:17:52 GMT
acs
ialaddin.genieesspv.jp/yie/ld/ Frame C739
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=lamp&v=I_BhyJMsY9jQvRpQO_mAvAz5M0LeJtKY00T175URjJRV5UqWBwRK8sGYZ7CsseNjgvx36XHqd68OSmsdTyOETOrmhMm63uX3tBW4qstfrCjDC5IVtkLsXvcuf30dfW14tJpwuqTW...
43 B
544 B
Image
General
Full URL
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=lamp&v=I_BhyJMsY9jQvRpQO_mAvAz5M0LeJtKY00T175URjJRV5UqWBwRK8sGYZ7CsseNjgvx36XHqd68OSmsdTyOETOrmhMm63uX3tBW4qstfrCjDC5IVtkLsXvcuf30dfW14tJpwuqTWSxMhjG2PZnsqVg&format=gif
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.47.25.67 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CUR ADM OUR NOR STA NID

Redirect headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CUR ADM OUR NOR STA NID
Location
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=lamp&v=I_BhyJMsY9jQvRpQO_mAvAz5M0LeJtKY00T175URjJRV5UqWBwRK8sGYZ7CsseNjgvx36XHqd68OSmsdTyOETOrmhMm63uX3tBW4qstfrCjDC5IVtkLsXvcuf30dfW14tJpwuqTWSxMhjG2PZnsqVg&format=gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/octet-stream
acs
ialaddin.genieesspv.jp/yie/ld/ Frame C739
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=appier&v=I_BhyJMsY9jQvRpQO_mAvAz5M0LeJtKY00T175URjJRV5UqWBwRK8sGYZ7CsseNjgvx36XHqd68OSmsdTyOETItl6T8EugbIgUM_99X-sSBn2WcIIkoj6rT1FGokz2Qna2_fQS...
43 B
536 B
Image
General
Full URL
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=appier&v=I_BhyJMsY9jQvRpQO_mAvAz5M0LeJtKY00T175URjJRV5UqWBwRK8sGYZ7CsseNjgvx36XHqd68OSmsdTyOETItl6T8EugbIgUM_99X-sSBn2WcIIkoj6rT1FGokz2Qna2_fQSMLOXldaum3K9GdEA&format=gif
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.47.25.67 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:54 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CUR ADM OUR NOR STA NID

Redirect headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CUR ADM OUR NOR STA NID
Location
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=appier&v=I_BhyJMsY9jQvRpQO_mAvAz5M0LeJtKY00T175URjJRV5UqWBwRK8sGYZ7CsseNjgvx36XHqd68OSmsdTyOETItl6T8EugbIgUM_99X-sSBn2WcIIkoj6rT1FGokz2Qna2_fQSMLOXldaum3K9GdEA&format=gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/octet-stream
acs
ialaddin.genieesspv.jp/yie/ld/ Frame C739
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=yeahtargeter&format=gif&vid=2
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA00o4eYPEsXJa6VvJUOYspH6x-GwNMc08MjfxvyjP3aQETNSGM-mExjCPkEQ-AT22w&format=gif
43 B
521 B
Image
General
Full URL
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA00o4eYPEsXJa6VvJUOYspH6x-GwNMc08MjfxvyjP3aQETNSGM-mExjCPkEQ-AT22w&format=gif
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.47.25.67 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:54 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CUR ADM OUR NOR STA NID

Redirect headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CUR ADM OUR NOR STA NID
Location
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA00o4eYPEsXJa6VvJUOYspH6x-GwNMc08MjfxvyjP3aQETNSGM-mExjCPkEQ-AT22w&format=gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/octet-stream
quantumdex
sync.quantumdex.io/usersync/ Frame 5B8B
3 KB
1 KB
Document
General
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12e5d533bdf3f2290b64b6fe3305592b8c6200c16a1f1f2647550a26b4cec447

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kimcartoon.li/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://kimcartoon.li/

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
content-type
text/html
set-cookie
uid=caaca14f-a01d-4ab6-9e88-0cc1dfbab035; expires=Mon, 12 Jul 2021 09:17:52 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0ad49c196600004e43958a3000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QzoJho%2B5MoB0UXE8IIn3FLcBvHgSdr7b4kjrxIdfNvlEO2GdL5DRNr3xGkyxBKBwC2C0nvhxTDsYKwNJJ%2FCw8TnNgBitG%2BUbf2NhSh2m%2BRr2pRWWcSaadInBw70NyixBkLDlMUMF%2BuCk1I8%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
663462d56f8a4e43-FRA
content-encoding
br
quantumdex
sync.quantumdex.io/usersync/ Frame 71FA
3 KB
1 KB
Document
General
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e1287230142ea2742f533d0a278c4067b1693f59055a986dcadead4f5200ce2

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kimcartoon.li/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://kimcartoon.li/

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
content-type
text/html
set-cookie
uid=848dccc1-1b21-4357-a314-a06ee93ff2a0; expires=Mon, 12 Jul 2021 09:17:53 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0ad49c196b00004e435e9c8000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=f0PF9w%2F%2Fmm1EujL%2BvR0TiCqY3f4hPN%2FpKGCo744kUGcIcIHQxh2kKuvwoqY%2BexOdVxaI1snxEwgEEZfCREGKA9RpBfOrec0L%2Bsca1Kh0GPTDrZTYvx7pVyDcCsiVRR0FykQS6mc9A%2BwzNiM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
663462d57f974e43-FRA
content-encoding
br
quantumdex
sync.quantumdex.io/usersync/ Frame 791D
3 KB
1 KB
Document
General
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08588345887e514fb8f17c1f959abfe4a46d2772360ccdaa2d916925915f7d78

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kimcartoon.li/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://kimcartoon.li/

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
content-type
text/html
set-cookie
uid=44734c64-0b28-49d8-a76f-46d7e1496e3f; expires=Mon, 12 Jul 2021 09:17:52 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0ad49c196f00004e43a18d7000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aiXN4lFV%2FhKj4Zs%2BRmjkbh2F3ZO73G450pSwNRjKiDa0QgbeujKoe640OCS0GRQZaos4WtHg40rWzpAkS6bgIi%2Bh6lj5fKeHA4YLSWBQD0MAGAKUXYUdgd1aCtptO5MUrpcndF5r46VsS1U%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
663462d57fba4e43-FRA
content-encoding
br
quantumdex
sync.quantumdex.io/usersync/ Frame C86C
3 KB
1 KB
Document
General
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e37fa4374ea2eb30da2b68ae891d8e8ec9955e1cade2c2d500651e92c447bcf

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kimcartoon.li/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://kimcartoon.li/

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
content-type
text/html
set-cookie
uid=ade64c6e-5904-4f84-86b3-976190437dd9; expires=Mon, 12 Jul 2021 09:17:52 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0ad49c197000004e43a50cc000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AurTsfbwkBlRwlhbwTQ26QRlmlpe9rPYaCcghuY%2BnB5OROOGWcq%2B9i81O0p1VB%2BL1VMjCrQMXzGxeDlQ6%2FRAXiZ8XgenUyp2vT9NTsiKvWh%2FxcOvCl8B5IcOdBCI3VPtHKOL6%2B5%2F7%2BY%2BrcI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
663462d57fac4e43-FRA
content-encoding
br
quantumdex
sync.quantumdex.io/usersync/ Frame 63F4
3 KB
1 KB
Document
General
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f5ec84dd64372a0e0b363ec65053266a445c83ff2a09f63e03970a01c2d8749

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kimcartoon.li/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://kimcartoon.li/

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
content-type
text/html
set-cookie
uid=5c8204f0-1837-4ce6-acce-a34fa26e3511; expires=Mon, 12 Jul 2021 09:17:52 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0ad49c197000004e438d9df000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=p1n%2FHl9Q7bVSJVtUhUVo8ouuyEEelSX%2BtlCaCF8XER21iSCYBAUtj01ze83vWfutM9UXC1kH3uCgMipp8Tbv1SNEi7axfL1FeRiFqJxwQk1aJ%2FdSS9LynXxjW3QoNECDLGzYytcPYKqNpkk%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
663462d57fbf4e43-FRA
content-encoding
br
setuid
sync.quantumdex.io/ Frame 5B8B
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-bd6293c3-6b53-4758-b5a3-48f9c332523f
43 B
343 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-bd6293c3-6b53-4758-b5a3-48f9c332523f
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=16y%2FX0nasq6wyR8e%2FvRB%2BKo6GnJBf6Y4v37nc55m8R2ogKOPbN80aBKfUI4VW9bwtIiA%2BQjJ7u3KhUb0ybb81TGvgtNFEasQpMQoyp48dhywJ2S9jzZkSDo1KxM4F5WDYXZS4tgBNwTe1wI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d888e34e43-FRA
content-length
43
cf-request-id
0ad49c1b5500004e438da26000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-bd6293c3-6b53-4758-b5a3-48f9c332523f
date
Tue, 22 Jun 2021 09:17:53 GMT
server
Apache-Coyote/1.1
content-length
0
setuid
sync.quantumdex.io/ Frame 5B8B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6562459018269791952
43 B
344 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6562459018269791952
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SKGvmMqfhlaf%2Fxj5odxchk6nVTX35ysVrq96PbvJDHxJuSLmkrtrBtlANEnhixFsbywwFGmFF1mpLSQjswWpW5zYBn80TMhaJ5A%2Fy7iN2FIDf9SurC5lCRf5DDT%2B38NLN6R%2Bm4TEpTp3p6E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7ae4b4e43-FRA
content-length
43
cf-request-id
0ad49c1ac800004e4352055000000001

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
X-Proxy-Origin
159.48.53.248; 159.48.53.248; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.230:80
AN-X-Request-Uuid
1e0c49b5-a2b5-4da4-8d14-64d47d421947
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6562459018269791952
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 5B8B
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb90999c9-d33a-11eb-b67c-02efc58c1128
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb90999c9-d33a-11eb-b67c-02efc58c1128
43 B
346 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb90999c9-d33a-11eb-b67c-02efc58c1128
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LvhkLRFNpzhXtPKCYC%2FNCNVmTb0HoL7tx7m6eJziqYYRTtcISRSHs5EZjUAXUi0rhtqc%2BMKeEClutAawmETHv5HyVjbFP%2BG%2F8jzAHGrMWiYbIeaXUiIAT6jOSKySPNzMK60qvKJIY9ZVxMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7ceb24e43-FRA
content-length
43
cf-request-id
0ad49c1adc00004e43a80df000000001

Redirect headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb90999c9-d33a-11eb-b67c-02efc58c1128
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 5B8B
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=87de54acf6133004306388a2
43 B
339 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=87de54acf6133004306388a2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=a9XJp0vMwrbClkd%2B4uJ7m3jmTDeiqkdq71mPNyU2pIaOiZ9PhFMHYyLuT2F9C3FjVeA0MjCfpHyVA8EmC1BloGX9doQhXLlO10jsZKzierx9R94y34OdFvRsZroOnNtTGGTvvomcvgPw4EM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d75d514e43-FRA
content-length
43
cf-request-id
0ad49c1a9700004e437d10d000000001

Redirect headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=87de54acf6133004306388a2
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame 5B8B
Redirect Chain
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=61e7b019d7d1b74d282592b287201fb615ecbe76
43 B
347 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=adman&uid=61e7b019d7d1b74d282592b287201fb615ecbe76
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MvIZJhFBPtiZEQnE50nso3Ti2TriFxLjeh%2Fj3ze8gjyrI3RMYVp%2B%2FbIY2w7Suuni6Ws%2FLQvf3qjXSq6wwKtCNNBFjhF2HL28vlHlQPosEqFtoMc2RURmbHKH%2BJlRz3GeK%2BcJv1DzrbQWBVM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d888ea4e43-FRA
content-length
43
cf-request-id
0ad49c1b5600004e433f9c8000000001

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=adman&uid=61e7b019d7d1b74d282592b287201fb615ecbe76
Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
setuid
sync.quantumdex.io/ Frame 5B8B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-QZlHqQpE2uEUzHHhyUdLTpzCTS9QEaHytQWh2Wo-~A
43 B
343 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-QZlHqQpE2uEUzHHhyUdLTpzCTS9QEaHytQWh2Wo-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RNRrSY9rEBXnq5bfJ5Tpyle0jcDMfbg7IiKq22gn7ewX2Xngexs%2FxxlhfiyshoNmXuhPFIR4haUp0KU3aZKYdet82oZFm5U94obW%2Fi9Sn2%2Bp7aDi6iH5fzs2B3crj8s%2F%2F4HX7yYrWCbX%2Bxs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d75d424e43-FRA
content-length
43
cf-request-id
0ad49c1a9800004e43a7a93000000001

Redirect headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-QZlHqQpE2uEUzHHhyUdLTpzCTS9QEaHytQWh2Wo-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 5B8B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=6562459018269791952
43 B
370 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=6562459018269791952
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2Bb9SEU73XD0apxlGtHghZxs4ifXpWxZHy6vtsJGN%2BpdulTwm1sGH8ypfNw4ez96tUfCkej2LoYyZZCsmPT1vfLWsEcPi1EwnAo9LlRpmzzV%2BxNYm%2FFNbGgmsrrOlGw0E%2F%2FT%2F2gZz8Xv9Bbg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7ae544e43-FRA
content-length
43
cf-request-id
0ad49c1acb00004e437d113000000001

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
X-Proxy-Origin
159.48.53.248; 159.48.53.248; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.148:80
AN-X-Request-Uuid
d48488f0-8970-4f9e-a159-8786ca3a388b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=6562459018269791952
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 5B8B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1808910678779486814
43 B
483 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1808910678779486814
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8Dzuf9qfJmeqCE7hUGa%2F2AcYJAv3d0mwR9tK15jbJxQebTBChKXz6BILiP%2BBQta%2B9UIxySS5rC9tcYbOANx%2FpZbzeVLKs82KgtBnWCERtTIZOfzJKq%2Fhw7nS0bHXBiCQuU%2BBo5l5Hpc80Uc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7cebb4e43-FRA
content-length
43
cf-request-id
0ad49c1adc00004e4384184000000001

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
X-Proxy-Origin
159.48.53.248; 159.48.53.248; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.75:80
AN-X-Request-Uuid
d0740e41-bd24-4e31-87cd-5877cae8786e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1808910678779486814
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 5B8B
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=a602aabb-9dca-4d47-aa6a-0b3c447b6663
43 B
350 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=a602aabb-9dca-4d47-aa6a-0b3c447b6663
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ceAVr3KTpQ5muhJQ9uyG6k5qf4KcQawCl4yskJWPcNyFwhEce2Sp9Gv6E96HqFEZRQazuiPu2%2Bd%2Fb%2FCu9eHMJTku07xuMG4fhF8juqw%2B%2FsMZei62CRd%2FV9%2BQLg6plwIScJaFKVYA%2BDO2%2Bb0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7ceae4e43-FRA
content-length
43
cf-request-id
0ad49c1adb00004e4352057000000001

Redirect headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9pnrbwntZk3JAyG9PeNYrmRG1jFQyU%2BISW%2FRHG%2FhEzsmdbBSgAlrfGxX2E2A87lnwuFkSbfzQCKsAxx%2F%2Fcj1Z0OI2OWHV0kZF7MJyfW5a3zcaE3%2B5elLF6rusfOVKaE006FzMHa33Wy3"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=a602aabb-9dca-4d47-aa6a-0b3c447b6663
cf-ray
663462d6ab334e43-FRA
content-length
0
cf-request-id
0ad49c1a2500004e435204b000000001
us
sync.go.sonobi.com/ Frame 5B8B
0
478 B
Image
General
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 719A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f8b6378636d588393a8db892e3259547b058bc40c9005615f7c91dc67dc7dcea

