URL: https://www.mhgui.com/comic/35579/488749.html
Submission Tags: falconsandbox
Submission: On June 28 via api from US — Scanned from DE

Summary

This website contacted 26 IPs in 6 countries across 18 domains to perform 160 HTTP transactions. The main IP is 107.189.11.167, located in Luxembourg, Luxembourg and belongs to PONYNET, US. The main domain is www.mhgui.com.
TLS certificate: Issued by R3 on June 1st 2022. Valid for: 3 months.
This is the only time www.mhgui.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 107.189.11.167 53667 (PONYNET)
16 104.24.8.56 13335 (CLOUDFLAR...)
9 172.217.23.98 15169 (GOOGLE)
2 128.1.164.123 21859 (ZEN-ECN)
1 142.91.159.140 7979 (SERVERS-COM)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
16 52.222.214.115 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
15 2606:4700:20:... 13335 (CLOUDFLAR...)
2 51.38.120.206 16276 (OVH)
15 178.250.2.131 44788 (ASN-CRITE...)
10 185.64.189.112 62713 (AS-PUBMATIC)
15 185.33.220.243 29990 (ASN-APPNEX)
15 185.86.138.123 201081 (SMARTADSE...)
16 35.244.159.8 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 198.47.127.18 3257 (GTT-BACKB...)
1 178.250.2.146 44788 (ASN-CRITE...)
160 26
Apex Domain
Subdomains
Transfer
18 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 744
gum.criteo.com — Cisco Umbrella Rank: 391
mug.criteo.com — Cisco Umbrella Rank: 2727
11 KB
16 openx.net
adpone-d.openx.net — Cisco Umbrella Rank: 17579
u.openx.net — Cisco Umbrella Rank: 710
2 KB
16 powferads.com
powferads.com — Cisco Umbrella Rank: 366356
49 KB
16 hamreus.com
cf.hamreus.com — Cisco Umbrella Rank: 362134
142 KB
15 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1366
5 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 244
11 KB
15 adpone.com
hb.adpone.com — Cisco Umbrella Rank: 20583
2 MB
11 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 520
image8.pubmatic.com — Cisco Umbrella Rank: 590
679 B
9 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
319 KB
8 googlesyndication.com
c332e870e0ce9ed51437c35b07cb8ad7.safeframe.googlesyndication.com Failed
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
d21956dcd577cb64f6bada32bad6be76.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
40 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 92
www.google.com — Cisco Umbrella Rank: 8
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 606
56 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 820
3 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 7751
914 B
2 ggweb.net
jy.ggweb.net — Cisco Umbrella Rank: 441208 Failed
893 B
2 mhgui.com
www.mhgui.com
4 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 179
43 KB
1 maniconclavis.com
maniconclavis.com
160 18
Domain Requested by
16 powferads.com www.mhgui.com
powferads.com
16 cf.hamreus.com www.mhgui.com
cf.hamreus.com
15 adpone-d.openx.net hb.adpone.com
15 prg.smartadserver.com hb.adpone.com
15 ib.adnxs.com hb.adpone.com
15 bidder.criteo.com hb.adpone.com
15 hb.adpone.com powferads.com
10 hbopenbid.pubmatic.com hb.adpone.com
9 securepubads.g.doubleclick.net www.mhgui.com
securepubads.g.doubleclick.net
www.googletagservices.com
powferads.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 gum.criteo.com 1 redirects static.criteo.net
2 static.criteo.net hb.adpone.com
static.criteo.net
2 onetag-sys.com powferads.com
onetag-sys.com
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 jy.ggweb.net www.mhgui.com
2 www.mhgui.com cf.hamreus.com
1 mug.criteo.com
1 image8.pubmatic.com
1 u.openx.net
1 www.google.com tpc.googlesyndication.com
1 d21956dcd577cb64f6bada32bad6be76.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.googletagservices.com securepubads.g.doubleclick.net
1 maniconclavis.com www.mhgui.com
0 c332e870e0ce9ed51437c35b07cb8ad7.safeframe.googlesyndication.com Failed securepubads.g.doubleclick.net
160 26

This site contains no links.

Subject Issuer Validity Valid
hamreus.com
R3
2022-06-01 -
2022-08-30
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-16 -
2023-06-16
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
jy.ggweb.net
R3
2022-04-27 -
2022-07-26
3 months crt.sh
maniconclavis.com
R3
2022-05-26 -
2022-08-24
3 months crt.sh
*.google.de
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
powferads.com
Amazon
2021-09-16 -
2022-10-15
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-15 -
2022-09-18
3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2021-08-04 -
2022-09-04
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
www.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-21 -
2022-09-23
3 months crt.sh

This page contains 22 frames:

Primary Page: https://www.mhgui.com/comic/35579/488749.html
Frame ID: 88FE00A4B446D416EBCB399674AF9501
Requests: 34 HTTP requests in this frame

Frame: https://c332e870e0ce9ed51437c35b07cb8ad7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 81000CCEB9AAC4F86418FA3389572F6A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 0039CD06819F2C91661AE5B0B9DA5403
Requests: 18 HTTP requests in this frame

Frame: https://powferads.com/r/p.html?f=djzn&e=1854815432745
Frame ID: EB60D401E84A4251237B3F8ACD7C7DBE
Requests: 7 HTTP requests in this frame

Frame: https://powferads.com/r/p.html?f=agktfd&e=1854815432745
Frame ID: 655D5CFFBB52E136662AE72F505E7258
Requests: 7 HTTP requests in this frame

Frame: https://powferads.com/r/p.html?f=xqmeiyw&e=1854815432745
Frame ID: A611CA14BAB191C06589A6DC9E39B9AA
Requests: 7 HTTP requests in this frame

Frame: https://powferads.com/r/p.html?f=fnvccqyu&e=1854815432745
Frame ID: D96753008A68F3C0CF0578AA4023E4A0
Requests: 7 HTTP requests in this frame

Frame: https://powferads.com/r/p.html?f=vbnsneq&e=1854815432745
Frame ID: C7919D68766487F18D447B962370AE5C
Requests: 7 HTTP requests in this frame

Frame: https://powferads.com/r/p.html?f=cfykwb&e=1854815432745
Frame ID: 652E58F98559D7CB72F6E05ECFE502A0
Requests: 7 HTTP requests in this frame

Frame: https://powferads.com/r/p.html?f=zdhizagyp&e=1854815432745
Frame ID: 39BD1F10453FD6E86E5FB586331C09D8
Requests: 7 HTTP requests in this frame

Frame: https://powferads.com/r/p.html?f=vhsxoa&e=1854815432745
Frame ID: 7A36823E6D61B57BCDC7471D3A7D510A
Requests: 7 HTTP requests in this frame

Frame: https://powferads.com/r/p.html?f=dxabdyfbyn&e=1854815432745
Frame ID: F10F17DCCD9CE382ED21977ED1A0C16D
Requests: 7 HTTP requests in this frame

Frame: https://powferads.com/r/p.html?f=kcctggf&e=1854815432745
Frame ID: 7F2A3E29C4808FF25CBD8CC1CFA8F68D
Requests: 7 HTTP requests in this frame

Frame: https://powferads.com/r/p.html?f=xwjknlz&e=1854815432745
Frame ID: 5A97ABC92AF0A60DF2A1F163470329DB
Requests: 7 HTTP requests in this frame

Frame: https://powferads.com/r/p.html?f=fznyjwas&e=1854815432745
Frame ID: F0101CE99F3877138793A9C8953364F4
Requests: 7 HTTP requests in this frame

Frame: https://powferads.com/r/p.html?f=ahhkzvw&e=1854815432745
Frame ID: C57971C662B2DACAF82E74E596B5D7EC
Requests: 7 HTTP requests in this frame

Frame: https://powferads.com/r/p.html?f=dniwvlci&e=1854815432745
Frame ID: 4AFE77F5A5CA668556C434A9A4160A4E
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/tag/adserverPlacement.js
Frame ID: 7ACBAD0F9A7C158E78B9095E0569C40E
Requests: 2 HTTP requests in this frame

Frame: https://d21956dcd577cb64f6bada32bad6be76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: FE5A9B837CEC5F6CE933790E83DE25AA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B4A0BEC6E5C396A741881EE4FC13A03F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D1F13AE228A1E7C6B05BA953B717C903
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.mhgui.com
Frame ID: 52E725CF69A215B7693AAC4217F3BC99
Requests: 2 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Page Statistics

160
Requests

95 %
HTTPS

44 %
IPv6

18
Domains

26
Subdomains

26
IPs

6
Countries

2233 kB
Transfer

7349 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 159
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mhgui.com&sn=ChromeSyncframe&so=0&topUrl=www.mhgui.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=5JPBhnxDK2ZYTGVxVUYwOENWMzZ6b3k0eGFSNXBnZEIraWM2eDQ4My9BYzNJK0t3a00vZWhPdTZVM1k1RXREWGN4R29oc0YvM1cvR05LeDAzRUpKK2gvTFlRd2NPWWFGUzhPcnVncU94QnhodHQ1RElDSCtPeHRLU2JWY2U5YU5HS2Jxa2hhV3lpTEoxU25lRHZjZ2k0Ris0Vi9Kdzc1TXpGazRhT0ZuK3ZicWpTS3VRS3F6QWgzc0lrWTdFQzhLd2pYaWZhTlVSVisyRlM0c0RlNlNheTdYUDRjODNjMVNqaXlNTExOTTRCRnY4Mi9hUXd2M05DYjRvVzdMRlMrNlJ1N2ZXQXhyTEgwaEtNd3FIOFRQU0YzMUpkZz09fA&cppv=2