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3204; CMID=YNGqwfesQyNWdvWyLYu6IQAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|45|241|230|73|3|57|81
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1794
Expires
Tue, 22 Jun 2021 09:17:53 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Connection
keep-alive
Set-Cookie
CMID=YNGqwfesQyNWdvWyLYu6IQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 22 Jun 2022 09:17:53 GMT CMPS=3204;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 20 Sep 2021 09:17:53 GMT CMPRO=1178;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 20 Sep 2021 09:17:53 GMT CMST=YNGqwWDRqsEA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 23 Jun 2021 09:17:53 GMT CMRUM3=0360d1aac105a0&e660d1aac12760&3960d1aac105a0&2760d1aac10b40&f160d1aac105a0&5160d1aac105a0&4960d1aac105a0&2d60d1aac105a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 22 Jun 2022 09:17:53 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Tue, 22 Jun 2021 09:17:53 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Connection
keep-alive
Set-Cookie
CMID=YNGqwfesQyNWdvWyLYu6IQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 22 Jun 2022 09:17:53 GMT CMPS=3204;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 20 Sep 2021 09:17:53 GMT
/
ssc-cms.33across.com/ps/ Frame 958A
0
0
Document
General
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
33XP005 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
2000208
server
33XP005
date
Tue, 22 Jun 2021 09:17:52 GMT
/
onetag-sys.com/usync/ Frame 318D
2 KB
818 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
Cookie set uc.html
sync.go.sonobi.com/ Frame 3995
43 B
551 B
Document
General
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YNGqx; path=/; domain=.go.sonobi.com
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 579A
14 KB
5 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=28207
expires
Tue, 22 Jun 2021 17:08:00 GMT
date
Tue, 22 Jun 2021 09:17:53 GMT
vary
Accept-Encoding
setuid
sync.quantumdex.io/ Frame 791D
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-b4a7d6ae-6801-4fc4-b8a8-cbddd096ea94
43 B
347 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-b4a7d6ae-6801-4fc4-b8a8-cbddd096ea94
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Yvdlptuvl7PF8rPtILc3q2nyX4InvSKWk7GDZocXtPaYdGzlbvSX%2BEPXRye3fcWn%2FsOtpPPG3xtGSb%2BxpTVNnYcQkwNoVF%2Bwg7UWti90PYmersYjAkfysQ9sDH%2FjFKq4z%2BsrD3r2RjFW9OI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d888e84e43-FRA
content-length
43
cf-request-id
0ad49c1b5600004e43aa083000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-b4a7d6ae-6801-4fc4-b8a8-cbddd096ea94
date
Tue, 22 Jun 2021 09:17:53 GMT
server
Apache-Coyote/1.1
content-length
0
setuid
sync.quantumdex.io/ Frame 791D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4783870619476292446
43 B
343 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4783870619476292446
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RtXr6GgVQMG2VhfNEBmoWf0X5Rrk7VqjTGD7JfnQCmAlfc2o0wjRWQcOxXKUm0bp6yfQzghVPN7%2FI%2BZEUpau7a96czoPxlKkPVvl2VpxpoUE7OLKn3R7ZS%2FXqG2M8AW1Vq7aPM31vF5qLzw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7ae4d4e43-FRA
content-length
43
cf-request-id
0ad49c1ac800004e438c37b000000001

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
X-Proxy-Origin
159.48.53.248; 159.48.53.248; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.238:80
AN-X-Request-Uuid
6780453b-df10-460a-9784-7aaee27674f9
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4783870619476292446
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 791D
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb90999c9-d33a-11eb-b67c-02efc58c1128
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb90999c9-d33a-11eb-b67c-02efc58c1128
43 B
341 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb90999c9-d33a-11eb-b67c-02efc58c1128
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=F3YeLqhMRpSYM9oA63d1C5XSsFk2O9vlGo2mxeT7RfwVIsMqFXJaijHfu94R9%2BJkx7Q3rDeoPHLhnIzZF5v8SQjRVj6lVPtYykCyF74fnMpqjFyao0IgNN4f89%2FASetoIFkVCR9o3ZXMUQs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7def14e43-FRA
content-length
43
cf-request-id
0ad49c1ae900004e4352058000000001

Redirect headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb90999c9-d33a-11eb-b67c-02efc58c1128
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 791D
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=005d0449477af5fadc10065e
43 B
378 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=005d0449477af5fadc10065e
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:54 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WuTEJX%2FympNQs9lXXeoE%2BMGJwKiJCUS5DjpHxsEVMrcJWU9Q0MLCAnaJ2FtvM4wbrIIJY0sBYppm4xGrcz8r0py1Cgr29JIx5imH8VHrYV9bCROA%2FC98rOpcSTXRoAR%2BNltvOlJwUeTsp5g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d75d5b4e43-FRA
content-length
43
cf-request-id
0ad49c1a9900004e43a29a2000000001

Redirect headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=005d0449477af5fadc10065e
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame 791D
Redirect Chain
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=61e7b019d7d1b74d282592b287201fb615ecbe76
43 B
341 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=adman&uid=61e7b019d7d1b74d282592b287201fb615ecbe76
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:54 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4GkHdPDCvmArnEHWfvD5QtIU0ZHUbI4xeWWBmKQJeWLlPZXq1P6sRT02bMarHDI8j0oLzTgV3N1YgdQinJDsvuh1C7dAZVi%2Bgnd2Zvzmw7SgpvFwSQRnTBpljCdie7WJbbom7W8zS7wTI%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d888ef4e43-FRA
content-length
43
cf-request-id
0ad49c1b5900004e4349a98000000001

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=adman&uid=61e7b019d7d1b74d282592b287201fb615ecbe76
Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
setuid
sync.quantumdex.io/ Frame 791D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-QZlHqQpE2uEUzHHhyUdLTpzCTS9QEaHytQWh2Wo-~A
43 B
341 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-QZlHqQpE2uEUzHHhyUdLTpzCTS9QEaHytQWh2Wo-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:54 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nA2Z0BFsVIcwtM5RxABdxIfxvXBV6%2BJKn2jsSQlxA76oNnOXqiRoRPJmsGdqBamUdlS8opoTI2tb4qmumJDf%2F%2Fdr0t4Sx1n9jrW7Q0VSebjO4iIX4D6aLURLo7y4%2FLf03skfxOQC40LLF6s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7defa4e43-FRA
content-length
43
cf-request-id
0ad49c1aed00004e43a29ac000000001

Redirect headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-QZlHqQpE2uEUzHHhyUdLTpzCTS9QEaHytQWh2Wo-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 791D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1808910678779486814
43 B
483 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1808910678779486814
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5lT99X%2F3Z3%2BSOabaXpg09DzUgOMUxzqxE1igH%2BSZ%2FRSFaVBe6q0Y2tAXLgKivN4IM2CcV8DSZGL1kcsm4c9Tjhz8QPdDZd9%2Ff4raK3wXGvY9s3WCdVFUdr4SCQRdAtRwiLdOzNqzCq3C0ZY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d899244e43-FRA
content-length
43
cf-request-id
0ad49c1b6200004e43aa086000000001

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
X-Proxy-Origin
159.48.53.248; 159.48.53.248; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.78:80
AN-X-Request-Uuid
c43b1319-6327-4a7d-a82f-d1dc959dd830
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1808910678779486814
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 791D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1808910678779486814
43 B
338 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1808910678779486814
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jZTT66o5vhdkpgm6Pb1RFf4giG5dLRi9WJkG5usVkwAonlewpUt1XcH8U%2BmeO84NY0ipWy0XqKPu3T3O90oSAYfw22q7xVtxRqEx6VVYxw9bgaHSD2pufzgGuKmKMg5qkDa6E5ITIzoZfm4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7cebd4e43-FRA
content-length
43
cf-request-id
0ad49c1add00004e43709e4000000001

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
X-Proxy-Origin
159.48.53.248; 159.48.53.248; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.145:80
AN-X-Request-Uuid
7017245e-b38c-40f0-a217-8b9c4bfc21c4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1808910678779486814
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 791D
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=3e02c13a-cc97-400d-a207-7e1f5f88b299
43 B
355 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=3e02c13a-cc97-400d-a207-7e1f5f88b299
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PF1vV0xvWDuxQe6a1so9fsjNlVAAq%2BSVwLMHZog1rMxpxBE6VPlKxqpR1goGOIAsYJ6HROPpttvK%2FyFU8kLw3zRma4zHcJDZyHyPqg5cuuQ3t9uDM2rv%2BfxRtvUBGu8j%2B7KBLMFd1MbjjgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d82fc14e43-FRA
content-length
43
cf-request-id
0ad49c1b2600004e43690de000000001

Redirect headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2F8Xy7PxcJXDZoZ2GZ6P70KPpkwQ%2FoHLV7wznvgW5jwAE%2BtIX1EBqnezEHu95SSRh0rIrBzfEomEqERSVJwcMH8A8pdskH4xAkl46UMWCv8LP4K7WXZM2wiq%2FcGskcwL%2FDpxXfWv00U8m"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=3e02c13a-cc97-400d-a207-7e1f5f88b299
cf-ray
663462d6ab604e43-FRA
content-length
0
cf-request-id
0ad49c1a2e00004e435982b000000001
us
sync.go.sonobi.com/ Frame 791D
0
474 B
Image
General
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame D3E5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc51ffe1d64b9df77fbcffab2c0b8db5a1b495a8addfa1b43410389a424e9850

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3204; CMID=YNGqwfesQyNWdvWyLYu6IQAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|241|45|230|90|191|239|65
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1840
Expires
Tue, 22 Jun 2021 09:17:53 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Connection
keep-alive
Set-Cookie
CMID=YNGqwfesQyNWdvWyLYu6IQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 22 Jun 2022 09:17:53 GMT CMPS=3204;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 20 Sep 2021 09:17:53 GMT CMPRO=1178;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 20 Sep 2021 09:17:53 GMT CMST=YNGqwWDRqsEA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 23 Jun 2021 09:17:53 GMT CMRUM3=5a60d1aac105a0&f160d1aac105a0&2760d1aac10b40&2d60d1aac105a0&ef60d1aac105a0&e660d1aac12760&bf60d1aac105a0&4160d1aac105a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 22 Jun 2022 09:17:53 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Tue, 22 Jun 2021 09:17:53 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Connection
keep-alive
Set-Cookie
CMID=YNGqwfesQyNWdvWyLYu6IAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 22 Jun 2022 09:17:53 GMT CMPS=3204;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 20 Sep 2021 09:17:53 GMT
/
ssc-cms.33across.com/ps/ Frame 8606
0
0
Document
General
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
33XP005 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
2000208
server
33XP005
date
Tue, 22 Jun 2021 09:17:52 GMT
/
onetag-sys.com/usync/ Frame 43F7
2 KB
818 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
Cookie set uc.html
sync.go.sonobi.com/ Frame A80C
43 B
551 B
Document
General
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YNGqx; path=/; domain=.go.sonobi.com
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 42DA
14 KB
5 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=28207
expires
Tue, 22 Jun 2021 17:08:00 GMT
date
Tue, 22 Jun 2021 09:17:53 GMT
vary
Accept-Encoding
setuid
sync.quantumdex.io/ Frame 63F4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1808910678779486814
43 B
369 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1808910678779486814
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yw1GfQkHz3zY%2FxTpC1uigZPG1t0r%2FI1IuodOOTQ2hRZMhfA6v1%2FH%2FEewo38j0VXYaPdCuOqR0QEFsJY8SBgRps1CdJdhqsez1CtnREQeSZzHzYFX%2BpuJ2HnpgisvUoMzEZFQcwF5Pk5u%2BXY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7cec04e43-FRA
content-length
43
cf-request-id
0ad49c1add00004e437d116000000001

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
X-Proxy-Origin
159.48.53.248; 159.48.53.248; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.49:80
AN-X-Request-Uuid
f5ae785f-244f-485e-a4df-9be9e44463dd
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1808910678779486814
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 63F4
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb9124c77-d33a-11eb-b15b-024864d1a278
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb9124c77-d33a-11eb-b15b-024864d1a278
43 B
347 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb9124c77-d33a-11eb-b15b-024864d1a278
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7QjuPxNOVUdCos1Xe3dPWnc2au%2FNQ4Ku00Fk%2FxV8g83yz%2BrIm41lVLfx9q7V1iNzo0wJAU1J8J6pg%2F1dpCiXPSbY%2FivlXGChmwPHDD9%2BNzoGi5MjnDFwfuNwPWkZOiCCTCLWFwTQVvVmXKo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7ef394e43-FRA
content-length
43
cf-request-id
0ad49c1af500004e437f847000000001

Redirect headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb9124c77-d33a-11eb-b15b-024864d1a278
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 63F4
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=87de54acf6133004306388a2
43 B
349 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=87de54acf6133004306388a2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zD%2Ft2PvR%2FRhaxz2vRWphtplsTGEv1%2Fm07MvOX%2Fjl%2FLnxdiQ%2BBTtMjZEGoGhPn8YuxEmUopPH%2BTTV7jdqK540kSplrqiJkBJsw5NQfVPJB2R5iqz5J3D6nyyxKi6ZbKqrRM3BSUgKPjCbFZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d76d744e43-FRA
content-length
43
cf-request-id
0ad49c1aa100004e4373315000000001

Redirect headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=87de54acf6133004306388a2
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame 63F4
Redirect Chain
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=61e7b019d7d1b74d282592b287201fb615ecbe76
43 B
340 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=adman&uid=61e7b019d7d1b74d282592b287201fb615ecbe76
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=efZdhKOjMo1ooCMfQPUxMakuZHOIIKdyY3d9gpZ2sbxycO7fTkBzTM12kaVLdMImafNf62XBlAw21WiAasHoN0VQrINv2fKi3zkbcZFt66QGwfd%2BNYohYeuhr%2B2t7EwEFUbax8HU10%2Bjohc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d93acb4e43-FRA
content-length
43
cf-request-id
0ad49c1bc300004e433834c000000001

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=adman&uid=61e7b019d7d1b74d282592b287201fb615ecbe76
Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
setuid
sync.quantumdex.io/ Frame 63F4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JgDLHRRE2uHl8_aGloXHpCHeyxB8XnoSf4tC2jU-~A
43 B
366 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JgDLHRRE2uHl8_aGloXHpCHeyxB8XnoSf4tC2jU-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pTUjBEJPNVQm960pZ5x19f1WwTLILReOmLstE4lpzIp5k1Rem2%2BjZe7bUX9rNwCcC9gacMdJ3hMKRZ4jnmUUKbRnXuJAkbg5Gj%2FFsfd%2BLWgJLxaglWkOs06yi0mblf7%2FNqdy4qmQXxBXapc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d76d7c4e43-FRA
content-length
43
cf-request-id
0ad49c1aa200004e4363817000000001

Redirect headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JgDLHRRE2uHl8_aGloXHpCHeyxB8XnoSf4tC2jU-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 63F4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1808910678779486814
43 B
352 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1808910678779486814
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0rfS6t28TvjQK2a2JS0aTo7sQ6SnRvM1P0X5RIl6dFl13NmU8Bta2%2Be6lCpHVyfoPzLFMnx%2B6tnUde3nUhxOpT0MUN7huOE5wyGJsVLVX0PBwl0PDzBHDRkjMHHPJ4n0AkbQ2g0K%2BQRa8kc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7cece4e43-FRA
content-length
43
cf-request-id
0ad49c1ae000004e439dbc8000000001

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
X-Proxy-Origin
159.48.53.248; 159.48.53.248; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.167:80
AN-X-Request-Uuid
50ab13db-c81e-4918-9f5d-7d1692c35ab8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1808910678779486814
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 63F4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4052093728269332812
43 B
343 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4052093728269332812
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=D1CkuG91Vzv%2FHnQIX8Xrkv7yIus6lvGpePGfDx20BZffTAB0gd%2FsNaFNlwFyRLBkbEZcmwNru3Q1DNUvMXg20EJLSlXkWL054y2YqUJqUFzDE1MGBjB4iZmH0%2BwEd2ozhmox8LbEkkDP1Q0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d80f684e43-FRA
content-length
43
cf-request-id
0ad49c1b0100004e4349a8c000000001

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
X-Proxy-Origin
159.48.53.248; 159.48.53.248; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.74:80
AN-X-Request-Uuid
2ddd5697-4836-4eeb-abdd-4a801ad69ec2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4052093728269332812
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 63F4
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=515db520-859e-4e9c-a880-006b3854fe15
43 B
340 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=515db520-859e-4e9c-a880-006b3854fe15
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:54 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kximU30gv1GwW45mGTko2AFAF8W2lMOqkLPt76fYQLcL1g78Vv7qlbqdL6SVBX7jykfA50Ro2JbTQE%2F%2FbobnGeCsw5HsCHk0ROtzwXrca3fdnuqYwOPnMVX4lgcYvqegDyMJXVF1ziiqqRs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7be844e43-FRA
content-length
43
cf-request-id
0ad49c1ad400004e43a29a8000000001

Redirect headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cbqXkjhL7klOtm4AIJoDHw8xql2TQhtRQK41RUuUPJYsb1Csq5ap3CmIxaH7ea7Q2Ji6NLQA9nddmw4NAqx5BiZanTBvNPGRkGUqkNXw4NTO2r0QydLN1GE8QGuUj3R8WkbDU7HPBLFX"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=515db520-859e-4e9c-a880-006b3854fe15
cf-ray
663462d6cbaa4e43-FRA
content-length
0
cf-request-id
0ad49c1a4200004e43781db000000001
us
sync.go.sonobi.com/ Frame 63F4
0
474 B
Image
General
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 63F4
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-09b3d1a2-802f-4675-93d8-7e2548876692
43 B
366 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-09b3d1a2-802f-4675-93d8-7e2548876692
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=y%2Fn%2FuGwhgEzXcoFP78%2FV2IHesRj0npkFlvLkeiI%2BJei8hy1AKxdZ6UuIQmBD3t6OveWF34Hn8xPmWehpqupbPhkLLb5J4QMJnahsgcuESY0SE0gy3prrPocxuX0BzRaUqdO8J5LWLRYSOF4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d888e64e43-FRA
content-length
43
cf-request-id
0ad49c1b5600004e4347b27000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-09b3d1a2-802f-4675-93d8-7e2548876692
date
Tue, 22 Jun 2021 09:17:53 GMT
server
Apache-Coyote/1.1
content-length
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 6DC4
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
10823aa5ea5ae05fed2f5493c17dffb63b5787cfe80c61d26ed02ea0c4c1deb1

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3204; CMID=YNGqwZpQzfu-ft0J-vesqAAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|45|241|5|195|130|4
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1712
Expires
Tue, 22 Jun 2021 09:17:53 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Connection
keep-alive
Set-Cookie
CMID=YNGqwZpQzfu-ft0J-vesqAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 22 Jun 2022 09:17:53 GMT CMPS=3204;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 20 Sep 2021 09:17:53 GMT CMPRO=1152;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 20 Sep 2021 09:17:53 GMT CMRUM3=0560d1aac105a0&c360d1aac105a00&e660d1aac12760&0460d1aac105a0&8260d1aac1a8c0&2d60d1aac105a0&f160d1aac105a0&2760d1aac10b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 22 Jun 2022 09:17:53 GMT CMST=YNGqwWDRqsEA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 23 Jun 2021 09:17:53 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Tue, 22 Jun 2021 09:17:53 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Connection
keep-alive
Set-Cookie
CMID=YNGqwZpQzfu-ft0J-vesqAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 22 Jun 2022 09:17:53 GMT CMPS=3204;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 20 Sep 2021 09:17:53 GMT
/
ssc-cms.33across.com/ps/ Frame F245
0
0
Document
General
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
33XP004 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
2000208
server
33XP004
date
Tue, 22 Jun 2021 09:17:53 GMT
/
onetag-sys.com/usync/ Frame C360
2 KB
818 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
Cookie set uc.html
sync.go.sonobi.com/ Frame 295C
43 B
551 B
Document
General
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YNGqx; path=/; domain=.go.sonobi.com
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 906B
14 KB
5 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=28207
expires
Tue, 22 Jun 2021 17:08:00 GMT
date
Tue, 22 Jun 2021 09:17:53 GMT
vary
Accept-Encoding
setuid
sync.quantumdex.io/ Frame C86C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4052093728269332812
43 B
477 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4052093728269332812
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6HlbykycRYcpOpoeu9vo%2FY5t6Ux0tw8SCzdeiyS8ljv8wBdYBNWpuXMf9EU7nfhO6SqFVzOs3B7QyrCCR2TBtaKGfEr1UeS4vhATQYJOpypHnYi%2FEepPmMz2T73hLOFTvuNKsAzAqcmofLA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7ff5e4e43-FRA
content-length
43
cf-request-id
0ad49c1aff00004e43a190b000000001

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
X-Proxy-Origin
159.48.53.248; 159.48.53.248; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.242:80
AN-X-Request-Uuid
7d41d58e-5b0a-49f6-8d48-80f1052b8e11
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4052093728269332812
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame C86C
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=005d0449477af5fadc10065e
43 B
340 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=005d0449477af5fadc10065e
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZI5L9r9KFVYn5maXZ5XchpPfRJ9iTRmnZx61PnrU0hb8tBE6bWjRvtdF8qNvXxCYGnzVCidIhfjnose5pQNIx0rv5kHrHcrhSPAPIKO5WSmgM2YZRk%2F79vNQ9yRxTnOpnXmlIPHdMd71UhM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d77dc04e43-FRA
content-length
43
cf-request-id
0ad49c1ab000004e436381a000000001

Redirect headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=005d0449477af5fadc10065e
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame C86C
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb90cce01-d33a-11eb-b4c8-065a80081292
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb90cce01-d33a-11eb-b4c8-065a80081292
43 B
369 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb90cce01-d33a-11eb-b4c8-065a80081292
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kSV5w%2FxKt3lC4KoVj%2BdDQTTd%2BgS8apkR4zSOPbTioqy47NeiTSQGbJP2ISLKbxj1VXXXl2hBbjpfszWu1IsQTlxP94h4%2BZrPLqHnl28xwZfXnF%2BAABLnJzSY5rsZ8bWyZuftdxhN1sDTwW0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7ef354e43-FRA
content-length
43
cf-request-id
0ad49c1af400004e4359841000000001

Redirect headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb90cce01-d33a-11eb-b4c8-065a80081292
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame C86C
Redirect Chain
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=61e7b019d7d1b74d282592b287201fb615ecbe76
43 B
340 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=adman&uid=61e7b019d7d1b74d282592b287201fb615ecbe76
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=q16Vephu7NrqLrdW0WLegAHmd%2F8lHlbtt%2BAobp24wkrNOf%2BLWASayPASjA1XZVVspjqgxCdyVT27aeh3Av1E8KtAHnfZquA6fJespVlHzFcdC2v7xDnTaKgoE4tWIy6Oc3UMvY6S8SehTwQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d93ad04e43-FRA
content-length
43
cf-request-id
0ad49c1bc300004e43a80fb000000001

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=adman&uid=61e7b019d7d1b74d282592b287201fb615ecbe76
Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
setuid
sync.quantumdex.io/ Frame C86C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JgDLHRRE2uHl8_aGloXHpCHeyxB8XnoSf4tC2jU-~A
43 B
356 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JgDLHRRE2uHl8_aGloXHpCHeyxB8XnoSf4tC2jU-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SenkkEyWd%2B9dBKcwN9NMZrshTD4tgArluNrprvN1YZQcMKpHfcHTojo4Jgraq9p3kQcTBjy8rtPjy1C3BhdaYbV%2BWhE%2F1LkiTY87h1i86sntiqrwUCo2byMzWrgi%2BzaH%2Ft7x3%2FsS%2Fpus2v8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d77de34e43-FRA
content-length
43
cf-request-id
0ad49c1abe00004e43709de000000001

Redirect headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JgDLHRRE2uHl8_aGloXHpCHeyxB8XnoSf4tC2jU-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame C86C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=931814452106676262
43 B
342 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=931814452106676262
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rdKexRAAbmU7IBi2HYQEpIt3IgvxT0TfKNl0jfFkA2gAtK1Sq3J5gBfn2pxwtcHdOdFmNvgXL%2F1pSMM8DAXrhQ33m5Cbes7lwHcMf3Mr7RoE%2BFPyrFkrXuVIiZf3%2FQTouqghL%2Bs4y56jc6g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7ceb74e43-FRA
content-length
43
cf-request-id
0ad49c1adc00004e43608bb000000001

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
X-Proxy-Origin
159.48.53.248; 159.48.53.248; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.59:80
AN-X-Request-Uuid
987e0f47-a64b-44f7-bb32-5dcda90aad9a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=931814452106676262
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame C86C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2976178559415520495
43 B
351 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2976178559415520495
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ylisu0qp9SHmnX3tpk0saNfi9cCMoxF7lEYBIhtyVzmnYPd1u%2FTnkL64gZfja0qhqSxIfKarG0ZMkuGCqMFhTh7Yzk%2FmFVSLYszgB4M3GIdeJbRFw0EnBKxfsBHjlurjHcRVK7KborJLryQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7ef324e43-FRA
content-length
43
cf-request-id
0ad49c1af200004e4355312000000001

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
X-Proxy-Origin
159.48.53.248; 159.48.53.248; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.82:80
AN-X-Request-Uuid
2a89feab-9c1f-4d85-877c-b1c1598d98d1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2976178559415520495
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame C86C
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=594b67f9-850c-49a2-8b4c-4d91fbc47c90
43 B
347 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=594b67f9-850c-49a2-8b4c-4d91fbc47c90
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CKb%2Fti4QZAIustKRi%2BMgzy%2BJfse0MUeYZ44i5zH2QACjnZOZNsRqrNktF2QoPKPOF0UF%2BiGFbA9AJJu0O3RqLJKf2u1SZV8A2Mnbat8Pf0QXyNQ4Y%2FYam1ki%2F41YLYn%2BW0gmKtN0VRLfCk0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d858804e43-FRA
content-length
43
cf-request-id
0ad49c1b3d00004e43388c7000000001

Redirect headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jvVWWs9GZRk9v39c9LSbPyAXUaYouuHAXSCePDmoQxavu%2B%2FJ2W4Pq0476XznZOJqIL8%2F56FR%2FtD9agc%2BX4tLAx2aIpapYko2e79DIqoqUErzutZbA6e23kxhQEPVPP5p5x51S3uAk1DE"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=594b67f9-850c-49a2-8b4c-4d91fbc47c90
cf-ray
663462d6ec0a4e43-FRA
content-length
0
cf-request-id
0ad49c1a5500004e43709d1000000001
us
sync.go.sonobi.com/ Frame C86C
0
474 B
Image
General
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame C86C
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-a78ce25b-9ef3-4ed1-b333-f50ac19217ef
43 B
341 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-a78ce25b-9ef3-4ed1-b333-f50ac19217ef
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rA7433TxJgW%2Bfk3fG50gsg%2Fr4S6cwMcTVF5KQbB2SvFIz9yubeYLYuSxTYayj2cVXyjYlsrVs4AqBv9rPyrl6DM1N0NK21kmkFJdjy9vQRgpGZGBgq0tYJnkHzs%2BbJo83qkeCshm7yQt0uc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d888e74e43-FRA
content-length
43
cf-request-id
0ad49c1b5600004e437f854000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-a78ce25b-9ef3-4ed1-b333-f50ac19217ef
date
Tue, 22 Jun 2021 09:17:53 GMT
server
Apache-Coyote/1.1
content-length
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 5E49
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5992827f94b027807e68b98f98da90d8be5bdf838a86581d5739fe6f07b571bc

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3204; CMID=YNGqwfesQyNWdvWyLYu6IwAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|45|241|230|47|5|13|152
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1821
Expires
Tue, 22 Jun 2021 09:17:53 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Connection
keep-alive
Set-Cookie
CMID=YNGqwfesQyNWdvWyLYu6IwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 22 Jun 2022 09:17:53 GMT CMPS=3204;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 20 Sep 2021 09:17:53 GMT CMPRO=1184;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 20 Sep 2021 09:17:53 GMT CMRUM3=2d60d1aac105a0&2760d1aac10b40&f160d1aac105a0&0d60d1aac105a0&0560d1aac105a0&2f60d1aac105a0&9860d1aac105a00&e660d1aac12760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 22 Jun 2022 09:17:53 GMT CMST=YNGqwWDRqsEA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 23 Jun 2021 09:17:53 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Tue, 22 Jun 2021 09:17:53 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Connection
keep-alive
Set-Cookie
CMID=YNGqwfesQyNWdvWyLYu6IwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 22 Jun 2022 09:17:53 GMT CMPS=3204;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 20 Sep 2021 09:17:53 GMT
/
ssc-cms.33across.com/ps/ Frame 45A8
0
0
Document
General
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
33XP003 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
200000000000000002000208
server
33XP003
date
Tue, 22 Jun 2021 09:17:52 GMT
/
onetag-sys.com/usync/ Frame 734A
2 KB
818 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
Cookie set uc.html
sync.go.sonobi.com/ Frame 7EC2
43 B
551 B
Document
General
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YNGqx; path=/; domain=.go.sonobi.com
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F956
14 KB
5 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=28207
expires
Tue, 22 Jun 2021 17:08:00 GMT
date
Tue, 22 Jun 2021 09:17:53 GMT
vary
Accept-Encoding
setuid
sync.quantumdex.io/ Frame 71FA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6562459018269791952
43 B
349 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6562459018269791952
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=f9HG4LYRzlEXo1bIYbE66CjG5xt9GNj%2FaygR97ZZT%2FkuORvQF3%2F9%2FriAHH%2FvzV6clZi6j%2BOycFFqGJWSIq%2F0nJIwYgkvgdN5x4cl5s18gdTi5mXXqfKgxsrb43ZfTHXaFwYd0qrYXJQQWno%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7ef3f4e43-FRA
content-length
43
cf-request-id
0ad49c1af600004e438c8ef000000001

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
X-Proxy-Origin
159.48.53.248; 159.48.53.248; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.45:80
AN-X-Request-Uuid
18d32aa7-1b31-4934-9b68-d5f465cb4ff0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6562459018269791952
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 71FA
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=87de54acf6133004306388a2
43 B
348 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=87de54acf6133004306388a2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zVDb2bk5%2B%2BPdXCmor8dF3XQEKhhkpBW7bmXh%2BNEmdBgVy0hjFOhsEhBbfb%2BiDF30MflkyCrOTPBCw7BZUb3dK4KnmY0lxtEE9N2%2B7tPLJndVGI0JEsf%2Bet4gMtXN29t56cYGV1XZ0Y%2F82TQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d79e1b4e43-FRA
content-length
43
cf-request-id
0ad49c1ac100004e43871f8000000001