160 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 488749.html
www.mhgui.com/comic/35579/
7 KB
4 KB
Document
General
Full URL
https://www.mhgui.com/comic/35579/488749.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.189.11.167 Luxembourg, Luxembourg, ASN53667 (PONYNET, US),
Reverse DNS
smtp3.dsfdsanet.com
Software
nginx/1.18.0 / SEEMH.COM
Resource Hash
b52b2a5d3a8c8149f251b2b79ac68ed6eac3e7eb8b3642b0eaa3392837dbd5ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 28 Jun 2022 13:53:31 GMT
expires
Tue, 28 Jun 2022 14:53:31 GMT
server
nginx/1.18.0
strict-transport-security
max-age=31536000; includeSubDomains;preload
x-cache
HIT
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
SEEMH.COM
detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
cf.hamreus.com/css/
26 KB
7 KB
Stylesheet
General
Full URL
https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
Requested by
Host: www.mhgui.com
URL: https://www.mhgui.com/comic/35579/488749.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / SEEMH.COM
Resource Hash
2c1874a430d05d260c5378da7f9df2b4fe347f7e31f7a65072168980a0dd873b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13328165
x-powered-by
SEEMH.COM
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 22 Sep 2020 00:54:20 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"c92eafe77a90d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v41mp4HyLzN%2F0v0n%2BnyozDDP9YWfVkoJJjllt45fEq6ahJ%2FkQ6POyTAA4yrf9A7WAR4tEnoVsfvRm4kveDGIxGkDEWAsEujpObjdLzJgCSel5VF37oC%2F6Os5j%2FeOSzmLlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
7226e8be3eb19b74-FRA
expires
Wed, 25 Jan 2023 07:37:26 GMT
config_5F5A8A8B46A7B711EC3579AFD755010FA8E85725.js
cf.hamreus.com/scripts/
107 KB
39 KB
Script
General
Full URL
https://cf.hamreus.com/scripts/config_5F5A8A8B46A7B711EC3579AFD755010FA8E85725.js
Requested by
Host: www.mhgui.com
URL: https://www.mhgui.com/comic/35579/488749.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / SEEMH.COM
Resource Hash
30dea500a4657accba196909831f0e21a6ad970c8595cc1a87e1c7e16bfe9c6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13328165
x-powered-by
SEEMH.COM
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 22 Sep 2020 00:54:20 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"62dcee77a90d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFColJolGdcb%2B1Y%2FyrVGmlLX1HbrHkKOEy%2BOVzg8Hox9%2FVn4BpfoQF6Go%2FCXdvCQSiIJa8HypCxZ0gMfUelHy9N%2Bs3l%2F2fKG%2FU4sbOI%2FNHd%2F82wmGqT%2Bzm9grDNiW5SeNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7226e8be3eb39b74-FRA
expires
Wed, 25 Jan 2023 07:37:26 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
82 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.mhgui.com
URL: https://www.mhgui.com/comic/35579/488749.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
sffe /
Resource Hash
a10096d0498acb78bfdb3895ae10480f3a8acdac6f0c6a2784f9c5b761ff97fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28123
x-xss-protection
0
server
sffe
etag
"1257 / 565 of 1000 / last-modified: 1656414245"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Jun 2022 13:53:32 GMT
core_56AFF1CE2CD4BB51042F4E75454BE093FF9628A3.js
cf.hamreus.com/scripts/
91 KB
32 KB
Script
General
Full URL
https://cf.hamreus.com/scripts/core_56AFF1CE2CD4BB51042F4E75454BE093FF9628A3.js
Requested by
Host: www.mhgui.com
URL: https://www.mhgui.com/comic/35579/488749.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / SEEMH.COM
Resource Hash
fd5cd13534db869dfea94721722a5048d2ad25c8024b38eeb2f7821910f0ce7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13328165
x-powered-by
SEEMH.COM
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Dec 2021 08:38:32 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"638450d145ebd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHoYJwip4BD%2BiPWZ3vfRYYSBvTLzYRMIyXAIX5JMj5XCS1yQqOQ%2BHM7Tf%2BdazXLY54b6OfG1tfDTKVPizhXfsLoBlQ1UN9%2FHDN1XDVxiaKSnbtC2jUAm10PJOCwj8x4WpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7226e8be3eb49b74-FRA
expires
Wed, 25 Jan 2023 07:37:26 GMT
k1.js
jy.ggweb.net/ikanman/
0
0

k2.js
jy.ggweb.net/ikanman/
158 B
339 B
Script
General
Full URL
https://jy.ggweb.net/ikanman/k2.js
Requested by
Host: www.mhgui.com
URL: https://www.mhgui.com/comic/35579/488749.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.1.164.123 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
nginx /
Resource Hash
f7a872d478df96263f9ffba7cd6261d1e702a1bfa2463f190688c6fb5f04d497

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:54:28 GMT
last-modified
Tue, 03 Mar 2020 05:53:39 GMT
server
nginx
etag
"5e5df0e3-9e"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
158
expires
Wed, 29 Jun 2022 01:54:28 GMT
k3.js
jy.ggweb.net/ikanman/
372 B
554 B
Script
General
Full URL
https://jy.ggweb.net/ikanman/k3.js
Requested by
Host: www.mhgui.com
URL: https://www.mhgui.com/comic/35579/488749.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.1.164.123 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
nginx /
Resource Hash
2b351c4573f1f9cd561466548d826d3ecd55356978aec85f03783db0f5fad02c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:54:28 GMT
last-modified
Wed, 07 Oct 2020 12:53:25 GMT
server
nginx
etag
"5f7dba45-174"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
372
expires
Wed, 29 Jun 2022 01:54:28 GMT
51936
maniconclavis.com/tCS12MoUhS4Oi/
0
0
Script
General
Full URL
https://maniconclavis.com/tCS12MoUhS4Oi/51936
Requested by
Host: www.mhgui.com
URL: https://www.mhgui.com/comic/35579/488749.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
142.91.159.140 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

footer_94CEBDCA14854D61FE418A7A926D35AF879FBEC7.js
cf.hamreus.com/scripts/
1 KB
928 B
Script
General
Full URL
https://cf.hamreus.com/scripts/footer_94CEBDCA14854D61FE418A7A926D35AF879FBEC7.js
Requested by
Host: www.mhgui.com
URL: https://www.mhgui.com/comic/35579/488749.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / SEEMH.COM
Resource Hash
a83b1c05c0aaff77043cde10b34a552eba06418f13ef7a7d343129aad2fa01cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12793600
x-powered-by
SEEMH.COM
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 22 Sep 2020 00:54:20 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"2f35e87a90d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TL9l4AH1dN0uINZ16T4VWRUvqXD%2BUHd0EcQUPaf4nSR0XldtEFiI08NFj%2FhA%2BvqllQOAmK9SEg3fP%2BVbEMXafMFoTSjDfpL1KJJG%2BFGj7Bz1aewE9tpZanifMhr7cZIx%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7226e8be3eb79b74-FRA
expires
Tue, 31 Jan 2023 12:06:51 GMT
submit_ajax.ashx
www.mhgui.com/tools/
70 B
398 B
XHR
General
Full URL
https://www.mhgui.com/tools/submit_ajax.ashx?action=user_check_login
Requested by
Host: cf.hamreus.com
URL: https://cf.hamreus.com/scripts/config_5F5A8A8B46A7B711EC3579AFD755010FA8E85725.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.189.11.167 Luxembourg, Luxembourg, ASN53667 (PONYNET, US),
Reverse DNS
smtp3.dsfdsanet.com
Software
nginx/1.18.0 / SEEMH.COM
Resource Hash
5b36fc790be1246f322aeca41ad3c545ef46302b0c0f937b853a9f4509e15e57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.mhgui.com/comic/35579/488749.html
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0
x-powered-by
SEEMH.COM
x-frame-options
DENY
content-type
text/html; charset=utf-8
cache-control
no-cache
strict-transport-security
max-age=31536000; includeSubDomains;preload
expires
Tue, 28 Jun 2022 13:53:36 GMT
sprites.gif
cf.hamreus.com/images/show/
946 B
1 KB
Image
General
Full URL
https://cf.hamreus.com/images/show/sprites.gif
Requested by
Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / SEEMH.COM
Resource Hash
3ec348f7008b2fccd6cc39398578f397c833c06380fe90463191116d27027036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10366650
x-powered-by
SEEMH.COM
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
946
last-modified
Wed, 09 May 2018 04:30:38 GMT
server
cloudflare
x-frame-options
DENY
etag
"73d31c7b4ee7d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ODbCWJu3DsnYz2TwDk2mfox0NdLfOhkkZijxTJ0guVq%2FV4SwDMtG1DkhfkA%2BD3LHuhV8PUSkbsRlxHySYlSyrsShFZwX%2Fc93CPq%2FHeAOsi4WRNaaki9u0enzg1QkyExVpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7226e8bef8159b74-FRA
expires
Tue, 28 Feb 2023 14:16:02 GMT
logo_mini.gif
cf.hamreus.com/images/show/
3 KB
3 KB
Image
General
Full URL
https://cf.hamreus.com/images/show/logo_mini.gif
Requested by
Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / SEEMH.COM
Resource Hash
aa57468383b53d9b60458647e700cac69a75326752b41c9a6db4fdbab461a58c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13328165
x-powered-by
SEEMH.COM
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3244
last-modified
Wed, 09 May 2018 04:30:38 GMT
server
cloudflare
x-frame-options
DENY
etag
"c66877b4ee7d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8omeaMDlS99T7ihkkWI9DoWiUXWfPuSehmdID73lRuuw8G89Xx4HHjELQ5%2Bs9f0EqTDFjKgwjjKXh5Yf4fvgNGt6jLRhpBux3Gvbok20R5mSyJCpyZyQ4KGMjDj9h0Vung%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7226e8bef8179b74-FRA
expires
Wed, 25 Jan 2023 07:37:27 GMT
hot.gif
cf.hamreus.com/images/show/
231 B
861 B
Image
General
Full URL
https://cf.hamreus.com/images/show/hot.gif
Requested by
Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / SEEMH.COM
Resource Hash
753386321de142ccbfc747b2f5a0d21d32e5d1e79fcb878c608f1a49a11b3362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10340945
x-powered-by
SEEMH.COM
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
231
last-modified
Wed, 09 May 2018 04:30:39 GMT
server
cloudflare
x-frame-options
DENY
etag
"ead5b97b4ee7d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZ6tGLHan7pan3l9idI3IpYaMhwNCXYnc7xgb4eIlnxi02AgRmaYylbkGwwbRUIVA1MpwP0KJbUB4iMUoNiDr4EmvNGHAdkfFAybNrUGGW9gI8f927sHPYtuxM2zaXLVtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7226e8bef8189b74-FRA