Redirect headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=87de54acf6133004306388a2
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame 71FA
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb90999c9-d33a-11eb-b67c-02efc58c1128
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb90999c9-d33a-11eb-b67c-02efc58c1128
43 B
480 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb90999c9-d33a-11eb-b67c-02efc58c1128
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZEXHe7xcZOVA9ds2%2FcvXNwMgfP5VKCwSzBp%2B7ryYDKdBso4BvlL5BquVBrpMq9r96g2SqiKl1QlmOqyzbNR11Y%2BiaytQE6BuGUFRjT9cJpQrCDVY5HKSx1HoI4r%2BhJZdnQ9RH8v50fPBVnY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d79e174e43-FRA
content-length
43
cf-request-id
0ad49c1ac100004e43a80dc000000001

Redirect headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb90999c9-d33a-11eb-b67c-02efc58c1128
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 71FA
Redirect Chain
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=61e7b019d7d1b74d282592b287201fb615ecbe76
43 B
480 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=adman&uid=61e7b019d7d1b74d282592b287201fb615ecbe76
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6ksx1s1LFB5pXHe6bRAmcy6R5AfeUcbHXrgGcKaEDWSWFGEF5kkuQphErGY8t%2FiD7DXoz3u31k2fv8E0HLoAzHXTn%2FVqly2fi6BT85Nglkzmgii%2F35zKQV%2BQ67H9M3kcWUVme8sLui%2Fk7bw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d9dc584e43-FRA
content-length
43
cf-request-id
0ad49c1c2600004e4387229000000001

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=adman&uid=61e7b019d7d1b74d282592b287201fb615ecbe76
Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
setuid
sync.quantumdex.io/ Frame 71FA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=2976178559415520495
43 B
344 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=2976178559415520495
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=d1LToeqXq0veu%2BFRDJPNaE%2BC3TnN%2Fs0IjP2L9JYrBkzKsXPVYpgaHBqe7mV69JS5ze91KYVGxNkyISKy5Nu3FDC4K0CJG3YJLuhCFfOCk27Z83PJq2TKYAZVca18HMRRGMb1A4zXZkWAOLw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7ef2f4e43-FRA
content-length
43
cf-request-id
0ad49c1af100004e43871ff000000001

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
X-Proxy-Origin
159.48.53.248; 159.48.53.248; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.234:80
AN-X-Request-Uuid
57ce2b66-2ce8-462a-a5d3-10fd837540a0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=2976178559415520495
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 71FA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-QZlHqQpE2uEUzHHhyUdLTpzCTS9QEaHytQWh2Wo-~A
43 B
355 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-QZlHqQpE2uEUzHHhyUdLTpzCTS9QEaHytQWh2Wo-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vLWv4%2B6JT%2BLYLYJcgrHAVtM%2Bf4FKHid2nZd8lCeQbeSkJBFiajwo%2FLnSSw2cBMkmMiddY6H7ehMh2UWNWyJKp2wBYOp1ir4gDi6jQ5%2BrEIqiDI02tNQWILZ7Q6ksD2ACfmsvhgyAdj85QOc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d74d3a4e43-FRA
content-length
43
cf-request-id
0ad49c1a9200004e4374055000000001

Redirect headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-QZlHqQpE2uEUzHHhyUdLTpzCTS9QEaHytQWh2Wo-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 71FA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6562459018269791952
43 B
341 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6562459018269791952
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ill4T%2F6f8J8B1WoKLkVTPntTJzvTlo1Ofu5XouR5WDDBvgUK1ahkenqhVTWF%2BlIuZBvF%2B4NovBhE5w985OsPmWysbfS8FR9LiMIeJmaEqzhX3stFPey2SieGVHYRKK9UD76Gt9KSl7sscLg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7ff614e43-FRA
content-length
43
cf-request-id
0ad49c1b0000004e437a8ba000000001

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
X-Proxy-Origin
159.48.53.248; 159.48.53.248; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.111:80
AN-X-Request-Uuid
566b23b0-bb57-487d-99b4-ea9b39d1ba7a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6562459018269791952
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 71FA
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=4d79795e-8753-4335-976b-842c0cf5b640
43 B
344 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=4d79795e-8753-4335-976b-842c0cf5b640
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Il38mLKQqVMNpcSNbrzgnd3z995ZQneEInBhdbHsYh3srh5QBOmDcpps%2BggSmEcBGKUc2TQqXL1O9BUiPN%2B5YwxdEbYxHidvFiTuVF%2FDxLFy53Hjq5hMOMNtCDo0EuaI3RMnM00%2BCquq1Sk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7ceb14e43-FRA
content-length
43
cf-request-id
0ad49c1adb00004e43822aa000000001

Redirect headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RSDlgFp%2BGYqpjCqxrojD8IMagOBa%2Fr8zeOkego7IDrIIOLBa%2Fh2TOMWj8444z8svKsQO%2B8vAmjiDa9Hn4wpLQWrKnzmYPgctEJ%2BO0ezIH%2FcyDSgyeoaFKu0%2BxQptM21v5a5dH2MCS99Z"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=4d79795e-8753-4335-976b-842c0cf5b640
cf-ray
663462d70c404e43-FRA
content-length
0
cf-request-id
0ad49c1a6100004e438da00000000001
us
sync.go.sonobi.com/ Frame 71FA
0
478 B
Image
General
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 71FA
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-e933864f-0fc3-4e5a-8698-865077143572
43 B
345 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-e933864f-0fc3-4e5a-8698-865077143572
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zmsD%2FOWLb4Jksa1dhFDc0XwOpIA3%2FOPp5ucixCKCZ4yRj4G9QKFWRJkU9A03i4hZLmf4mD2nU32FRzbm5EY1oC33PQUcUPZkjtIxYX%2F5ZHJTsHVu%2BS7R%2FQRc5sj6e2KiapkU1Z3jZ54udGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d888e54e43-FRA
content-length
43
cf-request-id
0ad49c1b5600004e434d9d5000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-e933864f-0fc3-4e5a-8698-865077143572
date
Tue, 22 Jun 2021 09:17:53 GMT
server
Apache-Coyote/1.1
content-length
0
/
ssc-cms.33across.com/ps/ Frame 3CAE
0
0
Document
General
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
33XP001 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
2000208
server
33XP001
date
Tue, 22 Jun 2021 09:17:52 GMT
/
onetag-sys.com/usync/ Frame 684D
2 KB
818 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
Cookie set uc.html
sync.go.sonobi.com/ Frame C4B6
43 B
551 B
Document
General
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YNGqx; path=/; domain=.go.sonobi.com
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2486
14 KB
5 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=28207
expires
Tue, 22 Jun 2021 17:08:00 GMT
date
Tue, 22 Jun 2021 09:17:53 GMT
vary
Accept-Encoding
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 385D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a8fe0495bf1b05f19974ba77a74cebdf60579e3442ef915d75813bbc7b692a9a

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3204; CMID=YNGqwZpQzfu-ft0J-vesqgAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|45|241|46|206|3|218
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1932
Expires
Tue, 22 Jun 2021 09:17:53 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Connection
keep-alive
Set-Cookie
CMID=YNGqwZpQzfu-ft0J-vesqgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 22 Jun 2022 09:17:53 GMT CMPS=3204;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 20 Sep 2021 09:17:53 GMT CMPRO=1149;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 20 Sep 2021 09:17:53 GMT CMRUM3=2d60d1aac105a0&2e60d1aac105a0&2760d1aac10b40&f160d1aac105a0&ce60d1aac105a0&e660d1aac12760&da60d1aac12760&0360d1aac105a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 22 Jun 2022 09:17:53 GMT CMST=YNGqwWDRqsEA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 23 Jun 2021 09:17:53 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Tue, 22 Jun 2021 09:17:53 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Connection
keep-alive
Set-Cookie
CMID=YNGqwZpQzfu-ft0J-vesqgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 22 Jun 2022 09:17:53 GMT CMPS=3204;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 20 Sep 2021 09:17:53 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 579A
2 KB
3 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=10334410&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b656aa45e2fb0d8ce149c3e632721facc3c3f25078d1ab3dc423c1e410f2d0af

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
casale
match.adsrvr.org/track/cmf/ Frame D3E5
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YNGqwfesQyNWdvWyLYu6IQAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:17:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame D3E5
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwfesQyNWdvWyLYu6IQAABJoAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwfesQyNWdvWyLYu6IQAABJoAAAAB&dcc=t
43 B
433 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwfesQyNWdvWyLYu6IQAABJoAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwfesQyNWdvWyLYu6IQAABJoAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D3E5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNGqwZpQzfu-ft0J-vesqgAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YNGqwZpQzfu-ft0J-vesqgAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG5C9C6wxPgESRHYejMPjZ4&google_cver=1&gdpr=1
43 B
2 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG5C9C6wxPgESRHYejMPjZ4&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:18:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Jun 2021 09:18:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:18:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG5C9C6wxPgESRHYejMPjZ4&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame D3E5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNGqwfesQyNWdvWyLYu6IQAABJoAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YNGqwfesQyNWdvWyLYu6IQAABJoAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPekA2OIv9mP8l0aB1BPDcU&google_cver=1
43 B
315 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPekA2OIv9mP8l0aB1BPDcU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:18:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 22 Jun 2021 09:18:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:18:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPekA2OIv9mP8l0aB1BPDcU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D3E5
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=657DA4341BA84D3FBAE1E9FD88A9E3FE&gdpr=1
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=657DA4341BA84D3FBAE1E9FD88A9E3FE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Jun 2021 09:17:54 GMT

Redirect headers

date
Tue, 22 Jun 2021 09:17:54 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=657DA4341BA84D3FBAE1E9FD88A9E3FE&gdpr=1
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 21 Jun 2021 09:17:54 GMT
index
dmp.brand-display.com/cm/api/ Frame D3E5
43 B
253 B
Image
General
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:17:58 GMT
via
1.1 google
last-modified
Tue, 22 Jun 2021 09:17:58 GMT
server
nginx/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Tue, 22 Jun 2021 09:17:59 GMT
user-registering
ads.stickyadstv.com/ Frame D3E5
43 B
722 B
Image
General
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=YNGqwfesQyNWdvWyLYu6IQAA%261178&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:54 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1624353474611099-26
Expires
Tue, 22 Jun 2021 09:17:54 GMT
rum
dsum.casalemedia.com/ Frame D3E5
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1624439873&gdpr=1
43 B
315 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1624439873&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 22 Jun 2021 09:17:53 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1624439873&gdpr=1
pragma
no-cache
date
Tue, 22 Jun 2021 09:17:53 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
setuid
sync.quantumdex.io/ Frame D3E5
43 B
346 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YNGqwfesQyNWdvWyLYu6IQAABJoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ISFywh7%2B7lZ1%2F5jjUSxBN2sVEYKWcwsP%2BRA3QyGiuwquB3Ubd0LkQGiBUBFj1TLOsj3KTwWKIvOHtkmj03KVoow4O2yzhunp1jvlBySOAIZq%2F50WrWwR6%2BBfVUBAnca0RsDlCWNnKaFZviY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7be6f4e43-FRA
content-length
43
cf-request-id
0ad49c1ad000004e43709e2000000001
casale
match.adsrvr.org/track/cmf/ Frame 719A
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YNGqwfesQyNWdvWyLYu6IQAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:17:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 719A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNGqwZpQzfu-ft0J-vesqgAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YNGqwZpQzfu-ft0J-vesqgAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEI4rx5ymGez7LppCxFe5GDA&google_cver=1&gdpr=1
43 B
2 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEI4rx5ymGez7LppCxFe5GDA&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:18:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Jun 2021 09:18:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:18:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEI4rx5ymGez7LppCxFe5GDA&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 719A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwfesQyNWdvWyLYu6IQAABJoAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwfesQyNWdvWyLYu6IQAABJoAAAAB&dcc=t
43 B
433 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwfesQyNWdvWyLYu6IQAABJoAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwfesQyNWdvWyLYu6IQAABJoAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 719A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNGqwfesQyNWdvWyLYu6IQAABJoAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YNGqwfesQyNWdvWyLYu6IQAABJoAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJyT61tSd5bykklH90uFSJQ&google_cver=1
43 B
315 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJyT61tSd5bykklH90uFSJQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:18:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 22 Jun 2021 09:18:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:18:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJyT61tSd5bykklH90uFSJQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YNGqwfesQyNWdvWyLYu6IQAABJoAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 719A
43 B
920 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YNGqwfesQyNWdvWyLYu6IQAABJoAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 719A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=360160d1-aac2-4f00-bb32-801988af4efe&gdpr=1&gdpr_consent=
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=360160d1-aac2-4f00-bb32-801988af4efe&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Jun 2021 09:17:54 GMT

Redirect headers

Date
Tue, 22 Jun 2021 09:17:50 GMT
Server
MT3 3736 915c305 master zrh-pixel-x15
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=360160d1-aac2-4f00-bb32-801988af4efe&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 22 Jun 2021 09:17:49 GMT
crum
dsum-sec.casalemedia.com/ Frame 719A
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471596111178827
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471596111178827
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Jun 2021 09:17:55 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471596111178827
Date
Tue, 22 Jun 2021 09:17:55 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rum
dsum-sec.casalemedia.com/ Frame 719A
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=Pvosv2mrK78l-S3sbvhl6z__Krol_3G_P_rojl1P
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=Pvosv2mrK78l-S3sbvhl6z__Krol_3G_P_rojl1P
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Jun 2021 09:17:53 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:17:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=Pvosv2mrK78l-S3sbvhl6z__Krol_3G_P_rojl1P
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
setuid
sync.quantumdex.io/ Frame 719A
43 B
349 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YNGqwfesQyNWdvWyLYu6IQAABJoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0P%2B%2FU5VSWSJAuzcZZE%2BGkzd88%2FCvv63HQDdluVmEdj65UuZzCCPN103sCNbzo5Kn82e4KWyTei5cgamV%2FeXNo0RoksvjdxvwZbCaoIXth4poaNluQYh%2BCV5CJ8iTVLO84NZJ%2BXZOKlSYZqY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7be754e43-FRA
content-length
43
cf-request-id
0ad49c1ad100004e437331b000000001
casale
match.adsrvr.org/track/cmf/ Frame 6DC4
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YNGqwZpQzfu-ft0J-vesqAAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:17:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 6DC4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNGqwZpQzfu_ft0J_vesqAAABIAAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YNGqwZpQzfu_ft0J_vesqAAABIAAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEwu_e9HAxJNS3HyicfFZ4c&google_cver=1
43 B
315 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEwu_e9HAxJNS3HyicfFZ4c&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:18:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 22 Jun 2021 09:18:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:18:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEwu_e9HAxJNS3HyicfFZ4c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6DC4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNGqwZpQzfu-ft0J-vesqgAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YNGqwZpQzfu-ft0J-vesqgAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGtUfCQygpMbMthaaCuxSJ8&google_cver=1&gdpr=1
43 B
2 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGtUfCQygpMbMthaaCuxSJ8&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:18:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Jun 2021 09:18:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:18:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGtUfCQygpMbMthaaCuxSJ8&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 6DC4
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwZpQzfu_ft0J_vesqAAABIAAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwZpQzfu_ft0J_vesqAAABIAAAAAB&dcc=t
43 B
433 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwZpQzfu_ft0J_vesqAAABIAAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwZpQzfu_ft0J_vesqAAABIAAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ix
ad4m.at/ad/sim/ Frame 6DC4
0
0
Image
General
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

crum
dsum-sec.casalemedia.com/ Frame 6DC4
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-13e07987-f1ba-4af5-8be1-e5db2f624a20
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-13e07987-f1ba-4af5-8be1-e5db2f624a20
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Jun 2021 09:17:53 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-13e07987-f1ba-4af5-8be1-e5db2f624a20
date
Tue, 22 Jun 2021 09:17:53 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 6DC4
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAn9E7Bo1YAADf4JQroRw&expiration=1625563075&gdpr=1
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAn9E7Bo1YAADf4JQroRw&expiration=1625563075&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Jun 2021 09:17:55 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAn9E7Bo1YAADf4JQroRw&expiration=1625563075&gdpr=1
Date
Tue, 22 Jun 2021 09:17:55 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum-sec.casalemedia.com/ Frame 6DC4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3225279588603495307
43 B
1006 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3225279588603495307
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Jun 2021 09:17:53 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3225279588603495307
pragma
no-cache
date
Tue, 22 Jun 2021 09:17:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
setuid
sync.quantumdex.io/ Frame 6DC4
43 B
343 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YNGqwZpQzfu_ft0J_vesqAAABIAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9gbuA%2Fcko6wxzmoR%2BY0iMVkHJ4FAsPUuiGZi0yrk0b6LLqMLZbvl4efGdK060dw0%2Fw0F2tpMv90TmPz6lG5p6l3b%2B0YMdxhaR88%2BqCtQ6Fff3wVcWBO0bJ2MsFc6DuZohbudjfFZCmXKly4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7cea84e43-FRA
content-length
43
cf-request-id
0ad49c1ada00004e437a8b4000000001
casale
match.adsrvr.org/track/cmf/ Frame 5E49
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YNGqwfesQyNWdvWyLYu6IwAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:17:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 5E49
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNGqwZpQzfu-ft0J-vesqgAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YNGqwZpQzfu-ft0J-vesqgAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB_kLkQwOtsbRk-DbaCrOnY&google_cver=1&gdpr=1
43 B
2 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB_kLkQwOtsbRk-DbaCrOnY&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:18:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Jun 2021 09:18:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:18:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB_kLkQwOtsbRk-DbaCrOnY&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 5E49
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwfesQyNWdvWyLYu6IwAABKAAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwfesQyNWdvWyLYu6IwAABKAAAAIB&dcc=t
43 B
433 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwfesQyNWdvWyLYu6IwAABKAAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:54 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwfesQyNWdvWyLYu6IwAABKAAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 5E49
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNGqwfesQyNWdvWyLYu6IwAABKAAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YNGqwfesQyNWdvWyLYu6IwAABKAAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJ8jYQ0AMf84lYXgXfh5t5M&google_cver=1
43 B
315 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJ8jYQ0AMf84lYXgXfh5t5M&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:18:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 22 Jun 2021 09:18:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:18:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJ8jYQ0AMf84lYXgXfh5t5M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5E49
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=5zDWHyoD1LVCxB5&gdpr=1
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=5zDWHyoD1LVCxB5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Jun 2021 09:17:55 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:55 GMT
Server
PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-005da0421d9a8a886@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=5zDWHyoD1LVCxB5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
ix
ad4m.at/ad/sim/ Frame 5E49
0
0
Image
General
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

crum
dsum-sec.casalemedia.com/ Frame 5E49
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06612204077486095ca2cfc6&expiration=[EXPIRATION]&gdpr=1
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06612204077486095ca2cfc6&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Jun 2021 09:17:55 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06612204077486095ca2cfc6&expiration=[EXPIRATION]&gdpr=1
Date
Tue, 22 Jun 2021 09:17:55 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
crum
dsum-sec.casalemedia.com/ Frame 5E49
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=32fcf986-060a-470c-971d-d5a62041a14c
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=32fcf986-060a-470c-971d-d5a62041a14c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Jun 2021 09:17:56 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:56 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=32fcf986-060a-470c-971d-d5a62041a14c
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
setuid
sync.quantumdex.io/ Frame 5E49
43 B
347 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YNGqwfesQyNWdvWyLYu6IwAABKAAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:54 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UT7ycUYTDwf%2BNnW7qCXPXCar0xtx6c%2FgnsPo8jnWbnEw0VQvVguQnMmdXMATHBNbHFRV26rwK5S%2BXJZAddc8WP2fAvdsNk7Nw%2FeWYE7KyMjGGEu%2FsA5CIn1mT1x9Nx%2BhHD1qcWpXooJaL4s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7ceac4e43-FRA
content-length
43
cf-request-id
0ad49c1adb00004e43a29a9000000001
casale
match.adsrvr.org/track/cmf/ Frame 385D
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YNGqwZpQzfu-ft0J-vesqgAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:17:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 385D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNGqwZpQzfu_ft0J_vesqgAABH0AAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YNGqwZpQzfu_ft0J_vesqgAABH0AAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELUM6D7PxtKNIVsHZdyAEmY&google_cver=1
43 B
315 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELUM6D7PxtKNIVsHZdyAEmY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:18:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 22 Jun 2021 09:18:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:18:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELUM6D7PxtKNIVsHZdyAEmY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 385D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNGqwZpQzfu-ft0J-vesqgAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YNGqwZpQzfu-ft0J-vesqgAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHpCsKyz0JrOrVTSNp1alRU&google_cver=1&gdpr=1
43 B
2 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHpCsKyz0JrOrVTSNp1alRU&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:18:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Jun 2021 09:18:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:18:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHpCsKyz0JrOrVTSNp1alRU&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 385D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwZpQzfu_ft0J_vesqgAABH0AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwZpQzfu_ft0J_vesqgAABH0AAAAB&dcc=t
43 B
433 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwZpQzfu_ft0J_vesqgAABH0AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:54 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNGqwZpQzfu_ft0J_vesqgAABH0AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame 385D
0
0
Image
General
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

sync
ups.analytics.yahoo.com/ups/55940/ Frame 385D
0
234 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YNGqwZpQzfu_ft0J_vesqgAABH0AAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:53 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 385D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2bc360d1-aac2-4e00-b0e5-3af48433d961&gdpr=1&gdpr_consent=
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2bc360d1-aac2-4e00-b0e5-3af48433d961&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Jun 2021 09:17:54 GMT

Redirect headers

Date
Tue, 22 Jun 2021 09:17:50 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2bc360d1-aac2-4e00-b0e5-3af48433d961&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 22 Jun 2021 09:17:49 GMT
ibs:dpid=23728&dpuuid=YNGqwZpQzfu-ft0J-vesqgAA%261149
dpm.demdex.net/ Frame 385D
0
0
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YNGqwZpQzfu-ft0J-vesqgAA%261149?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.195.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

setuid
sync.quantumdex.io/ Frame 385D
43 B
345 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YNGqwZpQzfu_ft0J_vesqgAABH0AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0Yc4B6kv7pZ%2F7faGRsXZBZ71YNbr%2FXrzsPCMxeQqHNTHSEzWz%2FeYciYUrq2Wwl7IzjlivAWEbMEhJx3DDOOxBlw%2F8yjo04aPVJe0%2BEp1JqSeso4rpaw3NWc47FWiqMolSutsZMKlIaOq5Qw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
663462d7ceb34e43-FRA
content-length
43
cf-request-id
0ad49c1adc00004e435e21d000000001
match
c1.adform.net/serving/cookie/ Frame FC41
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=25BE928C-91AC-4A8E-A5AA-467F3F9F45BA
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=25BE928C-91AC-4A8E-A5AA-467F3F9F45BA
35 B
476 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=25BE928C-91AC-4A8E-A5AA-467F3F9F45BA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=25BE928C-91AC-4A8E-A5AA-467F3F9F45BA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 22 Jun 2021 09:17:53 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=6084000926979813829; expires=Sat, 21 Aug 2021 09:17:53 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Tue, 22 Jun 2021 09:17:53 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=25BE928C-91AC-4A8E-A5AA-467F3F9F45BA
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Thu, 22 Jul 2021 09:17:53 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 57AF
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1811983543594905929
42 B
210 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1811983543594905929
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1811983543594905929
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=25BE928C-91AC-4A8E-A5AA-467F3F9F45BA; chkChromeAb67Sec=1; DPSync3=1625529600%3A201_197_219%7C1624406400%3A174; SyncRTB3=1625529600%3A3_71_161_7_54_56_220_21_13%7C1625616000%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 22 Jun 2021 09:17:53 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-1811983543594905929; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 22-Jul-2021 09:17:53 GMT; path=/ PugT=1624353473; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 22-Jul-2021 09:17:53 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 20-Sep-2021 09:17:53 GMT; path=/
x-lat
lhrpug001:0:429
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1811983543594905929
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 1F63
43 B
359 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Tue, 22 Jun 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
966
x-powered-by
ASP.NET
date
Tue, 22 Jun 2021 09:17:53 GMT
content-length
43
setuid
sync.quantumdex.io/ Frame 5CF7
43 B
344 B
Document
General
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=25BE928C-91AC-4A8E-A5AA-467F3F9F45BA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/setuid?bidder=pubmatic&uid=25BE928C-91AC-4A8E-A5AA-467F3F9F45BA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=848dccc1-1b21-4357-a314-a06ee93ff2a0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 22 Jun 2021 09:17:54 GMT
content-type
image/gif
content-length
43
cf-cache-status
DYNAMIC
cf-request-id
0ad49c1bc200004e4349aaa000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9wQ9tmcXDaEYlm2Ta83KjRO1z%2B5sVSm5Hv7CB5J%2BPz%2Fefn3uqbFZxA%2FvdH8pp5q6b3%2FJGHJOiL5FfnB96o00vgbskFDsA5ek0RUtT4myt8HiMRZMRcBkmmjyYalFSgCiC7db516pBZoFQQI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
663462d93ac74e43-FRA
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 579A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Jb6SjJGsSo6lqkZ_P59Fug%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Jb6SjJGsSo6lqkZ_P59Fug%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:18:00 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=28200
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Tue, 22 Jun 2021 17:08:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:18:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 579A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3cb360d1-aac2-4100-a653-8771e5000eaa
0
384 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3cb360d1-aac2-4100-a653-8771e5000eaa
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cnection
close
date
Tue, 22 Jun 2021 09:17:53 GMT
content-encoding
gzip
server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache
content-type
text/plain; charset=utf-8

Redirect headers

Date
Tue, 22 Jun 2021 09:17:50 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x13
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3cb360d1-aac2-4100-a653-8771e5000eaa
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 22 Jun 2021 09:17:49 GMT
mw
mwzeom.zeotap.com/ Frame 579A
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=25BE928C-91AC-4A8E-A5AA-467F3F9F45BA
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=e891b34acbac8c0f9e2f3794346c5372
  • https://spl.zeotap.com/?zdid=1332&zcluid=149f33d1c1eafbd4
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5f05af02-0c8f-4481-7864-413adc51fb08&reqId=3dfc1be1-8f4c-4c5d-5dc3-7cfa241939d6&zclui...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5f05af02-0c8f-4481-7864-413adc51fb08&reqId=3dfc1be1-8f4c-4c5d-5dc3-7cfa241939d6&zclu...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEBX23Yitvb0YD6n_wMTH_5U&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5f05af02-0c8f-4481-7864-413adc51fb08&reqId=3dfc1be1-8f4c-4c5d-5dc3-7cf...
95 B
212 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEBX23Yitvb0YD6n_wMTH_5U&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5f05af02-0c8f-4481-7864-413adc51fb08&reqId=3dfc1be1-8f4c-4c5d-5dc3-7cfa241939d6&zcluid=149f33d1c1eafbd4&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:18:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
66346304ace04a61-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0ad49c36ef00004a6192219000000001

Redirect headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:18:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEBX23Yitvb0YD6n_wMTH_5U&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5f05af02-0c8f-4481-7864-413adc51fb08&reqId=3dfc1be1-8f4c-4c5d-5dc3-7cfa241939d6&zcluid=149f33d1c1eafbd4&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 579A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjVCRTkyOEMtOTFBQy00QThFLUE1QUEtNDY3RjNGOUY0NUJB&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjVCRTkyOEMtOTFBQy00QThFLUE1QUEtNDY3RjNGOUY0NUJB&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:18:00 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:502
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:18:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 579A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI-7aSB595y4z7q6U7HB718&google_cver=1
42 B
436 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI-7aSB595y4z7q6U7HB718&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:18:00 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:811
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:18:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI-7aSB595y4z7q6U7HB718&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 579A
43 B
610 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:54 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 21 Jun 2021 09:17:54 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 579A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5939490055835893043
42 B
234 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5939490055835893043
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:54 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:413
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:17:53 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5939490055835893043
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 579A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:32ee60d1-aac2-4500-839a-4750cdd0861a&gdpr=0&gdpr_consent=
42 B
649 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:32ee60d1-aac2-4500-839a-4750cdd0861a&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:54 GMT
cache-control
no-store, no-cache, private
x-lat
amspug020:0:462
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 22 Jun 2021 09:17:50 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x3
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:32ee60d1-aac2-4500-839a-4750cdd0861a&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 22 Jun 2021 09:17:49 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 579A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9048f4b9-485f-47a0-a619-40962149104d
42 B
451 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9048f4b9-485f-47a0-a619-40962149104d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:55 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:616
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:17:56 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9048f4b9-485f-47a0-a619-40962149104d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 579A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1808910678779486814&gdpr=0&gdpr_consent=
42 B
521 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1808910678779486814&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:282
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:53 GMT
X-Proxy-Origin
159.48.53.248; 159.48.53.248; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.181:80
AN-X-Request-Uuid
ec1b4386-7389-4883-9dbb-036a459e3453
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1808910678779486814&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
25BE928C-91AC-4A8E-A5AA-467F3F9F45BA
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 579A
43 B
88 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/25BE928C-91AC-4A8E-A5AA-467F3F9F45BA?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:53 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
rtct_adp_lib.20200515.min.js
js.genieessp.com/j/ Frame 77F3
16 KB
6 KB
Script
General
Full URL
https://js.genieessp.com/j/rtct_adp_lib.20200515.min.js?GenieeDeliveryZoneName=gpb_1495172
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.213.187.173 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
7dcf7afdaabf09c243f76cf35405387257564d34590888f4008028a739c270ad

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:17:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Jun 2021 08:55:00 GMT
Server
nginx
ETag
W/"60c081e4-411a"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, private
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Expires
Wed, 22 Jun 2022 09:17:54 GMT
cic
ialaddin.genieesspv.jp/yie/ld/ Frame 77F3
43 B
350 B
Image
General
Full URL
https://ialaddin.genieesspv.jp/yie/ld/cic?cik=euFAVizQcGZ0CG_yZwBrfrRyNKB6He3tqUL2TLwnOyNrS1faimJvfUAKpZnfUVwitdpRlt6x-Djy4SZTQHIYGiwjEsg&noas=9615007
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.47.25.67 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:17:54 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 579A
0
154 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:17:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ROS
ads.us.e-planning.net/pbjs/1/2c995/1/kimcartoon.li/
75 B
394 B
XHR
General
Full URL
https://ads.us.e-planning.net/pbjs/1/2c995/1/kimcartoon.li/ROS?rnd=0.10265755498889062&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2F&gdpr=1&gdprcs=
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
d722d08a44bdbfcc237a83e6e37e8f56b7bfd9be544d19368f45ef12ce5a09c1

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Jun 2021 09:18:19 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://kimcartoon.li
expires
Tue, 22 Jun 2021 09:18:19 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
75
x-sid
AMS-610
c
prebid.a-mo.net/a/
0
256 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:18:19 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
2
vary
origin
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
175 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:18:19 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
quantumdex
useast.quantumdex.io/auction/
0
617 B
XHR
General
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Jun 2021 09:18:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://kimcartoon.li
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1jxT8PLwZ9xGAEyepAPLhbNmMOre1WSPrxOD7CYR9OIqkJIiIYs7GGvkEe17fcC0CLKGfDib9tCRONhwvWOLZronBot3v0o3h3u1SrtENpyc9aiF1C8dbANUvK01yBTzpJUnw%2BTfDoB%2Fk1tBBw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6634637ce9a04e43-FRA
cf-request-id
0ad49c821000004e43499b3000000001
c
prebid.a-mo.net/a/
0
233 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:18:19 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
175 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:18:19 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
ROS
ads.us.e-planning.net/pbjs/1/2c995/1/kimcartoon.li/
75 B
394 B
XHR
General
Full URL
https://ads.us.e-planning.net/pbjs/1/2c995/1/kimcartoon.li/ROS?rnd=0.10265755498889062&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2F&gdpr=1&gdprcs=
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
8ec1e2719b3c03a79e9434b8e34fe24fcc059d65a6c69565602673109c47d553