expires
Tue, 28 Feb 2023 21:24:27 GMT
icons.png
cf.hamreus.com/images/show/
3 KB
3 KB
Image
General
Full URL
https://cf.hamreus.com/images/show/icons.png
Requested by
Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / SEEMH.COM
Resource Hash
119675abf3b276d4d21f7e21d6f4014726bc5c599d5e6bff6f227d7706b351e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10363518
x-powered-by
SEEMH.COM
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2710
last-modified
Wed, 09 May 2018 04:30:39 GMT
server
cloudflare
x-frame-options
DENY
etag
"bc6ba17b4ee7d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O04PfhRVDDR1UccFiiA7nzejwU4UWp7jeq5%2Bw08S9EvD8G3bQt8Z18P0FDVNshgMJQu1tUtVG3X8o%2B3RXbHzhlJmMvyUK7vT84xtSewcDpxsbiFGgBvgglMXOcINgLJr%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7226e8bef81a9b74-FRA
expires
Tue, 28 Feb 2023 15:08:14 GMT
nav_bg.png
cf.hamreus.com/images/show/
45 KB
45 KB
Image
General
Full URL
https://cf.hamreus.com/images/show/nav_bg.png
Requested by
Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / SEEMH.COM
Resource Hash
ac50e3f1b80e462d8bb974452d8d26d191a9614946b2b310a4f8def011abf5b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10366650
x-powered-by
SEEMH.COM
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45572
last-modified
Wed, 09 May 2018 04:30:38 GMT
server
cloudflare
x-frame-options
DENY
etag
"15d6787b4ee7d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9uwvAL8EiLaFJG6lGC0hf8ql6sTfQXoAuF7k6Yu%2BcPKmTHMJrfWgb%2B5pz2Boia77KwF%2FFZ9skUNrFvhf8NPl1Y2CRW9iHW7wkp2mRv3%2B6pxAfSMyjX1tzSQtcJYZ%2BfOuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7226e8bef81b9b74-FRA
expires
Tue, 28 Feb 2023 14:16:02 GMT
qr.png
cf.hamreus.com/images/show/
1 KB
2 KB
Image
General
Full URL
https://cf.hamreus.com/images/show/qr.png
Requested by
Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / SEEMH.COM
Resource Hash
fbfdfbb16fdf69da4dc68583466d74abe9f91b2716e79754c447e2d429ba9024
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13328165
x-powered-by
SEEMH.COM
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1269
last-modified
Wed, 09 May 2018 04:30:38 GMT
server
cloudflare
x-frame-options
DENY
etag
"4d5467b4ee7d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=La2p%2FC2s7cvk7Zu5F41gkmpkYGKVmeoGrJ7HZ5VHS2jhwp2DWvR3%2BPGj1S6RiIOq%2FIurUgNgQhu4uUst3gkH9H95kc1vLhbZqRDECj4wVJrWzqLXjqVkqFEeMsXcNTz5rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7226e8bf082b9b74-FRA
expires
Wed, 25 Jan 2023 07:37:27 GMT
speed.png
cf.hamreus.com/images/show/
531 B
861 B
Image
General
Full URL
https://cf.hamreus.com/images/show/speed.png
Requested by
Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / SEEMH.COM
Resource Hash
5a74841588b691df29fbb7da5975b01a1e2510159ea413a8b43a8fd6c9fd3d90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2925675
x-powered-by
SEEMH.COM
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
531
last-modified
Wed, 09 May 2018 04:30:38 GMT
server
cloudflare
x-frame-options
DENY
etag
"3cdc2a7b4ee7d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pq%2Bq7djWhcceKz2EdHA%2Bob4fyCA3GzOhF0IR2qJjamXBwY5FvBn4wHs6VEIWyPKNTed%2Fs%2FX%2Bli7T0kXayy3k34y9ovs585O9kfja2gEef4YsdjoSF9OgP2XL9ZvLBUGsFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7226e8bf082c9b74-FRA
expires
Thu, 25 May 2023 17:12:17 GMT
zoom_in.png
cf.hamreus.com/images/show/
858 B
1 KB
Image
General
Full URL
https://cf.hamreus.com/images/show/zoom_in.png
Requested by
Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / SEEMH.COM
Resource Hash
ea8d0aac0845198f8c36e8219e851e8518e587056a38b9339d92c13cf62e0ed8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13328165
x-powered-by
SEEMH.COM
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
858
last-modified
Wed, 09 May 2018 04:30:38 GMT
server
cloudflare
x-frame-options
DENY
etag
"1c141a7b4ee7d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1O18IpIc4LM3e27BZbVDh4MEuLRa3h2CUWmRUOjJUijFcnnx0qnyb4%2BWj9SVt2TsanFS6cjTdCFg1sPWQ9O7x5X%2BSAYlul%2B%2F3AjjrRVOlIUoFzuAULenwTfwXnYQS029Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7226e8bf082d9b74-FRA
expires
Wed, 25 Jan 2023 07:37:27 GMT
rotate.png
cf.hamreus.com/images/show/
1 KB
1 KB
Image
General
Full URL
https://cf.hamreus.com/images/show/rotate.png
Requested by
Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / SEEMH.COM
Resource Hash
4992ee1b6908be6313e5657dc00c9494188fad9097089c4116d4fb7d58a5fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13328165
x-powered-by
SEEMH.COM
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1116
last-modified
Wed, 09 May 2018 04:30:38 GMT
server
cloudflare
x-frame-options
DENY
etag
"813c357b4ee7d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q64%2F%2BrIenGOqN7nk%2BPRScbKtAo%2FZ4KcSHwYBPSZ0uoRSdLeIUS9d7cmQM%2BAGWcPhG7hq3%2BWXU07HMSnShtKND9QL4OL97BODd2cNMzqvJAKppSd3R7fdYGd%2B6b77NO%2BrhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7226e8bf082f9b74-FRA
expires
Wed, 25 Jan 2023 07:37:27 GMT
crop.png
cf.hamreus.com/images/show/
552 B
869 B
Image
General
Full URL
https://cf.hamreus.com/images/show/crop.png
Requested by
Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / SEEMH.COM
Resource Hash
623d93bd8398f1f481c4987347f04f7b3b41baaa59d0492ba07aec8b9ba26d65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13328165
x-powered-by
SEEMH.COM
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
552
last-modified
Wed, 09 May 2018 04:30:39 GMT
server
cloudflare
x-frame-options
DENY
etag
"2f7c87b4ee7d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hiO%2FAYZ0w3DovPOQAAU7%2BNGtGIJtder3pMfQwU48NlvnS2LBFJFAYWQByZPfDUFBYz1O7%2F6fLUTtw1AWyGFH1x055PfYX6x%2F4JUo5ucI8hvQDxffZRvGsL%2FeSPL%2F0G01ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7226e8bf08309b74-FRA
expires
Wed, 25 Jan 2023 07:37:27 GMT
gray.png
cf.hamreus.com/images/show/
617 B
1 KB
Image
General
Full URL
https://cf.hamreus.com/images/show/gray.png
Requested by
Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / SEEMH.COM
Resource Hash
1f105f94097f21d363113f45f66d3aff8d274009658dbab3b45f4a984d4288f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10346829
x-powered-by
SEEMH.COM
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
617
last-modified
Wed, 09 May 2018 04:30:39 GMT
server
cloudflare
x-frame-options
DENY
etag
"e2afc27b4ee7d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzDkLgbhgIWHRAG2qGcAJoOuossDay25%2F5gJkjpoBaJPP2oOygekPVnF8eSiVtzaUTlfMWyza3VxR9x523lBELQ2vzcdep6cv0OqDM5YfSw2s92Mzei7AH6YQiofPNgTSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7226e8bf08339b74-FRA
expires
Tue, 28 Feb 2023 19:46:23 GMT
img_loading.gif
cf.hamreus.com/images/
2 KB
2 KB
Image
General
Full URL
https://cf.hamreus.com/images/img_loading.gif
Requested by
Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / SEEMH.COM
Resource Hash
0f37e41cfd6ef708a4545e4187dfc56501a577c44e64f521ad18d736a8ee0a95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13328165
x-powered-by
SEEMH.COM
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1935
last-modified
Wed, 09 May 2018 04:30:27 GMT
server
cloudflare
x-frame-options
DENY
etag
"996ae4744ee7d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yR3a4Nr7B83tO6h6c12dTvHT0utdjeu7cgA8vprcHSJfRfyVx3NhuBpglLpGEWsoxchR9qlEvZyY7wHxjxweXZ9aenC004uPvBEBQC9Bi0vpdBlD5tWMBIjflBqo1GMytw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7226e8bf08349b74-FRA
expires
Wed, 25 Jan 2023 07:37:27 GMT
pubads_impl_2022062201.js
securepubads.g.doubleclick.net/gpt/
373 KB
126 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
sffe /
Resource Hash
a1ad79f8595bd0e292ee596db63d06f80e8a3ec4a6cf84621a4d2af673562a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:00:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3164
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129224
x-xss-protection
0
last-modified
Wed, 22 Jun 2022 08:35:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 28 Jun 2023 13:00:48 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
67 B
96 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.mhgui.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
d0bf019e6e8c3169956678b6c85da689fefb9fe4e2602a1e5173c98e67727f7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Jun 2022 13:53:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71
x-xss-protection
0
expires
Tue, 28 Jun 2022 13:53:32 GMT
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.mhgui.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Jun 2022 13:53:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.mhgui.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Jun 2022 13:53:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
20 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1611316543114514&correlator=534928043710002&eid=21068767%2C42531605&output=ldjh&gdfp_req=1&vrg=2022062201&ptt=17&impl=fif&iu_parts=22287008444%2C106__manhuagui.com__default__728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=2037322033&sfv=1-0-38&ecs=20220628&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1656424412387&lmt=1656424412&dlt=1656424411751&idt=614&biw=1600&bih=1200&adxs=436&adys=56&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.mhgui.com%2Fcomic%2F35579%2F488749.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=982x92&msz=728x-1&fws=4&ohw=982&ga_vid=1353456409.1656424412&ga_sid=1656424412&ga_hid=1812735780&ga_fc=false&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
52a03130678e1b05f9890420c890f9751d6476e16e1e990d1c132d5bd2cb1c67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
google-lineitem-id
5825885673
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138370466863
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mhgui.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c332e870e0ce9ed51437c35b07cb8ad7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8100
0
0