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Jun 2021 09:18:19 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://kimcartoon.li
expires
Tue, 22 Jun 2021 09:18:19 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
75
x-sid
AMS-610
quantumdex
useast.quantumdex.io/auction/
0
389 B
XHR
General
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Jun 2021 09:18:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://kimcartoon.li
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BvrdM50Rb8SxUbKIhT3MnRDEn5u1BdNQRPtm0bW2%2BX%2BBpOW5t2Mh1dQVhPOIH5lNOlg6kEGsNq1r4bnrM5dTk%2F4ZW4nL9qiFv6ZFi6r%2BvqLSEDy09td%2FfQ6bAOe5zVfe5SAF%2Fcuzye9cujfYiw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6634637cf9d64e43-FRA
cf-request-id
0ad49c821c00004e43660fe000000001
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
175 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:18:19 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
quantumdex
useast.quantumdex.io/auction/
0
383 B
XHR
General
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Jun 2021 09:18:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://kimcartoon.li
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eLyqHnawylhzCdlozdMAAv99ORapCzu2x1N7P%2FTn2kQFW%2Bbddie1lktudy1I37bhdV3nmp85e2R48gEHYIZfKBgYrhNRarkYjl1DJ87zzsi8VSv4bMIJFteC8SOJENMYEct63DfiiwUXgCHATA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6634637cf9e14e43-FRA
cf-request-id
0ad49c822100004e43a79a9000000001
c
prebid.a-mo.net/a/
0
233 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:18:19 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
2
vary
origin
ROS
ads.us.e-planning.net/pbjs/1/2c995/1/kimcartoon.li/
62 B
381 B
XHR
General
Full URL
https://ads.us.e-planning.net/pbjs/1/2c995/1/kimcartoon.li/ROS?rnd=0.10265755498889062&e=728x90_0%3A728x90%2C468x60&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2F&gdpr=1&gdprcs=
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
4e246bac944dc8cb65009d45604e66f5bcf8b96b27b1f12ab8048f2d2a684947

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Jun 2021 09:18:19 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://kimcartoon.li
expires
Tue, 22 Jun 2021 09:18:19 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
62
x-sid
AMS-610
c
prebid.a-mo.net/a/
0
233 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:18:19 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
2
vary
origin
ROS
ads.us.e-planning.net/pbjs/1/2c995/1/kimcartoon.li/
63 B
382 B
XHR
General
Full URL
https://ads.us.e-planning.net/pbjs/1/2c995/1/kimcartoon.li/ROS?rnd=0.10265755498889062&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2F&gdpr=1&gdprcs=
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
19b3b078d698b044507e8472461528a783c526580a08ba6287537f3f9fc38a7b

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Jun 2021 09:18:19 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://kimcartoon.li
expires
Tue, 22 Jun 2021 09:18:19 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
63
x-sid
AMS-610
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
175 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:18:19 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
quantumdex
useast.quantumdex.io/auction/
0
388 B
XHR
General
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Jun 2021 09:18:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://kimcartoon.li
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7PRs4nlpbu7UdM%2FWPn7C7%2FVaJ8YyTppE50ECHoSiTLRvLD6u2YNcTGLnCBOV5o%2F5LQL7GkBzRdDrjvO89ODNOzTqQxVGI%2BWx9EAG89oGjikm2eYeIRQ4lTu3KpEAF9NSks2hmPyOnnZneigPHg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6634637d0a1a4e43-FRA
cf-request-id
0ad49c822c00004e4347b34000000001
c
prebid.a-mo.net/a/
0
114 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:18:19 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
2
vary
origin
quantumdex
useast.quantumdex.io/auction/
0
288 B
XHR
General
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Jun 2021 09:18:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://kimcartoon.li
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2Fyu0fDPX2aco7gDQv2XwlBC5tabeAcZUQsErLYouqbtHyjqYDEkmU8J6DHFqhNQdWMs1daI9ZAmVkvLCaUrmK65J564l4ieoNQiPcV8kXIrecSNN%2BotOqOEspgJeB%2FmuA4rWwyfW%2BnHJY1UMwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6634637dac164e43-FRA
cf-request-id
0ad49c828a00004e43871a9000000001
ROS
ads.us.e-planning.net/pbjs/1/2c995/1/kimcartoon.li/
63 B
382 B
XHR
General
Full URL
https://ads.us.e-planning.net/pbjs/1/2c995/1/kimcartoon.li/ROS?rnd=0.10265755498889062&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fkimcartoon.li%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2F&gdpr=1&gdprcs=
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
dfc4759aebb70395e2f794adf96b3c441a2b8dcdc2ecfc6de1ecbe53548f1d33

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Jun 2021 09:18:19 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://kimcartoon.li
expires
Tue, 22 Jun 2021 09:18:19 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
63
x-sid
AMS-610
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
175 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:18:19 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
/
tag.vlitag.com/passback/ Frame 19E2
161 B
538 B
Script
General
Full URL
https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56188&divID=vi_1422756188_474&w=160&h=600
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fa0fa4e3df51fb5c261e30d253d9c03441cfa27ed37f4a70f0666bde29fb21f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:18:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
29
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=laHV6rb4M2hsLLH79r0PPleKv2b15rDm4DsrplD8NGiWTtpcn6qnv9RyDmoYnh47RyxdGmTf3QKkoIBb%2B1w8iKMcBxJvn6a5V0BtvKBsBUFzK%2FemtLsnsKBx3BK1Tr1NYLN3RXnyyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-request-id
0ad49c8292000032448596b000000001
cf-ray
6634637dbae13244-FRA
/
stats.vlitag.com/pi/ Frame 19E2
0
325 B
Image
General
Full URL
https://stats.vlitag.com/pi/?e=zdNPawMBtZy-ZUPq-PtyK-MTZM-BtaqyKMAyZBwRzNhqllwqe0RrNTPYYKRmNZUTMMRrtNRcsokty_orN
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:18:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XgXIHomtXBVLSYZZC3Oky9K6gzFV6BqUNd00mE55LaN4ea4sY4EKfxCKKkF98ErPA2zB05j4c%2BFndQeHijPVXTMHWbZWLFFBhN1Z92TBWV7XLwKMOAUVG6GnKE%2FyhtjmDXB3ssmzxQTv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6634637dbae53244-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0ad49c8292000032446da22000000001
collect
www.google-analytics.com/j/ Frame A90B
1 B
84 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1265458744&t=pageview&_s=6&dl=https%3A%2F%2Fkimcartoon.li%2F&ul=en-us&de=UTF-8&dt=noBid_kimcartoon.li_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=kimcartoon.li&cm=noBid&cc=Default&_u=SACAAUABAAAAAC~&jid=1676170239&gjid=852919250&cid=190638717.1624353469&tid=UA-128776493-30&_gid=1922115985.1624353469&_r=1&gtm=2ou6g0&z=1755245998
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 09:18:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://kimcartoon.li
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
tag.vlitag.com/passback/ Frame 8161
161 B
440 B
Script
General
Full URL
https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56186&divID=vi_1422756186_927&w=300&h=250
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d430e424beaf45f77abdd3a6cbee70b1f357cf7d6fa3fd591a007ee3034e6832
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:18:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
29
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YDHMM%2FNiCock3zNgrkILK4EFAfPSSiXRZ%2FvZhvqmjsuNWFvsY8TNvZ9b%2F6sNkeXvKbiI0%2FTbJNPB5iomMGhis%2FmH%2B3odDI6vHnsa1QPfz2JGfUfHFpWZVNM2AVgDjpN5uwgCUHK%2Fnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-request-id
0ad49c82990000324428298000000001
cf-ray
6634637dcb063244-FRA
/
stats.vlitag.com/pi/ Frame 8161
0
279 B
Image
General
Full URL
https://stats.vlitag.com/pi/?e=zdNqTAPKtet-KMZA-PTUY-wtKM-wABPwPrKrZyyRzNhqllwqe0RrNTPYYKRmNZUTMURrtNRcsokty_orN
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:18:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tZ0MRbAWjR2k0GtApos2ikoCNsYusXCClJPK7b4nfmiOwy5H1yAyGVFjff7QIXBGUAbzGavmI2yKmMD1jWPCtf5QVmqAjKCIVXedqwKwky7JPoly7%2FVZ%2FFS1hSGpdJChqMV3QjCK%2BCVf"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6634637dcb0a3244-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0ad49c829a000032442ba61000000001
collect
www.google-analytics.com/ Frame A90B
35 B
132 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=1265458744&t=pageview&_s=7&dl=https%3A%2F%2Fkimcartoon.li%2F&ul=en-us&de=UTF-8&dt=noBid_kimcartoon.li_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=kimcartoon.li&cm=noBid&cc=Default&_u=SACAAUABAAAAAC~&jid=&gjid=&cid=190638717.1624353469&tid=UA-128776493-30&_gid=1922115985.1624353469&gtm=2ou6g0&z=1670668737
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Jun 2021 17:25:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
57176
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
tag.vlitag.com/passback/ Frame BE23
160 B
668 B
Script
General
Full URL
https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56187&divID=vi_1422756187_538&w=728&h=90
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c73e1d1365aca4ebfc26951028e3b0ab9e8016100122bb3ad8a65868744b3107
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:18:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1712
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eLZxBZSCglIqY%2BL4QVbzLShupH2RdPf3xCUTOqYywiNjfC8ScTD97F8QS4nBkrCR53veF46gFqMj%2Fvxx%2B484CLQGZ1d6xScD%2F4HfuOJNXQFlWR86F9nWb2P8flFuWkxTNfe%2BYcTwyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-request-id
0ad49c82a2000032448f9a4000000001
cf-ray
6634637dcb263244-FRA
/
stats.vlitag.com/pi/ Frame BE23
0
278 B
Image
General
Full URL
https://stats.vlitag.com/pi/?e=zdNrteKMytB-raAt-PMBK-MyKw-KPrAMyKarUwyRzNhqllwqe0RrNTPYYKRmNZUTMKRrtNRcsokty_orN
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:18:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yLtwB3QkY7cONmA%2Fzd8fi17fdswloe5VoF8Bd2crnR6nT8Z3n0tD0vPF3gqdK6vXqWcBkYuChvSs5JN4w5lDPchIjYZJduhJ3n%2FwMFJR7q4RDgpAf3Th%2Fle2OmV6ROij3LLVFzBNOGLt"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6634637dcb293244-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0ad49c82a2000032445b021000000001
collect
www.google-analytics.com/ Frame A90B
35 B
56 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=1265458744&t=pageview&_s=8&dl=https%3A%2F%2Fkimcartoon.li%2F&ul=en-us&de=UTF-8&dt=noBid_kimcartoon.li_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=kimcartoon.li&cm=noBid&cc=Default&_u=SACAAUABAAAAAC~&jid=&gjid=&cid=190638717.1624353469&tid=UA-128776493-30&_gid=1922115985.1624353469&gtm=2ou6g0&z=619883670
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 07:06:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7936
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
tag.vlitag.com/passback/ Frame 95BE
161 B
783 B
Script
General
Full URL
https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56199&divID=vi_1422756199_946&w=160&h=600
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9b643d52d6d85b078d4b49601529984ba697a08cb1a802a92dd29457d8ff9c2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:18:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
29
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=avnSGFQJuE4d2orpQPGs%2Ff%2ByyuybTUeT8G8xOKFLDpXbDroTohouMQa1ouzUjYopqolxLyM6LXX0b3GuXAiprWMkvqwPVtb7n86XUKzEbWdQBrD5nwHDHZW%2F%2F9m6nIHcJW5ynF5kjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-request-id
0ad49c82bc00000614502fa000000001
cf-ray
6634637df9280614-FRA
/
stats.vlitag.com/pi/ Frame 95BE
0
282 B
Image
General
Full URL
https://stats.vlitag.com/pi/?e=zdNqAyZwqTe-Mewr-PAKt-qreP-PBZUqraYtrPYRzNhqllwqe0RrNTPYYKRmNZUTaaRrtNRcsokty_orN
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:18:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PJh540MGjmBhg9iUv5nqQxzRFgwsmcm2DS8%2F2i1nSQ129TRHjj3VOxTZeNOlWGBxfmryUqE7Gd%2FSXJfef%2B%2BEifALAgeySm%2F7iyjrpsryShDYVFvskkDqNFBGDuyAgwhpQ7Kvp3ytOWTO"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6634637deb3e3244-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0ad49c82ad000032441a0cd000000001
collect
www.google-analytics.com/ Frame A90B
35 B
56 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=1265458744&t=pageview&_s=9&dl=https%3A%2F%2Fkimcartoon.li%2F&ul=en-us&de=UTF-8&dt=noBid_kimcartoon.li_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=kimcartoon.li&cm=noBid&cc=Default&_u=SACAAUABAAAAAC~&jid=&gjid=&cid=190638717.1624353469&tid=UA-128776493-30&_gid=1922115985.1624353469&gtm=2ou6g0&z=1574640135
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 07:06:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7936
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
a1495171.js
js.genieessp.com/t/495/171/ Frame 19E2
8 KB
4 KB
Script
General
Full URL
https://js.genieessp.com/t/495/171/a1495171.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56188&divID=vi_1422756188_474&w=160&h=600
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.213.187.173 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
0131224e6d4ee3df71952ea0293cc3c4a179505da607333bbb3cf94ffeebcb85

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:18:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 05:11:36 GMT
Server
nginx
ETag
W/"6088ee88-21d9"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=900, private
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Expires
Tue, 22 Jun 2021 09:33:19 GMT
a1495179.js
js.genieessp.com/t/495/179/ Frame 8161
8 KB
4 KB
Script
General
Full URL
https://js.genieessp.com/t/495/179/a1495179.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56186&divID=vi_1422756186_927&w=300&h=250
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.213.187.173 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
71a2a4d8fbad1e1d22220938e000c7a7f1ba19a0fe072206280f3aee7e6a8c0f

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:18:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 05:11:36 GMT
Server
nginx
ETag
W/"6088ee88-21d9"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=900, private
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Expires
Tue, 22 Jun 2021 09:33:20 GMT
a1495170.js
js.genieessp.com/t/495/170/ Frame BE23
8 KB
4 KB
Script
General
Full URL
https://js.genieessp.com/t/495/170/a1495170.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56187&divID=vi_1422756187_538&w=728&h=90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.213.187.173 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
fa42490e2190c44529231d3a40b32a44f92052cf5bb041cf60b7803b19b95b95

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:18:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 05:11:36 GMT
Server
nginx
ETag
W/"6088ee88-21d9"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=900, private
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Expires
Tue, 22 Jun 2021 09:33:20 GMT
a1495172.js
js.genieessp.com/t/495/172/ Frame 95BE
8 KB
4 KB
Script
General
Full URL
https://js.genieessp.com/t/495/172/a1495172.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56199&divID=vi_1422756199_946&w=160&h=600
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.213.187.173 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
b994133297ed4f0928bb896cefd1a915ef7c56f05196329a68dc926b5410eecb

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:18:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 05:11:36 GMT
Server
nginx
ETag
W/"6088ee88-21d9"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=900, private
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Expires
Tue, 22 Jun 2021 09:33:20 GMT
/
tag.vlitag.com/passback/ Frame 1DC9
161 B
748 B
Script
General
Full URL
https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56194&divID=vi_1422756194_536&w=300&h=250
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65066f6db9765ba6900cae0fc7e207ef9e96505d009430cd2d96a8324eba80c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:18:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
29
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=I9Z%2BeWHocWM4yRIW5vOF%2Fdh9NVRGeU9uAVl6SjljlVcOnk60OS0Yry4R5cTgIJpH8wpRSBOjH%2FOOo9IvtyFda%2FSHeOZv7sAOBy0nvzfqrNzuAMWnNeue0r3FFIYnPofkfWkD2bae%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-request-id
0ad49c830b0000061413a13000000001
cf-ray
6634637e7aae0614-FRA
/
stats.vlitag.com/pi/ Frame 1DC9
0
300 B
Image
General
Full URL
https://stats.vlitag.com/pi/?e=zdNArTewPYq-tTrT-PUyq-qTwy-KUUyUZyPeYUrRzNhqllwqe0RrNTPYYKRmNZUTaPRrtNRcsokty_orN
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:18:20 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nZc%2BBFtinKnbRTqcvmk2A04X1je5v2o0zTQ8nXDMlLF9RC3Ye60V0LPU8ntFCqq%2BnU0HQ0UeRopIAtFnPemzMKM40D2oZKJ10Fex3kPBV74kNulcBhdeWwJqAnMYpUJYjCFffRWN8%2FhO"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6634637e7c623244-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0ad49c83060000324465b01000000001
collect
www.google-analytics.com/ Frame A90B
35 B
56 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=1265458744&t=pageview&_s=10&dl=https%3A%2F%2Fkimcartoon.li%2F&ul=en-us&de=UTF-8&dt=noBid_kimcartoon.li_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=kimcartoon.li&cm=noBid&cc=Default&_u=SACAAUABAAAAAC~&jid=&gjid=&cid=190638717.1624353469&tid=UA-128776493-30&_gid=1922115985.1624353469&gtm=2ou6g0&z=2095032564
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 07:06:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7936
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
a1495180.js
js.genieessp.com/t/495/180/ Frame 1DC9
8 KB
4 KB
Script
General
Full URL
https://js.genieessp.com/t/495/180/a1495180.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1624350011&d=14227&z=56194&divID=vi_1422756194_536&w=300&h=250
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.213.187.173 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
a70d11139b55758bf7050152f5707babaf9f7abe71a7d00a1406c67b1ec31703

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:18:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 05:11:36 GMT
Server
nginx
ETag
W/"6088ee88-21d9"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=900, private
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Expires
Tue, 22 Jun 2021 09:33:20 GMT
jsk
ialaddin.genieesspv.jp/yie/ld/ Frame 19E2
6 KB
3 KB
Script
General
Full URL
https://ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1495171&cb=54546471034&charset=UTF-8&loc=https%3A%2F%2Fkimcartoon.li%2F&sw=1200&sh=1600&topframe=0
Requested by
Host: kimcartoon.li
URL: https://kimcartoon.li/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.47.25.67 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
/
Resource Hash
3134714d7906107e85e89a78715bd72357883bc0a057ab2ae2d316820c9ae1dd

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 09:18:20 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
im-uid-hook.js
dmp.im-apps.net/scripts/ Frame 19E2
1 KB
872 B
Script
General
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by
Host: js.genieessp.com
URL: https://js.genieessp.com/t/495/171/a1495171.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
34e0e0a15150f30ff3af9a12dac2786b99f7ede6a470dd9a2f2d798fff6f2844

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:18:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Cache-Control
public, max-age=3600, s-maxage=10800
Connection
keep-alive
Content-Type
text/javascript
Content-Length
617
im-uid.js
dmp.im-apps.net/sdk/ Frame 19E2
6 KB
3 KB
Script
General
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1a9163963ae4e7fae1d0aef79cd92d029b29843766ce501c764fc91092b2c314

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_tgYtBzv19gnEnWcQFy8CR5KdTrOcG9m
Content-Encoding
gzip
Last-Modified
Fri, 04 Jun 2021 06:41:02 GMT
ETag
"acb4a4c0b7c909aa8d76098134b478a6"
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Cache-Control
max-age=10800
Date
Tue, 22 Jun 2021 09:18:20 GMT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
2415
get
audiencedata.im-apps.net/imuid/ Frame 19E2
28 B
87 B
XHR
General
Full URL
https://audiencedata.im-apps.net/imuid/get?vid=01F8SG6TYCM0NHSKE5DC1ME651&cid=3929
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
7ae50713261aba1a94afe26df21e722fa3c82a4eb136b4f95a95b50edc10bcf8

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://kimcartoon.li
date
Tue, 22 Jun 2021 09:18:20 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
28
content-type
application/json
jsk
ialaddin.genieesspv.jp/yie/ld/ Frame 8161
0
0

im-uid-hook.js
dmp.im-apps.net/scripts/ Frame 8161
1 KB
872 B
Script
General
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by
Host: js.genieessp.com
URL: https://js.genieessp.com/t/495/179/a1495179.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
34e0e0a15150f30ff3af9a12dac2786b99f7ede6a470dd9a2f2d798fff6f2844

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:18:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Cache-Control
public, max-age=3600, s-maxage=10800
Connection
keep-alive
Content-Type
text/javascript
Content-Length
617
im-uid.js
dmp.im-apps.net/sdk/ Frame 8161
6 KB
3 KB
Script
General
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1a9163963ae4e7fae1d0aef79cd92d029b29843766ce501c764fc91092b2c314

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_tgYtBzv19gnEnWcQFy8CR5KdTrOcG9m
Content-Encoding
gzip
Last-Modified
Fri, 04 Jun 2021 06:41:02 GMT
ETag
"acb4a4c0b7c909aa8d76098134b478a6"
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Cache-Control
max-age=10800
Date
Tue, 22 Jun 2021 09:18:20 GMT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
2415
jsk
ialaddin.genieesspv.jp/yie/ld/ Frame BE23
0
0

im-uid-hook.js
dmp.im-apps.net/scripts/ Frame BE23
1 KB
872 B
Script
General
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by
Host: js.genieessp.com
URL: https://js.genieessp.com/t/495/170/a1495170.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
34e0e0a15150f30ff3af9a12dac2786b99f7ede6a470dd9a2f2d798fff6f2844

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:18:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Cache-Control
public, max-age=3600, s-maxage=10800
Connection
keep-alive
Content-Type
text/javascript
Content-Length
617
jsk
ialaddin.genieesspv.jp/yie/ld/ Frame 95BE
0
0

im-uid-hook.js
dmp.im-apps.net/scripts/ Frame 95BE
1 KB
872 B
Script
General
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by
Host: js.genieessp.com
URL: https://js.genieessp.com/t/495/172/a1495172.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
34e0e0a15150f30ff3af9a12dac2786b99f7ede6a470dd9a2f2d798fff6f2844

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:18:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Cache-Control
public, max-age=3600, s-maxage=10800
Connection
keep-alive
Content-Type
text/javascript
Content-Length
617
im-uid.js
dmp.im-apps.net/sdk/ Frame BE23
6 KB
3 KB
Script
General
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1a9163963ae4e7fae1d0aef79cd92d029b29843766ce501c764fc91092b2c314

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_tgYtBzv19gnEnWcQFy8CR5KdTrOcG9m
Content-Encoding
gzip
Last-Modified
Fri, 04 Jun 2021 06:41:02 GMT
ETag
"acb4a4c0b7c909aa8d76098134b478a6"
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Cache-Control
max-age=10800
Date
Tue, 22 Jun 2021 09:18:20 GMT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
2415
jsk
ialaddin.genieesspv.jp/yie/ld/ Frame 1DC9
0
0

im-uid-hook.js
dmp.im-apps.net/scripts/ Frame 1DC9
1 KB
872 B
Script
General
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by
Host: js.genieessp.com
URL: https://js.genieessp.com/t/495/180/a1495180.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
34e0e0a15150f30ff3af9a12dac2786b99f7ede6a470dd9a2f2d798fff6f2844

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 09:18:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Cache-Control
public, max-age=3600, s-maxage=10800
Connection
keep-alive
Content-Type
text/javascript
Content-Length
617
im-uid.js
dmp.im-apps.net/sdk/ Frame 95BE
6 KB
3 KB
Script
General
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1a9163963ae4e7fae1d0aef79cd92d029b29843766ce501c764fc91092b2c314

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_tgYtBzv19gnEnWcQFy8CR5KdTrOcG9m
Content-Encoding
gzip
Last-Modified
Fri, 04 Jun 2021 06:41:02 GMT
ETag
"acb4a4c0b7c909aa8d76098134b478a6"
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Cache-Control
max-age=10800
Date
Tue, 22 Jun 2021 09:18:20 GMT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
2415
im-uid.js
dmp.im-apps.net/sdk/ Frame 1DC9
6 KB
3 KB
Script
General
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1a9163963ae4e7fae1d0aef79cd92d029b29843766ce501c764fc91092b2c314

Request headers

Referer
https://kimcartoon.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_tgYtBzv19gnEnWcQFy8CR5KdTrOcG9m
Content-Encoding
gzip
Last-Modified
Fri, 04 Jun 2021 06:41:02 GMT
ETag
"acb4a4c0b7c909aa8d76098134b478a6"
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Cache-Control
max-age=10800
Date
Tue, 22 Jun 2021 09:18:20 GMT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
2415
inview.20190130.min.js
js.genieessp.com/j/ Frame 19E2
0
0

mcs
cs.gssprt.jp/yie/ld/ Frame 19E2
0
0

mcs
cs.gssprt.jp/yie/ld/ Frame 19E2
0
0

mcs
cs.gssprt.jp/yie/ld/ Frame 19E2
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ialaddin.genieesspv.jp
URL
https://ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1495179&cb=5383466134&charset=UTF-8&loc=https%3A%2F%2Fkimcartoon.li%2F&sw=1200&sh=1600&extuid=im%3Ah.3ca6c8fd41e51ee2&topframe=0
Domain
ialaddin.genieesspv.jp
URL
https://ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1495170&cb=6478680649&charset=UTF-8&loc=https%3A%2F%2Fkimcartoon.li%2F&sw=1200&sh=1600&extuid=im%3Ah.3ca6c8fd41e51ee2&topframe=0
Domain
ialaddin.genieesspv.jp
URL
https://ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1495172&cb=41495728049&charset=UTF-8&loc=https%3A%2F%2Fkimcartoon.li%2F&sw=1200&sh=1600&extuid=im%3Ah.3ca6c8fd41e51ee2&topframe=0
Domain
ialaddin.genieesspv.jp
URL
https://ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1495180&cb=39636976797&charset=UTF-8&loc=https%3A%2F%2Fkimcartoon.li%2F&sw=1200&sh=1600&extuid=im%3Ah.3ca6c8fd41e51ee2&topframe=0
Domain
js.genieessp.com
URL
https://js.genieessp.com/j/inview.20190130.min.js
Domain
cs.gssprt.jp
URL
https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2
Domain
cs.gssprt.jp
URL
https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2
Domain
cs.gssprt.jp
URL
https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=yeahtargeter&format=gif&vid=2

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| getCookie function| setCookie object| _0xe609 function| setCookieInMin function| removeCookie string| GoogleAnalyticsObject function| ga object| vitag object| adbWarn boolean| alb function| delay function| Submit function| Suggest string| path function| hoverTab function| outTab function| executeTab function| showTabData number| scrollPage object| api function| SetScrollPage function| DoPrev function| GoNext object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __twttrll object| twttr object| __twttr function| log object| _VLIOBJ string| tagApi object| viAPItag function| __tcfapi function| __uspapi boolean| _isUserInEU boolean| _isUserInUS object| observeElementInViewport function| vlPlayer object| googletag object| ggeac object| google_js_reporting_queue object| $sf object| regeneratorRuntime function| __tcfapiui object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google function| vlipbChunk object| vlipb object| _pbjsGlobals string| nobidVersion object| nobid function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing function| z1xx function| M5vv function| R5aa function| w1xx function| T9II function| setImmediate function| clearImmediate object| _rhat4 string| _p function| Owr8018Xg289 function| _bp function| h144 function| O6QQ function| a6rr function| t144 object| pubIframe function| getPubIframe function| startFlow function| endFlow function| labsOverlayClicked

21 Cookies

Domain/Path Name / Value
.pubmatic.com/ Name: PugT
Value: 1624353480
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-9048f4b9-485f-47a0-a619-40962149104d&KRTB&22918-9048f4b9-485f-47a0-a619-40962149104d&KRTB&23031-9048f4b9-485f-47a0-a619-40962149104d
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5939490055835893043&KRTB&23263-5939490055835893043
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:32ee60d1-aac2-4500-839a-4750cdd0861a&KRTB&16736-uid:32ee60d1-aac2-4500-839a-4750cdd0861a&KRTB&23019-uid:32ee60d1-aac2-4500-839a-4750cdd0861a&KRTB&23114-uid:32ee60d1-aac2-4500-839a-4750cdd0861a
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-1811983543594905929
.pubmatic.com/ Name: PUBMDCID
Value: 3
.adform.net/ Name: uid
Value: 6084000926979813829
.casalemedia.com/ Name: CMST
Value: YNGqwWDRqsgA
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1808910678779486814
.pubmatic.com/ Name: SyncRTB3
Value: 1625529600%3A3_71_161_7_54_56_220_21_13%7C1625616000%3A35
.pubmatic.com/ Name: DPSync3
Value: 1625529600%3A201_197_219%7C1624406400%3A174
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEI-7aSB595y4z7q6U7HB718&KRTB&16514-CAESEI-7aSB595y4z7q6U7HB718&KRTB&23025-CAESEI-7aSB595y4z7q6U7HB718
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 25BE928C-91AC-4A8E-A5AA-467F3F9F45BA
.casalemedia.com/ Name: CMID
Value: YNGqwZpQzfu-ft0J-vesqgAA
.casalemedia.com/ Name: CMPRO
Value: 1149
.casalemedia.com/ Name: CMPS
Value: 3204
.pubmatic.com/ Name: SPugT
Value: 1624353474
.casalemedia.com/ Name: CMRUM3
Value: 5a60d1aac22760657DA4341BA84D3FBAE1E9FD88A9E3FE&2760d1aac10b40&8260d1aac32760AAAn9E7Bo1YAADf4JQroRw&5160d1aac12760Pvosv2mrK78l-S3sbvhl6z__Krol_3G_P_rojl1P&9860d1aac4276032fcf986-060a-470c-971d-d5a62041a14c&e660d1aac12760&da60d1aac12760&2f60d1aac327605zDWHyoD1LVCxB5&2e60d1aac105a0&f160d1aac105a0&ce60d1aac105a0&2d60d1aac82760CAESEG5C9C6wxPgESRHYejMPjZ4&0460d1aac127603225279588603495307&3960d1aac327601870471596111178827&0360d1aac227602bc360d1-aac2-4e00-b0e5-3af48433d961&c360d1aac12760av-13e07987-f1ba-4af5-8be1-e5db2f624a20&0d60d1aac3276006612204077486095ca2cfc6
.quantumdex.io/ Name: uid
Value: 848dccc1-1b21-4357-a314-a06ee93ff2a0