view
securepubads.g.doubleclick.net/pcs/
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7d-2ECRkKTxQmYHuOe3aBQzXyOO_tkZP2n8RvJRqTucnpFPf4eBMLMnzWN_iBGxnPjg0g8hZy1n6SdNCl4rrHWVk5Hgm_KhoAuwWJn-0rB__dVU8MzH3s0G07RoQHbvoWTt6GLq-_Oo3-2BoqM69d6cVCG6P2pUEh1iCJw26SX5bFTyM4GGQWWolnLs8LWVdyW6Xuq5i8pmzqGXn1FULColSgUQlyGwZdQu6s44E0uII7FVuQBLEIpPcDd4UVFiLuq0d6zwMmOnrVljlZJ9NM76iQ49LgC9prUAfldUHqv5WNSsSJFJFiynom51gKp0BVXPR18ekmAJA_B8avF4HEhWo7Eq7pLqU&sai=AMfl-YSNlFkSmWbfbga_VhQSBVG2iZHmZESo4Qw_gtXz0J1zk9W9H-zLfFhSpqauV05UEIko1lNTk0zL92yo4TCeRBRcqtPzRrxBHZWHl43V-t4sFo--1ngt_FQ4RDZjj34&sig=Cg0ArKJSzBW0CLe6YupnEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.mhgui.com
URL: https://www.mhgui.com/comic/35579/488749.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Jun 2022 13:53:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 28 Jun 2022 13:53:32 GMT
t.js
powferads.com/
50 KB
13 KB
Script
General
Full URL
https://powferads.com/t.js?i=yujdh4rkfrt85a9ke3xpd&cb=6400011656424412522
Requested by
Host: www.mhgui.com
URL: https://www.mhgui.com/comic/35579/488749.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
503d412afeac1d491ffa24c7987180acb0566276bcfd6548ddec830f275a3dbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
.iMxXyJRXFgK1l39tHW7Z2_LkLOk9i3.
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 20:56:53 GMT
server
AmazonS3
age
33545
etag
W/"e51b0b0330030a1014212d3aee493239"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
date
Tue, 28 Jun 2022 04:34:28 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
3u-51gb_WGt974V7eUTwJbvuzWrubViiRbh7B3o6e_4VQUVpHJF_Kw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/
138 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mhgui.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Jun 2022 13:53:32 GMT
yujdh4rkfrt85a9ke3xpd.json
powferads.com/c/
2 KB
2 KB
Fetch
General
Full URL
https://powferads.com/c/yujdh4rkfrt85a9ke3xpd.json
Requested by
Host: powferads.com
URL: https://powferads.com/t.js?i=yujdh4rkfrt85a9ke3xpd&cb=6400011656424412522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb7f7692ef3ca0996b5b70047659e745860ad2ba9081a1a06d7e9a45ef6f98c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
D_XLJowvNhhkaenO9i2hS39sE.0Kag0r
via
1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
etag
"149692c40347fafc1887c6a8ae098ee8"
age
32286
x-cache
Hit from cloudfront
content-length
1584
last-modified
Wed, 30 Mar 2022 12:28:07 GMT
server
AmazonS3
date
Tue, 28 Jun 2022 05:00:28 GMT
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
9YeWJKafxL3OHPlZkLyoPNNPTZSiTXnG3Z5jL6_d6hEcJRqnCkxoNQ==
truncated
/
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
feddc610c076b6ed29578483491eba0862c19988047373acfcab105998bc0f3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5dW1obkNJ4oU5wpZNub_XKmA6sGbv1WXWgSvXbwTN4Ao2F0cKLlXGrOq-GxUNzq6KdTKCZohrFBsyGQkIPXUeHtMTtILZGIJ_-bhR58JyUHhRrxkKe2KU6dWlMMPrushGl1s-k4yfwI5pvvIfM7Fei_dOsZGWV6YfyQpWDS-5kATf3ngt_u1ebdvaVgHrAWS-su9m5-8yCmZeQY4ZUrbpIIZzKK-xKyuOJMUs8JyXQibWG93ZsPLN7DayU89UYod3sNhPRarwU68kSEqAgCtrlCOKoVaX-F-_Su_-5_FPAKTUCYMxTRYP3Dp1Onzud4fhwLpoXAONnUq5OReYDL2RcANHzmyR5_CZQg&sai=AMfl-YTw2KWTwUPed7OPAIjvmRiAggRmDpHBzIVex1Obbl45vDw-eRUNrqc22XBqorOHnsS8oCZjtnktmdynQTG1b583Y-QsXLZFgqUtdH9-uKDYFwLDTfrPKiDGMXFeKb8&sig=Cg0ArKJSzGWvVCVOS4tWEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Jun 2022 13:53:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 28 Jun 2022 13:53:32 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 0039
82 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: powferads.com
URL: https://powferads.com/t.js?i=yujdh4rkfrt85a9ke3xpd&cb=6400011656424412522
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
sffe /
Resource Hash
219a851fcef653f69543e3b83d168cf4225d9434ee4946ca36016fef0b8e82f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28125
x-xss-protection
0
server
sffe
etag
"1257 / 135 of 1000 / last-modified: 1656414288"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Jun 2022 13:53:32 GMT
prebid6.15.0.js
hb.adpone.com/ Frame 0039
368 KB
103 KB
Script
General
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: powferads.com
URL: https://powferads.com/t.js?i=yujdh4rkfrt85a9ke3xpd&cb=6400011656424412522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2629
x-amz-request-id
29B71W28STY5CE6D
x-amz-id-2
Cot6Ekv6z9CuuYeOW/7XOBLCfk1mnh5oxejL7PQeQyyC7HZi8aX2QLqpkxIXKGKSQei8McyY8iE=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4bKnKYFSfV%2FMMLGRFCIqeyiczK46sNJ9mPXIaUTgg6MbVv8olHUoXqeb1r0v1383LCJCW24vtkhm%2BeQzDccxrziloRmhtEu4zE06xDTACn5uDLKu6swE%2FK5i2WAcbC6vq4Z3jqm3%2BzDT3%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
7226e8c4ca6bbbec-FRA
p.html
powferads.com/r/ Frame EB60
9 KB
2 KB
Document
General
Full URL
https://powferads.com/r/p.html?f=djzn&e=1854815432745
Requested by
Host: powferads.com
URL: https://powferads.com/t.js?i=yujdh4rkfrt85a9ke3xpd&cb=6400011656424412522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://www.mhgui.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39751
content-encoding
br
content-type
text/html
date
Tue, 28 Jun 2022 02:51:02 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-id
v9pHVzDaN7zt-7NGAaOp2j3T3FFd89b21JuFBh3elv0ssXGIgVyHUw==
x-amz-cf-pop
FRA56-P3
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
powferads.com/r/ Frame 655D
9 KB
2 KB
Document
General
Full URL
https://powferads.com/r/p.html?f=agktfd&e=1854815432745
Requested by
Host: powferads.com
URL: https://powferads.com/t.js?i=yujdh4rkfrt85a9ke3xpd&cb=6400011656424412522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://www.mhgui.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39751
content-encoding
br
content-type
text/html
date
Tue, 28 Jun 2022 02:51:02 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-id
kVQmS5W3WUfefVf5u8KdvFJaEZqVdJfeWAAswc7ap8Co30ZeLGbvzA==
x-amz-cf-pop
FRA56-P3
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
powferads.com/r/ Frame A611
9 KB
2 KB
Document
General
Full URL
https://powferads.com/r/p.html?f=xqmeiyw&e=1854815432745
Requested by
Host: powferads.com
URL: https://powferads.com/t.js?i=yujdh4rkfrt85a9ke3xpd&cb=6400011656424412522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://www.mhgui.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39751
content-encoding
br
content-type
text/html
date
Tue, 28 Jun 2022 02:51:02 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-id
LuK5KiCq6nNmywvMKBUK7pge9GuWSbtcKawvsWpStiaencYO8lOr_w==
x-amz-cf-pop
FRA56-P3
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
powferads.com/r/ Frame D967
9 KB
2 KB
Document
General
Full URL
https://powferads.com/r/p.html?f=fnvccqyu&e=1854815432745
Requested by
Host: powferads.com
URL: https://powferads.com/t.js?i=yujdh4rkfrt85a9ke3xpd&cb=6400011656424412522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://www.mhgui.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39751
content-encoding
br
content-type
text/html
date
Tue, 28 Jun 2022 02:51:02 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-id
-qpy7ySHaHlMuVy-Zrs0FteUifeSoty_oZCMxJXnB25RtL_2ZaxC4g==
x-amz-cf-pop
FRA56-P3
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
powferads.com/r/ Frame C791
9 KB
2 KB
Document
General
Full URL
https://powferads.com/r/p.html?f=vbnsneq&e=1854815432745
Requested by
Host: powferads.com
URL: https://powferads.com/t.js?i=yujdh4rkfrt85a9ke3xpd&cb=6400011656424412522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://www.mhgui.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39751
content-encoding
br
content-type
text/html
date
Tue, 28 Jun 2022 02:51:02 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-id
fQUZHutmw-arv912EbCbbJDTPvXoarv20jhR0P0sZb_KiOL9kPib1g==
x-amz-cf-pop
FRA56-P3
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
powferads.com/r/ Frame 652E
9 KB
2 KB
Document
General
Full URL
https://powferads.com/r/p.html?f=cfykwb&e=1854815432745
Requested by
Host: powferads.com
URL: https://powferads.com/t.js?i=yujdh4rkfrt85a9ke3xpd&cb=6400011656424412522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://www.mhgui.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39751
content-encoding
br
content-type
text/html
date
Tue, 28 Jun 2022 02:51:02 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-id
GxViyBkAVbi8BDuN-3UqeJ0CVUSUwbRoW34-Aeu_DKHPLvMnNovOPQ==
x-amz-cf-pop
FRA56-P3
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
powferads.com/r/ Frame 39BD
9 KB
2 KB
Document
General
Full URL
https://powferads.com/r/p.html?f=zdhizagyp&e=1854815432745
Requested by
Host: powferads.com
URL: https://powferads.com/t.js?i=yujdh4rkfrt85a9ke3xpd&cb=6400011656424412522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://www.mhgui.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39751
content-encoding
br
content-type
text/html
date
Tue, 28 Jun 2022 02:51:02 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-id
R8qVZveOuwVanCgLLLgBMT-723-CXzzroia3OGODIO_D5yUiLr9tow==
x-amz-cf-pop
FRA56-P3
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
powferads.com/r/ Frame 7A36
9 KB
2 KB
Document
General
Full URL
https://powferads.com/r/p.html?f=vhsxoa&e=1854815432745
Requested by
Host: powferads.com
URL: https://powferads.com/t.js?i=yujdh4rkfrt85a9ke3xpd&cb=6400011656424412522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://www.mhgui.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39751
content-encoding
br
content-type
text/html
date
Tue, 28 Jun 2022 02:51:02 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-id
FyvI9nHEpHnj5rA6LTeis2RSd7FeP4wukf7FDqi1TMWPbxfdo7s8yQ==
x-amz-cf-pop
FRA56-P3
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
powferads.com/r/ Frame F10F
9 KB
2 KB
Document
General
Full URL
https://powferads.com/r/p.html?f=dxabdyfbyn&e=1854815432745
Requested by
Host: powferads.com
URL: https://powferads.com/t.js?i=yujdh4rkfrt85a9ke3xpd&cb=6400011656424412522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://www.mhgui.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39751
content-encoding
br
content-type
text/html
date
Tue, 28 Jun 2022 02:51:02 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-id
6KFng_UYMtPNEIAbOzL3f0m9RnkcFwsZBBGUTCqnkYtrmbmJRAhDdA==
x-amz-cf-pop
FRA56-P3
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
powferads.com/r/ Frame 7F2A
9 KB
2 KB
Document
General
Full URL
https://powferads.com/r/p.html?f=kcctggf&e=1854815432745
Requested by
Host: powferads.com
URL: https://powferads.com/t.js?i=yujdh4rkfrt85a9ke3xpd&cb=6400011656424412522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://www.mhgui.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39751
content-encoding
br
content-type
text/html
date
Tue, 28 Jun 2022 02:51:02 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-id
G6EIutQEPshJeHy4y8wtYd_sJyLlmN1g_2nY_Mpny8_vWMuoY7Byhw==
x-amz-cf-pop
FRA56-P3
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
powferads.com/r/ Frame 5A97
9 KB
2 KB
Document
General
Full URL
https://powferads.com/r/p.html?f=xwjknlz&e=1854815432745
Requested by
Host: powferads.com
URL: https://powferads.com/t.js?i=yujdh4rkfrt85a9ke3xpd&cb=6400011656424412522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://www.mhgui.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39751
content-encoding
br
content-type
text/html
date
Tue, 28 Jun 2022 02:51:02 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-id
1ZYvnC1d_AjcMh5ZxZh_ln1R4qdrAJI-Wfkahwm6MpM2ATJx4T_t0A==
x-amz-cf-pop
FRA56-P3
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
powferads.com/r/ Frame F010
9 KB
2 KB
Document
General
Full URL
https://powferads.com/r/p.html?f=fznyjwas&e=1854815432745
Requested by
Host: powferads.com
URL: https://powferads.com/t.js?i=yujdh4rkfrt85a9ke3xpd&cb=6400011656424412522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://www.mhgui.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39751
content-encoding
br
content-type
text/html
date
Tue, 28 Jun 2022 02:51:02 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-id
2A7-siStRBlhM6LrkP-hBFihM7kA410TH1fqY9hdJPCTw2JDBXtSpA==
x-amz-cf-pop
FRA56-P3
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
powferads.com/r/ Frame C579
9 KB
2 KB
Document
General
Full URL
https://powferads.com/r/p.html?f=ahhkzvw&e=1854815432745
Requested by
Host: powferads.com
URL: https://powferads.com/t.js?i=yujdh4rkfrt85a9ke3xpd&cb=6400011656424412522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://www.mhgui.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39751
content-encoding
br
content-type
text/html
date
Tue, 28 Jun 2022 02:51:02 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-id
sw4UXLLpi3NRPs9E7J_xCt8uz9Bs3ov0lgMCAYNzv_rd7UinFLAUkQ==
x-amz-cf-pop
FRA56-P3
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
powferads.com/r/ Frame 4AFE
9 KB
2 KB
Document
General
Full URL
https://powferads.com/r/p.html?f=dniwvlci&e=1854815432745
Requested by
Host: powferads.com
URL: https://powferads.com/t.js?i=yujdh4rkfrt85a9ke3xpd&cb=6400011656424412522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://www.mhgui.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39751
content-encoding
br
content-type
text/html
date
Tue, 28 Jun 2022 02:51:02 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-id
KkDommkFOenSS5iPUYGjm6qyDKd_GCDH8yQZfYSLw3pWx963gsvx6Q==
x-amz-cf-pop
FRA56-P3
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
adserverPlacement.js
onetag-sys.com/tag/ Frame 7ACB
5 KB
2 KB
Script
General
Full URL
https://onetag-sys.com/tag/adserverPlacement.js
Requested by
Host: powferads.com
URL: https://powferads.com/t.js?i=yujdh4rkfrt85a9ke3xpd&cb=6400011656424412522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
045d2118123dd438309aec9df012404bb89c0448a4ab9a38915bddbaec060cc0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
last-modified
Tue, 28 Jun 2022 13:04:55 GMT
etag
"b85e881cc274c5a870536aa150e9c9dc-gz"
vary
accept-encoding
content-type
application/javascript
cache-control
public, max-age=1800, stale-while-revalidate=43200
content-length
2186
pubads_impl_2022062701.js
securepubads.g.doubleclick.net/gpt/ Frame 0039
373 KB
127 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js?cb=31068242
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
sffe /
Resource Hash
01fb24629611503ba4ea42ea9d94c1b82449d62985a6087c5e22e9e38b9b0ff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:49:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18262
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130259
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:39:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 28 Jun 2023 08:49:10 GMT
prebid6.15.0.js
hb.adpone.com/ Frame EB60
368 KB
103 KB
Script
General
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: powferads.com
URL: https://powferads.com/r/p.html?f=djzn&e=1854815432745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powferads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2629
x-amz-request-id
29B71W28STY5CE6D
x-amz-id-2
Cot6Ekv6z9CuuYeOW/7XOBLCfk1mnh5oxejL7PQeQyyC7HZi8aX2QLqpkxIXKGKSQei8McyY8iE=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BXQ38oIQyaV%2FmZvUHi3tb9gZaXK8Q3Tc5UshG4o%2BNqYyHrUP9kxkmOBijRzzNfHac9zSrojJejzDKL%2BLZT9q4fwhkLYGybfhl0%2BeHF%2Fplxsay%2FDvAkWHWxejww91DDFbob%2FOV9l8reuExLY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
7226e8c52b15bbec-FRA
prebid6.15.0.js
hb.adpone.com/ Frame 655D
368 KB
103 KB
Script
General
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: powferads.com
URL: https://powferads.com/r/p.html?f=agktfd&e=1854815432745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powferads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2629
x-amz-request-id
29B71W28STY5CE6D
x-amz-id-2
Cot6Ekv6z9CuuYeOW/7XOBLCfk1mnh5oxejL7PQeQyyC7HZi8aX2QLqpkxIXKGKSQei8McyY8iE=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAWk68scXTR7VvZYEsUSwyPnforkdIBJb0f3Y3tshXahRNyHzBnAMsHsUaush%2FSgVK%2FQtt%2BIMrYShF5kxvbkyzdC3VmRr8C5Vq9P7ARz8a04Its9Pp8SRQKxRCDgWjUl%2Fx02JzYETN%2FrqjY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
7226e8c53b25bbec-FRA
prebid6.15.0.js
hb.adpone.com/ Frame A611
368 KB
103 KB
Script
General
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: powferads.com
URL: https://powferads.com/r/p.html?f=xqmeiyw&e=1854815432745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powferads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2630
x-amz-request-id
29B71W28STY5CE6D
x-amz-id-2
Cot6Ekv6z9CuuYeOW/7XOBLCfk1mnh5oxejL7PQeQyyC7HZi8aX2QLqpkxIXKGKSQei8McyY8iE=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4x2i7QZLAmcVSFi6ohvAsopPIBgMz5dkx4GdGNpg16SzcelsghR9RLAmLTgCYDSR%2B4n%2B8JHGtH7Hr3J3PAYKUuO7cVg6dR%2F0fePu3GODXwnYF50M3Bm%2BzSRSDv6RH3Fudlk8PzBNoh%2FJR9U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
7226e8c54b50bbec-FRA
prebid6.15.0.js
hb.adpone.com/ Frame D967
368 KB
103 KB
Script
General
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: powferads.com
URL: https://powferads.com/r/p.html?f=fnvccqyu&e=1854815432745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powferads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2630
x-amz-request-id
29B71W28STY5CE6D
x-amz-id-2
Cot6Ekv6z9CuuYeOW/7XOBLCfk1mnh5oxejL7PQeQyyC7HZi8aX2QLqpkxIXKGKSQei8McyY8iE=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDUYAddahKVWVSngxqgF4ngc9xtJGBs3JXdmVF4fXA9YRLbkYXUh0ap6D0ENYXwAFnloPOXYdyIN1UwXEUhQAche4bYLNViAqdY41st9hkKsDcDf6E%2FxfYfkuXlURiazDviJ1SzJkQxhkls%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
7226e8c55b58bbec-FRA
prebid6.15.0.js
hb.adpone.com/ Frame C791
368 KB
103 KB
Script
General
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: powferads.com
URL: https://powferads.com/r/p.html?f=vbnsneq&e=1854815432745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powferads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2630
x-amz-request-id
29B71W28STY5CE6D
x-amz-id-2
Cot6Ekv6z9CuuYeOW/7XOBLCfk1mnh5oxejL7PQeQyyC7HZi8aX2QLqpkxIXKGKSQei8McyY8iE=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7E6sL1j3st1eUwEmWvy58wZl%2BWhVRdo0RlVdnOg242Qfr%2BXCO8YUfqbv4XQgoltak6YHBpm6dPSG8O3AQsOc1OA6e4Nc8a0%2BS7%2BifQJiffxKUi%2FGY7CE%2B0pbqXOTXbYlQGFESYMwf%2B%2F1CI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
7226e8c56b73bbec-FRA
prebid6.15.0.js
hb.adpone.com/ Frame 652E
368 KB
103 KB
Script
General
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: powferads.com
URL: https://powferads.com/r/p.html?f=cfykwb&e=1854815432745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powferads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2630
x-amz-request-id
29B71W28STY5CE6D
x-amz-id-2
Cot6Ekv6z9CuuYeOW/7XOBLCfk1mnh5oxejL7PQeQyyC7HZi8aX2QLqpkxIXKGKSQei8McyY8iE=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyF%2FYgQdvclh1eHoscEm8XZVroCKiF2G98%2FKnVzHsus4mCAoBw%2BEYX1VrBYVmdmw313POIOXvueU4tov%2BVHP7QM4%2BOyAeqUhI19uLUGL5aXSM35gO6YX%2FJFL3Mps3CFjKgnLWgSXiU138%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
7226e8c57b8ebbec-FRA
prebid6.15.0.js
hb.adpone.com/ Frame 39BD
368 KB
103 KB
Script
General
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: powferads.com
URL: https://powferads.com/r/p.html?f=zdhizagyp&e=1854815432745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powferads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2630
x-amz-request-id
29B71W28STY5CE6D
x-amz-id-2
Cot6Ekv6z9CuuYeOW/7XOBLCfk1mnh5oxejL7PQeQyyC7HZi8aX2QLqpkxIXKGKSQei8McyY8iE=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Cv6CC6rKAnMu6SeAZ2BF1add2XLRJbm1fQ1UIa5w2o7Y6%2FkntM1BoIUN54ul41EGSipVhjYENUyQAuN3yWyAZJqyVr%2B%2FSWd1XqpCY8LMXQIi7njnQOBmrQzSAwoXfTwLZgx9J%2BINwkIejA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
7226e8c57ba7bbec-FRA
prebid6.15.0.js
hb.adpone.com/ Frame 7A36
368 KB
103 KB
Script
General
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: powferads.com
URL: https://powferads.com/r/p.html?f=vhsxoa&e=1854815432745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powferads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2630
x-amz-request-id
29B71W28STY5CE6D
x-amz-id-2
Cot6Ekv6z9CuuYeOW/7XOBLCfk1mnh5oxejL7PQeQyyC7HZi8aX2QLqpkxIXKGKSQei8McyY8iE=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQlqrmZFQNo7hItsZaw9A2KYrDdHfRKkeLhzzU0mw66wYI7c40fuEbb0AwflulcMlFtUXq9MlkSkjExiTcQQ9CmGlX9zGqmhtq1bjmVa%2BrIRIWkILLE6ZgNSMElNPzJJ%2Bdd26jbJwdutZTk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
7226e8c58bb7bbec-FRA
prebid6.15.0.js
hb.adpone.com/ Frame F10F
368 KB
103 KB
Script
General
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: powferads.com
URL: https://powferads.com/r/p.html?f=dxabdyfbyn&e=1854815432745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powferads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2630
x-amz-request-id
29B71W28STY5CE6D
x-amz-id-2
Cot6Ekv6z9CuuYeOW/7XOBLCfk1mnh5oxejL7PQeQyyC7HZi8aX2QLqpkxIXKGKSQei8McyY8iE=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fdBzyJk0fVIdJ%2FjldieytjugsN24jMKQ4elgO7bTQJ4IPMxy4Y9cAoUgCH6hP9dvNSnzx1lzX5Ohzju8ix8b9zAeNDOr5%2FO6XtCsZy3WIB4rD5mpv4Mochgsf%2Fw%2B%2FOcErjX7%2FdyRgBJjpBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
7226e8c5abdcbbec-FRA
prebid6.15.0.js
hb.adpone.com/ Frame 7F2A
368 KB
103 KB
Script
General
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: powferads.com
URL: https://powferads.com/r/p.html?f=kcctggf&e=1854815432745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powferads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2630
x-amz-request-id
29B71W28STY5CE6D
x-amz-id-2
Cot6Ekv6z9CuuYeOW/7XOBLCfk1mnh5oxejL7PQeQyyC7HZi8aX2QLqpkxIXKGKSQei8McyY8iE=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDrZzhornawj2iS2liqj3eqOkWBHuMVrINrmTKLBjm3IYt%2BZRXJhNjCC8NbbfZFGFWRT9umklpDvozgp5zkESw9l8osHkK3ZUSHMh5dqUgwZcGYLQDl%2BRb67CVm68qO0QsGRYFicnNEPtEc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
7226e8c5abf2bbec-FRA
prebid6.15.0.js
hb.adpone.com/ Frame 5A97
368 KB
103 KB
Script
General
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: powferads.com
URL: https://powferads.com/r/p.html?f=xwjknlz&e=1854815432745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powferads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2630
x-amz-request-id
29B71W28STY5CE6D
x-amz-id-2
Cot6Ekv6z9CuuYeOW/7XOBLCfk1mnh5oxejL7PQeQyyC7HZi8aX2QLqpkxIXKGKSQei8McyY8iE=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHvAfjrODKAGlYli0v%2FAogObXvNlNDJBceRMZoKqYsU1TT9UA%2FZM9ucbdYCIKUcREoKqUPlDHCm0mCajiDNaGUtDvc1fkpQz11NgW7Xi8hdiwELe1d0g5J2kprUNTAHqXP%2BJjPkf1pKRA00%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
7226e8c5bc0fbbec-FRA
prebid6.15.0.js
hb.adpone.com/ Frame F010
368 KB
103 KB
Script
General
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: powferads.com
URL: https://powferads.com/r/p.html?f=fznyjwas&e=1854815432745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powferads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2630
x-amz-request-id
29B71W28STY5CE6D
x-amz-id-2
Cot6Ekv6z9CuuYeOW/7XOBLCfk1mnh5oxejL7PQeQyyC7HZi8aX2QLqpkxIXKGKSQei8McyY8iE=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gyujJ0m3%2BvPTrVORIgy1B3gms9kI6kL7Io%2FUkYi3dSMXqNntnHZlQIBDKCLLGwumnH9%2BAe93aq4r3e5L%2FrTK9l26kX%2FRdZxqEIPY4E8xy%2FI0Tb1ef1k0q8pNPwZnxLQvU806e6IhDh49Sjw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
7226e8c5cc1ebbec-FRA
prebid6.15.0.js
hb.adpone.com/ Frame C579
368 KB
103 KB
Script
General
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: powferads.com
URL: https://powferads.com/r/p.html?f=ahhkzvw&e=1854815432745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powferads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2630
x-amz-request-id
29B71W28STY5CE6D
x-amz-id-2
Cot6Ekv6z9CuuYeOW/7XOBLCfk1mnh5oxejL7PQeQyyC7HZi8aX2QLqpkxIXKGKSQei8McyY8iE=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gP0nV1clLjVi23FQERS0euPDQd6AS4dGUaUQALaDxe4kPQUhOWgTYGiV2eP9g7W9VGWB9lojed6I6yfB5KgXDs4BjE2%2Fifdr0wcmN%2B0Mg1dDxIuv1nGAy%2BoC1GcyKwO6ynIwMnl7W%2FPbI4w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
7226e8c5dc25bbec-FRA
prebid6.15.0.js
hb.adpone.com/ Frame 4AFE
368 KB
103 KB
Script
General
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: powferads.com
URL: https://powferads.com/r/p.html?f=dniwvlci&e=1854815432745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powferads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2630
x-amz-request-id
29B71W28STY5CE6D
x-amz-id-2
Cot6Ekv6z9CuuYeOW/7XOBLCfk1mnh5oxejL7PQeQyyC7HZi8aX2QLqpkxIXKGKSQei8McyY8iE=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89055W0%2FrEiVJEHOcTeu6xUwhmNzQdoJ0mo%2BdLuxNdsQwWlv2bcuItHUgnshSCTavkfiKW%2BKnDY0Yn7NIpWouoHzka5wSH8zgm73lOSIRdBjjWVnVURl9SolneWdrbFa%2B38c26IY0%2F%2FmUc8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
7226e8c5ec35bbec-FRA
cdb
bidder.criteo.com/ Frame 0039
0
215 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=85089507172
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mhgui.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 13:53:33 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.mhgui.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame 0039
0
115 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mhgui.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mhgui.com
date
Tue, 28 Jun 2022 13:53:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 0039
19 B
705 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.mhgui.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Jun 2022 13:53:33 GMT
X-Proxy-Origin
80.255.7.109; 80.255.7.109; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
696cf8a4-19b9-4549-b871-1722d75dd42d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.mhgui.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 0039
0
335 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mhgui.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:33 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.mhgui.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
arj
adpone-d.openx.net/w/1.0/ Frame 0039
73 B
379 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.mhgui.com%2Fcomic%2F35579%2F488749.html&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=438208cb-26b6-4acc-a625-efcd0fe34c08&nocache=1656424413124&schain=1.0%2C1!adpone.com%2C39f5f0f19dda90ef9acc%2C1%2C%2C%2C&aus=728x90&divids=%252F21671350435%252C22654422242%252F728x90-manhuagui.com&aucs=%252F21671350435%252C22654422242%252F728x90-manhuagui.com&auid=550464076
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
8099d583b9df1553d37db67fac6a32693f304934ac3906b68ff0755994b53b68

Request headers

Referer
https://www.mhgui.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.mhgui.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame EB60
0
58 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://powferads.com
date
Tue, 28 Jun 2022 13:53:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame EB60
0
335 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:32 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://powferads.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
arj
adpone-d.openx.net/w/1.0/ Frame EB60
73 B
161 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.mhgui.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=04acff3e-1eeb-4aae-885f-df700810e488&nocache=1656424413158&schain=1.0%2C1!adpone.com%2C39f5f0f19dda90ef9acc%2C1%2C%2C%2C&aus=728x90&divids=adpn-adtag-1656424412965&aucs=adpn-adtag-1656424412965&auid=550464076
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
78e51539affc9639b38b476b25d849ae45429c5548182c8c7a51849f9bdb84c9

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://powferads.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame EB60
19 B
705 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Jun 2022 13:53:33 GMT
X-Proxy-Origin
80.255.7.109; 80.255.7.109; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a82ed599-0af7-46e8-bfd0-51075cb15a5a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://powferads.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame EB60
0
214 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=16384437251
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 13:53:31 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://powferads.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
cdb
bidder.criteo.com/ Frame 655D
0
214 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=15668437254
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://powferads.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame 655D
0
335 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:33 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://powferads.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame 655D
19 B
705 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Jun 2022 13:53:33 GMT
X-Proxy-Origin
80.255.7.109; 80.255.7.109; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4f42999a-3dd2-4187-966c-00e954dba880
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://powferads.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 655D
0
58 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://powferads.com
date
Tue, 28 Jun 2022 13:53:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
adpone-d.openx.net/w/1.0/ Frame 655D
75 B
150 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.mhgui.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=6282f44e-08bc-4855-b5c8-4ae34ff8bec6&nocache=1656424413225&schain=1.0%2C1!adpone.com%2C39f5f0f19dda90ef9acc%2C1%2C%2C%2C&aus=728x90&divids=adpn-adtag-1656424412974&aucs=adpn-adtag-1656424412974&auid=550464076
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
f89d9d323b4c2b1f0942a8ca5fca33d6ac5d87e394b426420bd0f7b8e78334f2

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://powferads.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
onetag-sys.com/pub-config/ Frame 7ACB
165 B
452 B
XHR
General
Full URL
https://onetag-sys.com/pub-config/?pubId=710ea6b8672dcc0&referrer=https%3A%2F%2Fwww.mhgui.com%2Fcomic%2F35579%2F488749.html
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/tag/adserverPlacement.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
2e49179c47f9215b7535f9cff6be898d11f251942dff1b9fcd436975fef35b53
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.mhgui.com
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
156
translator
hbopenbid.pubmatic.com/ Frame A611
0
58 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://powferads.com
date
Tue, 28 Jun 2022 13:53:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame A611
0
335 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:32 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://powferads.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame A611
19 B
705 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Jun 2022 13:53:33 GMT
X-Proxy-Origin
80.255.7.109; 80.255.7.109; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1782d7a0-739a-49f0-8f05-b0de17674319
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://powferads.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adpone-d.openx.net/w/1.0/ Frame A611
74 B
145 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.mhgui.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=c6f9b105-8213-488d-8b43-0c3dc836146c&nocache=1656424413250&schain=1.0%2C1!adpone.com%2C39f5f0f19dda90ef9acc%2C1%2C%2C%2C&aus=728x90&divids=adpn-adtag-1656424412987&aucs=adpn-adtag-1656424412987&auid=550464076
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
dacb5c5ccac740c7e831e049f6e1ff32e7fdc3604f9fc0ead402c24802992198

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://powferads.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame A611
0
214 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=28770830262
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://powferads.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
arj
adpone-d.openx.net/w/1.0/ Frame 652E
73 B
145 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.mhgui.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=622c7e1b-366c-40f5-9332-1da59b177a42&nocache=1656424413259&schain=1.0%2C1!adpone.com%2C39f5f0f19dda90ef9acc%2C1%2C%2C%2C&aus=728x90&divids=adpn-adtag-1656424413013&aucs=adpn-adtag-1656424413013&auid=550464076
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
e277b162cdb301be5de38de7ab7eb6c3a15a5d4fc47550815a845f9c519a2d99

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://powferads.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 652E
0
335 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:32 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://powferads.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
translator
hbopenbid.pubmatic.com/ Frame 652E
0
58 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://powferads.com
date
Tue, 28 Jun 2022 13:53:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 652E
19 B
705 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Jun 2022 13:53:33 GMT
X-Proxy-Origin
80.255.7.109; 80.255.7.109; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9eb53363-0957-4392-a3a7-6bbb62077f15
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://powferads.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 652E
0
214 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=50318182476
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://powferads.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame C791
0
58 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://powferads.com
date
Tue, 28 Jun 2022 13:53:31 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame C791
0
335 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:32 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://powferads.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
arj
adpone-d.openx.net/w/1.0/ Frame C791
74 B
149 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.mhgui.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=56ad51ec-7fab-47f6-8f51-c718d87d1f9d&nocache=1656424413269&schain=1.0%2C1!adpone.com%2C39f5f0f19dda90ef9acc%2C1%2C%2C%2C&aus=728x90&divids=adpn-adtag-1656424413003&aucs=adpn-adtag-1656424413003&auid=550464076
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
9603d4423caeb48adc07785493bdfcd2bdee5ec375c8e16eb941c2da68352b58

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://powferads.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame C791
0
214 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=65740573520
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://powferads.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame C791
19 B
705 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Jun 2022 13:53:33 GMT
X-Proxy-Origin
80.255.7.109; 80.255.7.109; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
557d7bae-a2d4-4ad9-8738-bc58aaaed4d2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://powferads.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame D967
138 B
825 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8cac38a61950b8378f23b4e156b1640d2419f428eda46a14e60a3b7f13dc4906
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Jun 2022 13:53:33 GMT
X-Proxy-Origin
80.255.7.109; 80.255.7.109; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d580eed4-cade-4775-a944-3286536d5517
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://powferads.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adpone-d.openx.net/w/1.0/ Frame D967
72 B
147 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.mhgui.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=b801281d-6b85-4f77-a962-28a695261065&nocache=1656424413278&schain=1.0%2C1!adpone.com%2C39f5f0f19dda90ef9acc%2C1%2C%2C%2C&aus=728x90&divids=adpn-adtag-1656424412995&aucs=adpn-adtag-1656424412995&auid=550464076
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
f08d6a564cf051d5cd488600af0f811c4cbb4c39e1f2780b2b32870b5687541e

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://powferads.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame D967
0
335 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:32 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://powferads.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
translator
hbopenbid.pubmatic.com/ Frame D967
0
0

cdb
bidder.criteo.com/ Frame D967
0
214 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=25897502118
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://powferads.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame 39BD
0
335 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:32 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://powferads.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
translator
hbopenbid.pubmatic.com/ Frame 39BD
0
58 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://powferads.com
date
Tue, 28 Jun 2022 13:53:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 39BD
19 B
705 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Jun 2022 13:53:33 GMT
X-Proxy-Origin
80.255.7.109; 80.255.7.109; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b8274621-71c3-43f9-adbc-6e3bb68a41bd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://powferads.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 39BD
0
214 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=80195933396
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://powferads.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
arj
adpone-d.openx.net/w/1.0/ Frame 39BD
73 B
101 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.mhgui.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=26d9e229-a90f-490b-9b04-dec85290b9d6&nocache=1656424413288&schain=1.0%2C1!adpone.com%2C39f5f0f19dda90ef9acc%2C1%2C%2C%2C&aus=728x90&divids=adpn-adtag-1656424413021&aucs=adpn-adtag-1656424413021&auid=550464076
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
6175461ff468e4a07031ffe938f692e6f30d319365e9c046dabc6c6b909ef145

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://powferads.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
arj
adpone-d.openx.net/w/1.0/ Frame 7A36
73 B
100 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.mhgui.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=440b12bb-ea68-4eb1-99b5-4e7f635a93fa&nocache=1656424413294&schain=1.0%2C1!adpone.com%2C39f5f0f19dda90ef9acc%2C1%2C%2C%2C&aus=728x90&divids=adpn-adtag-1656424413031&aucs=adpn-adtag-1656424413031&auid=550464076
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
d590c75c23bd8d9f3cb49271d693512127bd7a6586fd52f4c818bb1540b12358

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://powferads.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 7A36
19 B
705 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Jun 2022 13:53:33 GMT
X-Proxy-Origin
80.255.7.109; 80.255.7.109; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
500a61b3-2e1b-4800-a409-f9a834c910aa
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://powferads.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 7A36
0
335 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:32 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://powferads.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
translator
hbopenbid.pubmatic.com/ Frame 7A36
0
58 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://powferads.com
date
Tue, 28 Jun 2022 13:53:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 7A36
0
214 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=15694726882
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 13:53:33 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://powferads.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame F10F
0
0

arj
adpone-d.openx.net/w/1.0/ Frame F10F
73 B
101 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.mhgui.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=89f89adb-9574-4f19-899e-92a699703754&nocache=1656424413303&schain=1.0%2C1!adpone.com%2C39f5f0f19dda90ef9acc%2C1%2C%2C%2C&aus=728x90&divids=adpn-adtag-1656424413042&aucs=adpn-adtag-1656424413042&auid=550464076
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
126cd859d823697bfe2fe98804af7806ea1de512e5cbbfadb657b7f3c99df8de

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://powferads.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame F10F
19 B
705 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Jun 2022 13:53:33 GMT
X-Proxy-Origin
80.255.7.109; 80.255.7.109; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
202964e1-31f9-48f1-ab20-80cecdd01595
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://powferads.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame F10F
0
335 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:32 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://powferads.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
cdb
bidder.criteo.com/ Frame F10F
0
214 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=96746088115
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 13:53:33 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://powferads.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame 7F2A
0
335 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:33 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://powferads.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame 7F2A
19 B
705 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Jun 2022 13:53:33 GMT
X-Proxy-Origin
80.255.7.109; 80.255.7.109; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
aa1603cb-bcb9-470a-b1b7-15a829ecbfc1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://powferads.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adpone-d.openx.net/w/1.0/ Frame 7F2A
73 B
101 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.mhgui.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=bb063b91-cc35-49a9-9f2f-905831e4be07&nocache=1656424413311&schain=1.0%2C1!adpone.com%2C39f5f0f19dda90ef9acc%2C1%2C%2C%2C&aus=728x90&divids=adpn-adtag-1656424413050&aucs=adpn-adtag-1656424413050&auid=550464076
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
97152adc4cf5b70d5b2c452437be35d669558a8596ea252833ac849017d40a8a

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://powferads.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame 7F2A
0
214 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=12853108949
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://powferads.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame 7F2A
0
0

cdb
bidder.criteo.com/ Frame 5A97
0
214 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=22779407344
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 13:53:33 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://powferads.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame 5A97
0
335 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:32 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://powferads.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
arj
adpone-d.openx.net/w/1.0/ Frame 5A97
73 B
101 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.mhgui.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=ef9242e2-3b1b-4ce4-a1bc-71408df49a4c&nocache=1656424413340&schain=1.0%2C1!adpone.com%2C39f5f0f19dda90ef9acc%2C1%2C%2C%2C&aus=728x90&divids=adpn-adtag-1656424413062&aucs=adpn-adtag-1656424413062&auid=550464076
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
025f7cb227ffbba2a1da9597d65e242a782b2277a2394decb428d805ba97ff36

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://powferads.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 5A97
19 B
705 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Jun 2022 13:53:33 GMT
X-Proxy-Origin
80.255.7.109; 80.255.7.109; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3a24c97a-32aa-41be-9acf-d4f9481b27be
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://powferads.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 5A97
0
0

v1
prg.smartadserver.com/prebid/ Frame F010
0
335 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:32 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://powferads.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
cdb
bidder.criteo.com/ Frame F010
0
214 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=41636048195
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 13:53:33 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://powferads.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame F010
0
58 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://powferads.com
date
Tue, 28 Jun 2022 13:53:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame F010
144 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4c38f5e3198a94d0e0d117399fdec9d710ee5d7123b67ca5eb994e5a337b9501
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Jun 2022 13:53:33 GMT
X-Proxy-Origin
80.255.7.109; 80.255.7.109; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
28c0f021-932a-43d9-b355-7296c982fcae
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://powferads.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adpone-d.openx.net/w/1.0/ Frame F010
73 B
101 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.mhgui.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=fff59ca7-7cf1-4ca5-91b1-7b785d8265ad&nocache=1656424413349&schain=1.0%2C1!adpone.com%2C39f5f0f19dda90ef9acc%2C1%2C%2C%2C&aus=728x90&divids=adpn-adtag-1656424413069&aucs=adpn-adtag-1656424413069&auid=550464076
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
7191d479ed7098fddafe5a50fa92c52c6f52cdd3b0c1419f79c5baacb90f9634

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://powferads.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame C579
0
214 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=3844564765
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 13:53:32 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://powferads.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame C579
0
0

arj
adpone-d.openx.net/w/1.0/ Frame C579
73 B
101 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.mhgui.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=d0db9ac6-e9e2-4fa2-a3f4-23955fc3921d&nocache=1656424413357&schain=1.0%2C1!adpone.com%2C39f5f0f19dda90ef9acc%2C1%2C%2C%2C&aus=728x90&divids=adpn-adtag-1656424413077&aucs=adpn-adtag-1656424413077&auid=550464076
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
d1f91e655a9e406fc235e03d99fd2ccc948bbd7a134a66270eba56cef9714b7b

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://powferads.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame C579
19 B
705 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Jun 2022 13:53:33 GMT
X-Proxy-Origin
80.255.7.109; 80.255.7.109; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
418edccd-5e56-4f3c-abe0-9bdcf955ad19
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://powferads.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame C579
0
335 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:32 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://powferads.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ Frame 4AFE
0
335 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:33 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://powferads.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame 4AFE
19 B
705 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Jun 2022 13:53:33 GMT
X-Proxy-Origin
80.255.7.109; 80.255.7.109; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
09ef6141-5261-4485-b017-d3ea111e71d0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://powferads.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 4AFE
0
214 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=66761439139
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 13:53:33 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://powferads.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
arj
adpone-d.openx.net/w/1.0/ Frame 4AFE
73 B
101 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.mhgui.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=81d68a43-0d7b-474c-9d3b-5c6155e57141&nocache=1656424413367&schain=1.0%2C1!adpone.com%2C39f5f0f19dda90ef9acc%2C1%2C%2C%2C&aus=728x90&divids=adpn-adtag-1656424413083&aucs=adpn-adtag-1656424413083&auid=550464076
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
71e7b159cd59ab8949b2c3b11c5ba2cbc7aa1f2b4052b489b4b584286e09d1d8

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://powferads.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 4AFE
0
58 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powferads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://powferads.com
date
Tue, 28 Jun 2022 13:53:31 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
integrator.js
adservice.google.de/adsid/ Frame 0039
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.mhgui.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js?cb=31068242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0039
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.mhgui.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js?cb=31068242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 0039
425 B
262 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2442968456930610&correlator=947001846871929&eid=31068158%2C31068242%2C42531606&output=ldjh&gdfp_req=1&vrg=2022062701&ptt=17&impl=fifs&iu_parts=21671350435%3A22654422242%2C728x90-manhuagui.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=2092530817&sfv=1-0-38&ecs=20220628&fsapi=false&eri=1&sc=1&cookie=ID%3D45b70b5f95a5faeb-227b52a7c0cd0034%3AT%3D1656424412%3AS%3DALNI_MallroiPvvSA9ptW5FNUh2YyA4ggg&cdm=www.mhgui.com&abxe=1&dt=1656424413612&lmt=1656424413&dlt=1656424412814&idt=354&biw=1600&bih=1200&isw=728&ish=90&adxs=436&adys=90&ucis=bm9za0ecuhwq&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fwww.mhgui.com%2Fcomic%2F35579%2F488749.html&top=https%3A%2F%2Fwww.mhgui.com%2Fcomic%2F35579%2F488749.html&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=999591664.1656424414&ga_sid=1656424414&ga_hid=1193533733&ga_fc=false&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js?cb=31068242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
68aa9f3bc5ca8ca11e79807abdeecd272e070f402b07f1e0d20201c14c86c1a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mhgui.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0039
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022062701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js?cb=31068242
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
255d105a6563bee77ccfc2de757c29258b0e0f360e9e20c1ad011317a674303d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10514
x-xss-protection
0
container.html
d21956dcd577cb64f6bada32bad6be76.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FE5A
6 KB
4 KB
Document
General
Full URL
https://d21956dcd577cb64f6bada32bad6be76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js?cb=31068242
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mhgui.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Jun 2022 13:53:33 GMT
expires
Wed, 28 Jun 2023 13:53:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0039
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js?cb=31068242
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Jun 2022 13:53:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B4A0
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mhgui.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1221
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Jun 2022 13:33:12 GMT
expires
Wed, 28 Jun 2023 13:33:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D1F1
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3155080fe829786172c01f241270a12903c89a01b866fd5385bd6acf5a2131d3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-o4B4GmzuXrByGeJpo0Q0TQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mhgui.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-o4B4GmzuXrByGeJpo0Q0TQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 28 Jun 2022 13:53:34 GMT
expires
Tue, 28 Jun 2022 13:53:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ViAmyRY-LKGlXGI_ktt9sOy-HRzFpgmS9L9D6qSMV6s.js
pagead2.googlesyndication.com/bg/ Frame B4A0
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ViAmyRY-LKGlXGI_ktt9sOy-HRzFpgmS9L9D6qSMV6s.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
562026c9163e2ca1a55c623f92db7db0ecbe1d1cc5a60992f4bf43eaa48c57ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13935
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Jun 2023 13:44:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D1F1
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022062701&jk=2442968456930610&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame B4A0
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?uCl70g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 0039
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022062701&jk=2442968456930610&bg=!sbKlsvbNAAa8IIBmnCA7ACkAdvg8WiwOqKJORIJzHtL0UdtDXc3I8pmlaeXMD-rzk93Fa5NEfzWF0QIAAAA9UgAAAAJoAQcKACP8wpKchGYeAh3m7qJ-Cr19sOYzk91v2BXKnvHzjWntZm_nOJkCrQdydSu7VvhFo3AkLo5Fcdl0IV-19gIGQEvd1E9BTQjggmEMVL1qDJzZkbMbfKSt0ufcOHauzcigAU3NRkRfYgwnLsyz-0Dd9dN-90Q1cbq_cZGQpQAVStvFypxNkDtABFKbRJbjiI76abuh1Y8szgLie6bVIMfsbz72Ntsgd5uqapVUb1xjAv6Bsr1XliC-S61PX_wRGalw1uPT3QwJxvHSIhP8fnOeqmIQCxcpy1TgQNUQOB1Jw4HPxO_8p7919jrkLCYjHJWtT_LBP8DDc2ihcJKh6ZMZtk0-yNlUKi6tDVt2VmqUuzaMg0u5Q9r7Bf-AmL3NmKDzz4g-Wo75KSySLmlwFcTOqJhSO1LhWQqcbJdfSZ9mGB-YqEHptrtJFWTjR87gsrk_n-Nj0HSsa9RBIqQDd6p2Q5KPDEDeNsF0a9q93AKt8Bypvf55WKXHlj1R1ipggwZyxbEYlOB7vMVtKjhDB-qF0yjeaUUjD28j00-ihY5XQ_bDcn877HRSHNxT7a0jcDpF94MJ7M20ch-CxogBnZccnBLuRv6z-Z290dmhhK4wyxktuRn_eCu58N_-HMhq_Uz3-hR0f7hqbP__2bn7l_qW-i9h_STS6HDhkihIxC1YSv3ajtzy8Blao_Olk9iSeBNKszVUAd1T6L5oz53JzCgwH3f8Vk7ZxbI8Zpa4DRAAv6I-L6kKjoLPiu5RHuS5A2LPBLf-DbyO3RAzZ4UdqbUk_ESJo2JN6mXEpMjJnXepuAdCShjhqvIkaA6ZHmOH1Oe9xiZRnHKWnE0EQYvdaVhDnI0NjONLiyU0frzGoZ8z-zaJg_LMY1dsSm4xE6x5w9bQhyEYOeT-iNK0fW6bRgsBwRazAuyvI3TP4ALS2xC8ZMGrd2RTX2H4mINPh6uiLclDzOCgzHo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 0039
87 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:36 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 29 Jun 2022 13:53:36 GMT
syncframe
gum.criteo.com/ Frame 52E7
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.mhgui.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mhgui.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 28 Jun 2022 13:53:36 GMT
server-processing-duration-in-ticks
2345
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 0039
87 KB
28 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:36 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 29 Jun 2022 13:53:36 GMT
pd
u.openx.net/w/1.0/ Frame 0039
43 B
131 B
Image
General
Full URL
https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:36 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 0039
0
42 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mhgui.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:53:36 GMT
content-length
0
sid
mug.criteo.com/ Frame 52E7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mhgui.com&sn=ChromeSyncframe&so=0&topUrl=www.mhgui.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=5JPBhnxDK2ZYTGVxVUYwOENWMzZ6b3k0eGFSNXBnZEIraWM2eDQ4My9BYzNJK0t3a00vZWhPdTZVM1k1RXREWGN4R29oc0YvM1cvR05LeDAzRUpKK2gvTFlRd2NPWWFGUzhPcnVncU94QnhodHQ1RElDSCtPeHRLU2JWY2...
435 B
630 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=5JPBhnxDK2ZYTGVxVUYwOENWMzZ6b3k0eGFSNXBnZEIraWM2eDQ4My9BYzNJK0t3a00vZWhPdTZVM1k1RXREWGN4R29oc0YvM1cvR05LeDAzRUpKK2gvTFlRd2NPWWFGUzhPcnVncU94QnhodHQ1RElDSCtPeHRLU2JWY2U5YU5HS2Jxa2hhV3lpTEoxU25lRHZjZ2k0Ris0Vi9Kdzc1TXpGazRhT0ZuK3ZicWpTS3VRS3F6QWgzc0lrWTdFQzhLd2pYaWZhTlVSVisyRlM0c0RlNlNheTdYUDRjODNjMVNqaXlNTExOTTRCRnY4Mi9hUXd2M05DYjRvVzdMRlMrNlJ1N2ZXQXhyTEgwaEtNd3FIOFRQU0YzMUpkZz09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
0ee8ad92a77d8fa07327e9e48b72ed0396d71f8cd7df4c713d41f20ee39ec085
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:36 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5958
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Jun 2022 13:53:35 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=5JPBhnxDK2ZYTGVxVUYwOENWMzZ6b3k0eGFSNXBnZEIraWM2eDQ4My9BYzNJK0t3a00vZWhPdTZVM1k1RXREWGN4R29oc0YvM1cvR05LeDAzRUpKK2gvTFlRd2NPWWFGUzhPcnVncU94QnhodHQ1RElDSCtPeHRLU2JWY2U5YU5HS2Jxa2hhV3lpTEoxU25lRHZjZ2k0Ris0Vi9Kdzc1TXpGazRhT0ZuK3ZicWpTS3VRS3F6QWgzc0lrWTdFQzhLd2pYaWZhTlVSVisyRlM0c0RlNlNheTdYUDRjODNjMVNqaXlNTExOTTRCRnY4Mi9hUXd2M05DYjRvVzdMRlMrNlJ1N2ZXQXhyTEgwaEtNd3FIOFRQU0YzMUpkZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1500
content-length
541
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
jy.ggweb.net
URL
https://jy.ggweb.net/ikanman/k1.js
Domain
c332e870e0ce9ed51437c35b07cb8ad7.safeframe.googlesyndication.com
URL
https://c332e870e0ce9ed51437c35b07cb8ad7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| pVars object| SMH object| sys function| $ function| jQuery object| LZString object| googletag function| Hashtable function| panelBind object| servs object| pfuncs object| cInfo function| tmpl function| Draggable object| Modernizr object| jQuery18309634749617253449 boolean| IE object| Wilq32 function| pb object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal boolean| inDapIF boolean| inGptIF object| dicnf number| google_srt object| viewReq function| vu object| d boolean| adpnInit object| adpnExecutions object| aliveChecks boolean| adpnLoaded number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ function| aliveCheck number| probe

9 Cookies

Domain/Path Name / Value
maniconclavis.com/ Name: GL_UI4
Value: eJw9jVtOhDAYhYFycTJCPAkLcAkFnMA8GhfhI2npL1MH2kmpQ9y9jYk%2BnS%2FnkhNFUVJXiO85A%2FsSJzwPLe%2FOp05Kfh5kL2gQDW%2BHthfT0L10TY%2BD3kYv5EI%2BxeNMhpyexskqKvEUoj%2FnauxuUmTSCaNKZGtoLCUK6ey%2BkasZUiNWQv52cTZotopP68Aa3gXWJnDMkditZtUBxbs2KgyrI5KGV2Ue4XhbhP%2Bwbh21ymNksxOKEL%2FiYRKeZuu%2BUSjart7eALuo8b%2F%2F%2B8v2hiNXdNdTOLf%2BQu4H6opJ%2Fw%3D%3D
maniconclavis.com/ Name: GL_GI10
Value: eJxNjNFqwkAUROOmbg1aZcAP8AcSbEFqX1ODL%2F7Dsk2usrTZu2xWMX59oxHxbeYMZ6IoEvMphHGYrJfZx2qVfWbvyy%2FEB2KITYFJyUcbfKusrgmvW%2FK1ti2kp4NhC5EXGPdZlVwRhpsifWI3a7zTtlrk5P%2BMxUtpQuffW3JtvZlczZ7GpnF4%2B2ZPaa7L3x%2B23WwpqMYRVUi6xbHXgTB90NuJjDEyjXKez60cYBZMTZfOVrzfNxSkwOAkxT8%2FvkkJ
.doubleclick.net/ Name: IDE
Value: AHWqTUkWqOiU7Whn-AAgY4F_tMYFza3zNI5PK02VLfJOSGsxaN7j_OT4Susd-5uPasI
.adnxs.com/ Name: icu
Value: ChgIprl7EAoYASABKAEw3Y_slQY4AUABSAEQ3Y_slQYYAA..
.adnxs.com/ Name: uuid2
Value: 674136371116471260
.mhgui.com/ Name: __gads
Value: ID=45b70b5f95a5faeb:T=1656424412:S=ALNI_MYpRS_rzdNEW4EZb7MqwPlCan1ERA
.criteo.com/ Name: uid
Value: 6618dcbf-82cc-41f2-97ee-a6ccdc47fb9d
.mhgui.com/ Name: cto_bundle
Value: K9Kfsl9nZlJkOFpOUFJKQyUyQklMSVBtYVlsQnBjbnJUS1lSTkMyNFBhVDd6RHNBZVIxNDhRNW5oZ0g0MXc0eFZxaGE5VSUyRiUyRnFVUWZ0S0Zva1hSOUNJUDRDVDFIWmxDUiUyQiUyQnI1TkZDQU9lTkVVOWZtWG0zbFAzN211TEtmMzJJMUlaeTBuS0p1a3VWVkJHNE9xUmtPOWRodWRiNXpnJTNEJTNE
.mhgui.com/ Name: country
Value: DE

7 Console Messages

Source Level URL
Text
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network error URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network error URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network error URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network error URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adpone-d.openx.net
adservice.google.com
adservice.google.de
bidder.criteo.com
c332e870e0ce9ed51437c35b07cb8ad7.safeframe.googlesyndication.com
cf.hamreus.com
d21956dcd577cb64f6bada32bad6be76.safeframe.googlesyndication.com
gum.criteo.com
hb.adpone.com
hbopenbid.pubmatic.com
ib.adnxs.com
image8.pubmatic.com
jy.ggweb.net
maniconclavis.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
powferads.com
prg.smartadserver.com
securepubads.g.doubleclick.net
static.criteo.net
tpc.googlesyndication.com
u.openx.net
www.google.com
www.googletagservices.com
www.mhgui.com
c332e870e0ce9ed51437c35b07cb8ad7.safeframe.googlesyndication.com
hbopenbid.pubmatic.com
jy.ggweb.net
104.24.8.56
107.189.11.167
128.1.164.123
142.91.159.140
172.217.23.98
178.250.2.131
178.250.2.146
185.33.220.243
185.64.189.112
185.86.138.123
198.47.127.18
2606:4700:20::ac43:49e4
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:812::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a02:2638:1::3
2a02:2638::1c
35.244.159.8
51.38.120.206
52.222.214.115
01fb24629611503ba4ea42ea9d94c1b82449d62985a6087c5e22e9e38b9b0ff6
025f7cb227ffbba2a1da9597d65e242a782b2277a2394decb428d805ba97ff36
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
045d2118123dd438309aec9df012404bb89c0448a4ab9a38915bddbaec060cc0
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ee8ad92a77d8fa07327e9e48b72ed0396d71f8cd7df4c713d41f20ee39ec085
0f37e41cfd6ef708a4545e4187dfc56501a577c44e64f521ad18d736a8ee0a95
119675abf3b276d4d21f7e21d6f4014726bc5c599d5e6bff6f227d7706b351e0
126cd859d823697bfe2fe98804af7806ea1de512e5cbbfadb657b7f3c99df8de
1f105f94097f21d363113f45f66d3aff8d274009658dbab3b45f4a984d4288f4
219a851fcef653f69543e3b83d168cf4225d9434ee4946ca36016fef0b8e82f2
255d105a6563bee77ccfc2de757c29258b0e0f360e9e20c1ad011317a674303d
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2b351c4573f1f9cd561466548d826d3ecd55356978aec85f03783db0f5fad02c
2c1874a430d05d260c5378da7f9df2b4fe347f7e31f7a65072168980a0dd873b
2e49179c47f9215b7535f9cff6be898d11f251942dff1b9fcd436975fef35b53
30dea500a4657accba196909831f0e21a6ad970c8595cc1a87e1c7e16bfe9c6d
3155080fe829786172c01f241270a12903c89a01b866fd5385bd6acf5a2131d3
3ec348f7008b2fccd6cc39398578f397c833c06380fe90463191116d27027036
4992ee1b6908be6313e5657dc00c9494188fad9097089c4116d4fb7d58a5fd6b
4c38f5e3198a94d0e0d117399fdec9d710ee5d7123b67ca5eb994e5a337b9501
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
503d412afeac1d491ffa24c7987180acb0566276bcfd6548ddec830f275a3dbb
52a03130678e1b05f9890420c890f9751d6476e16e1e990d1c132d5bd2cb1c67
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562026c9163e2ca1a55c623f92db7db0ecbe1d1cc5a60992f4bf43eaa48c57ab
5a74841588b691df29fbb7da5975b01a1e2510159ea413a8b43a8fd6c9fd3d90
5b36fc790be1246f322aeca41ad3c545ef46302b0c0f937b853a9f4509e15e57
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
6175461ff468e4a07031ffe938f692e6f30d319365e9c046dabc6c6b909ef145
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623d93bd8398f1f481c4987347f04f7b3b41baaa59d0492ba07aec8b9ba26d65
68aa9f3bc5ca8ca11e79807abdeecd272e070f402b07f1e0d20201c14c86c1a3
7191d479ed7098fddafe5a50fa92c52c6f52cdd3b0c1419f79c5baacb90f9634
71e7b159cd59ab8949b2c3b11c5ba2cbc7aa1f2b4052b489b4b584286e09d1d8
753386321de142ccbfc747b2f5a0d21d32e5d1e79fcb878c608f1a49a11b3362
78e51539affc9639b38b476b25d849ae45429c5548182c8c7a51849f9bdb84c9
8099d583b9df1553d37db67fac6a32693f304934ac3906b68ff0755994b53b68
8cac38a61950b8378f23b4e156b1640d2419f428eda46a14e60a3b7f13dc4906
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9603d4423caeb48adc07785493bdfcd2bdee5ec375c8e16eb941c2da68352b58
97152adc4cf5b70d5b2c452437be35d669558a8596ea252833ac849017d40a8a
a10096d0498acb78bfdb3895ae10480f3a8acdac6f0c6a2784f9c5b761ff97fe
a1ad79f8595bd0e292ee596db63d06f80e8a3ec4a6cf84621a4d2af673562a87
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a83b1c05c0aaff77043cde10b34a552eba06418f13ef7a7d343129aad2fa01cf
aa57468383b53d9b60458647e700cac69a75326752b41c9a6db4fdbab461a58c
ac50e3f1b80e462d8bb974452d8d26d191a9614946b2b310a4f8def011abf5b1
b52b2a5d3a8c8149f251b2b79ac68ed6eac3e7eb8b3642b0eaa3392837dbd5ac
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4
cb7f7692ef3ca0996b