3 Console Messages

Source Level URL
Text
console-api error URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js(Line 439)
Message:
TypeError: Cannot read property 'getItem' of null
console-api log URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api log URL: https://tag.vlitag.com/v1/1624350011/064b31ebe1436b09c01ac0d0c8ea96d0.js(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ad4m.at
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
ap.lijit.com
assets.vlitag.com
audiencedata.im-apps.net
c1.adform.net
casale-match.dotomi.com
cdn.jsdelivr.net
cm.g.doubleclick.net
code.jquery.com
cs.admanmedia.com
cs.gssprt.jp
d5p.de17a.com
dis.criteo.com
dmp.brand-display.com
dmp.im-apps.net
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
g.c.appier.net
graniteacquitcharacteristic.com
ialaddin.genieesspv.jp
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
js.genieessp.com
kimcartoon.li
kimcartoon.to
match.adsrvr.org
match.prod.bidr.io
ms.quantumdex.io
mwzeom.zeotap.com
mybetterdl.com
nep.advangelists.com
onetag-sys.com
p.rfihub.com
p375584.clksite.com
p375584.mycdn.co
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
propellerads.com
pubmatic.com
rt.gsspat.jp
s.amazon-adsystem.com
scontent-frx5-1.xx.fbcdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
services.vlitag.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stats.vlitag.com
sync.adotmob.com
sync.crwdcntrl.net
sync.extend.tv
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
syndication.twitter.com
tag.vlitag.com
toeschistache.com
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
www.bebi.com
www.facebook.com
www.getawesome10.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
cs.gssprt.jp
ialaddin.genieesspv.jp
js.genieessp.com
104.22.72.85
104.244.42.72
13.248.242.197
136.144.59.88
142.250.181.226
142.250.186.130
153.254.173.146
169.50.137.190
172.105.232.22
173.192.101.24
178.162.133.149
178.250.2.151
18.156.0.31
18.197.47.23
18.214.201.148
185.104.210.16
185.183.112.148
185.184.8.65
185.29.133.52
185.33.221.13
185.64.189.110
185.64.189.114
185.64.190.78
185.64.190.80
192.243.59.12
193.0.160.128
2.18.233.180
2.18.234.21
2.18.234.233
2001:4de0:ac18::1:a:1a
2001:678:cb4:bbbb::11
202.47.25.67
213.155.156.167
222.230.178.20
2600:1901:0:e207::
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:1857
2606:4700:20::681a:34e
2606:4700:20::681a:ba7
2606:4700:20::681a:eee
2606:4700:20::ac43:4597
2606:4700:3030::ac43:ca25
2606:4700:3031::6815:5f7f
2606:4700:3039::6815:c034
2606:4700::6810:5514
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:827::2008
2a02:26f0:6c00::210:bb90
2a02:fa8:8806:13::1370
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.123.143.157
35.241.40.233
37.157.6.252
5.178.65.245
51.210.112.63
51.68.186.35
51.89.9.251
52.19.195.165
52.2.43.18
52.208.167.91
52.48.248.240
52.94.232.32
54.198.69.15
61.213.187.173
67.202.110.23
72.251.249.9
88.214.206.247
94.31.29.128
0131224e6d4ee3df71952ea0293cc3c4a179505da607333bbb3cf94ffeebcb85
017602605e734c453272401eb659211450072d457c4be57e04a42fd95199a18f
02fe7d91d1158027ef13c051d8289781b4b849a7a3595fce782d958c82aa2b38
0717c315cd8271bfcdc743539f6dd5650f4181a7a5b08facc38df2893de3e3eb
07b968f6566378b91936898db46bf0c5024513658194a8f66aa4847fd9840b3d
08588345887e514fb8f17c1f959abfe4a46d2772360ccdaa2d916925915f7d78
0a97514722de8ae5975077745ae7cf17543bb809e20a85ce4afa57ef61ff26b9
0b7b0a2762ce7182456b16464e33f025e9a24a4274b1df5d5a06694fd2baefa9
0c595e074c10f86b519d082fc7b73c38df7939b175782012a549d19029647749
0d084b4d472ec86be4179de9fd0edd0196428f0b63f582c2709e51e1fe1a1c73
0f0d3900c03bbc45f0ff9a18c720d9b3d048f52db3e620cc93d094e8a3df3c53
10823aa5ea5ae05fed2f5493c17dffb63b5787cfe80c61d26ed02ea0c4c1deb1
1150dbdd179d43374fa3e8bafb9f810a733be07e131a63eb8bf135f6785435fd
12e5d533bdf3f2290b64b6fe3305592b8c6200c16a1f1f2647550a26b4cec447
13255ad9eeb21f9a840219e59064870f646b3535ddc3a949601885dc67dc756f
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
19b3b078d698b044507e8472461528a783c526580a08ba6287537f3f9fc38a7b
1a9163963ae4e7fae1d0aef79cd92d029b29843766ce501c764fc91092b2c314
1bc0a5b35eabe7e056ae4f57e798c92415310942a93deb703f6e985cea44792f
20aee8d80ee838e99d01de9b1d0308999080ae8eae2c0243f91b24f73391d317
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2317f2ec94517e7420f203f8e7bbc3368011d549f1b9ef9d739a37407d3164f2
239945bc7788464d88fc9ec74d7a25ec8a1301c09f206a4932ea08fe2a66a5fb
2a05d63372739f664f358e0225b64d59e9a75a214478a21d5bac73428d751f20
2aad1dea74398906714d858498fcf050795f15a08fac55ce829a107393b5cfa6
3134714d7906107e85e89a78715bd72357883bc0a057ab2ae2d316820c9ae1dd
33dde796b53c2fc9b199011b4e14637d178593b54db89aa7e54389c2507925a7
33fa54efce746e49810171fdb06583067379d8866b1fd11eff53902430509af5
34db023a3a5e9109b4be18e51392d33747ed7e9e8eb29995ad99f9823df1ec62
34e0e0a15150f30ff3af9a12dac2786b99f7ede6a470dd9a2f2d798fff6f2844
3764e9c02cc33dbd4242c588f2d4898594c5e46bf3650d8c55f4d93d69b462cd
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3c8d7f8904463be99a2ef498a646224f1e617731e2ecd343a51a15e95eb518c8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f71f0a68c4e86347110d217130e4be29f8ea65b20de5e46b3c36d545b63af20
3fa0fa4e3df51fb5c261e30d253d9c03441cfa27ed37f4a70f0666bde29fb21f
44a8393f54300763f4cf0b27e7786e65db2c3711f2e3774ebe5ff762122a14c2
45be50e28b2a693f1520f2c7cc90ecb54bfc95b4ba8093af4a95002574abad85
46a08875424dcbf8042205582cebb7c52a36d744f72a9258c41b9c4f4516b24e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4c4790aa97ae3e37eb907eeb3aafb0363302bbc783cda03926c97112c49717d7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e246bac944dc8cb65009d45604e66f5bcf8b96b27b1f12ab8048f2d2a684947
4e3d4949e651cab52f30bf53b2503921e1f9b9b3f9ffef63939b13132556e47f
4f5ec84dd64372a0e0b363ec65053266a445c83ff2a09f63e03970a01c2d8749
4fa74dd9dcb3b524415e79dee8f58dcde251c291c3047f736492ac944e607b58
509b1babc6919d1841909a1dd945239fe1455e5b507adb446fd97d3545ec4f50
522fcf7edad25c53f9931e20f4900a7e33e7f5063e1296460d9ea8193f22ca7c
525de37019a193567ba66fecc5a72c7fa3f82698365ea7b77a8a56176f001a0c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54de12feff80bc3034f49bdd8638836a31dbd5f9778cebe57992ce2f60218f40
550313a0d81969bf43c6c951adde23965113af7048bb040a554682a7b3718e6c
58226e498bdf3ffebf70debb9d017f73adc1ff350d1c34af18921e826111915c
5992827f94b027807e68b98f98da90d8be5bdf838a86581d5739fe6f07b571bc
5cce2306a2b7a641280a0e61d53b3cd645edb91d9389edaa2ba961a29337cfc0
5e2d6cde540a3ec53262aba8013bcf3d467dff7c773ccb1fa9abf0e61b467f0b
5f02b2354eb23c578b393ccd9bb370e7bad0f456309ee5071c337d14201a6e4e
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
601c132e9224f8fee3f1fe76a5b1bbfc13bfca932849ffa5ee2b09c350bfd4cf
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
66d21fa22c441eac50abdd7163ebb164107c90cecb3ce0a87d0014b97c7660b6
672ee93fa92bd7023c85efbf05a63134150818532ec650e4409c79cafede4f49
694cbfe5a568a8fa0edddea7dd06534e0434dde2c01fbc0ea79a2b3a5b83b3c8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dd8f9961f6a5c10a8d1cd75f6609999feb143e9585ae427f08f90c7028c974b
6f3918dd608d730b8e4731f0c6057bf405a1498b15155eba4e22ad9a4c4d9a66
71a2a4d8fbad1e1d22220938e000c7a7f1ba19a0fe072206280f3aee7e6a8c0f
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
74938ec91786bf2536964dc687293728899f2ef49f562428b58b74a34ae94157
74a68024cd95156e421483199ca2b204cb4c5f30381352cce69a1f5f7338cd8e
7582e40f59b95bf52549f14817b33ef6c5ab68b4a7939c190dc8659a30caee2c
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
7ae50713261aba1a94afe26df21e722fa3c82a4eb136b4f95a95b50edc10bcf8
7dcf7afdaabf09c243f76cf35405387257564d34590888f4008028a739c270ad
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85fd3db1b489f92acfd7d781945ddabd5478af6a9d8a5089bd6c476994c9a560
872ef2eb7e062c1cea3fb5e7a4c1e5553818d68fc2d0b476c3af20baae42df89
882debb607c47e7d1bc6a2b3e27a4ddda3ceac685567bc229ce4f1f0a0db2b26
886431596bf713cdb2c018c6e97f1fa3141a6134fafc9723e5ec6d97c40e5850
892446b6fc7ec9f18e9adb42e84bd178d3bfa714adcddda3112e9016e6a422ea
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e37fa4374ea2eb30da2b68ae891d8e8ec9955e1cade2c2d500651e92c447bcf
8ec1e2719b3c03a79e9434b8e34fe24fcc059d65a6c69565602673109c47d553
908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21
929fbf02c20ca0bd4c17be08a3ffe5f0306b7362357413efb44fcce3a894d737
92e3577523bda5413fa3d9b324eef4248416f70f95cfac5090ede23969ed9f05
95912cce26c1216a8557ff4eea3af3c44c59a0c9b76566fc9ed95066a0f9906b
9ac3d5c3304b0bea0841274d96097a2ce348bc46e544499ef4e9803211816638
9e1287230142ea2742f533d0a278c4067b1693f59055a986dcadead4f5200ce2
9e22635da0cc43dd962c2c6f355e54de93fb7fd8080d25f01f628986c7c77bcf
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a06db8dd7c05e79c587945cb8e38c2506a83c2e34177083d15a7d21a529e3744
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a1a527bea817e86dcce6a64fa1505b274a221ef954370eaab51e373036d75f22
a6de83c8e74656756d7604e8240718bff48718ca8cd6c86d1e962d47e1c0ed62
a7087436cb374d78d4737301b09a6da27786486738298e70efb79317cb1773c0
a70d11139b55758bf7050152f5707babaf9f7abe71a7d00a1406c67b1ec31703
a77934c9ba958163b297b2adf4eeab588ef21268f594e45bcee29905c632b269
a816e1c7a0d46cedc6beb532f93486f740aa44ca1d8377de2b6e8b1fe127fa2d
a8fe0495bf1b05f19974ba77a74cebdf60579e3442ef915d75813bbc7b692a9a
a975180709786e8cb1207381cd146ae131a5d57be1910fc249507b424a64cbb0
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b087fa4289ff1b61934d2a04f72cb25b22b605b5d6383f29d14e3587a908acae
b0b8fd2914c47e70c733bb0bf2c65edcb6e949ab81a3a570d7013186fd7c3e10
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b25f693880a21d4a9b7ab43071f3808ee93ab04038a5f812a22949297bfd2829
b28adeacc32ef2e6ec9eb10c10dd34af58c7de59dec50a21614af19a4e988751
b3408a1b744ce1351e9554b861c45480f39e54c059f3b11f4e77f9f13564ba4f
b380ce5ab5189c126b53a04545ac12662f5ea4f26ebcafd7e8a7bd3a97f8c24b
b656aa45e2fb0d8ce149c3e632721facc3c3f25078d1ab3dc423c1e410f2d0af
b6afa8f1995500b9f72a6c05ad68ca1d1b071e424828a7307014fc4216488ca0
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
b994133297ed4f0928bb896cefd1a915ef7c56f05196329a68dc926b5410eecb
ba233b29c19c0e9fc90d01b572c05cbc0844ba9595eca12d66f704ffbfa13424
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
be60df08d3dbb55a9354bfee50dbce87d57372552f622e36ba5e1228d7f67d69
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bee42feb2d9663cec71c9bba3f83b1f5f4d11d4301e28b70a63557c969b50074
c11f1cec06c69c237928042b78478710aa885d4ab893576fab3586c782dfbe1a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c73e1d1365aca4ebfc26951028e3b0ab9e8016100122bb3ad8a65868744b3107
cb3bf54962b37b247aebca62a8ee45c582feb5223ca57c71d34511c9b86a9c82
cc51ffe1d64b9df77fbcffab2c0b8db5a1b495a8addfa1b43410389a424e9850
ceda705c91986f440cc05a43fc167c8160c05a2fedc33629bf523f6689f2f749
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfcb6186cbc21da31394ea02ef26d887a9cea9cd2ab7c086a2bda369b1bc51bc
d430e424beaf45f77abdd3a6cbee70b1f357cf7d6fa3fd591a007ee3034e6832
d4a9352722d0ba4602b6398fe1a8447ce2755c87b90b38eb61573d3d9e6cce51
d4c0f72d6ddb57339934c8341bec057505c3b46482f300349cd4d468f61090c2
d5a915d50f69eefcd76b8b57ce8b439080c67d16fb77def91b9d6ba947d662c6
d660eab52c2636d2de2a42173f071af45892b035a5fe65a0b4691b84d8a55495
d722d08a44bdbfcc237a83e6e37e8f56b7bfd9be544d19368f45ef12ce5a09c1
dbdf7fd81553e40a82bf966a57ac6522bd38e528d6ceb770bc0ab5a02789ed96
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e
dfc4759aebb70395e2f794adf96b3c441a2b8dcdc2ecfc6de1ecbe53548f1d33
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88
e09909f9e8b5852bb9899351b7ea51a94f51e55ba2f1f7e8c64667be6f3c5d34
e09e2ceb758d702fa96e5207bc655668d611e7788af0db8a4302dac270dfeff4
e0d9ef7bff4daca66632d6a883852d4e7120a840bcc700ad3c57d46ac5aa4222
e11e5b545c945273300b9eea5835e2735eb06781ee9e879f90dd8ed9522052c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b643d52d6d85b078d4b49601529984ba697a08cb1a802a92dd29457d8ff9c2
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ed94ab681852a6c3e75018648f13fb1ade2cbab0ee22219321cf51a785e3b552
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d058b839840c84cb123a13a1d2b558e4ac173bccd96d653991b85ca3accf24
f2f073d4eba135b4c2d7059355ca69f8e8148a1501b6e8cc3d5821b92033f74f
f65066f6db9765ba6900cae0fc7e207ef9e96505d009430cd2d96a8324eba80c
f6848602ae544be3979f9ae0d1cd68f78748e10ce6f513bf782aa136e02d8a9d
f8b6378636d588393a8db892e3259547b058bc40c9005615f7c91dc67dc7dcea
f92c4e1346a6468e9130b9fcfcca7dd1e13411077fd13a8760feb4006b9972e0
fa42490e2190c44529231d3a40b32a44f92052cf5bb041cf60b7803b19b95b95
fa4f416dc8f8de74af85ad0a003a50868d57f6c1d49230eb3ecd1bd7618a80fa
ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce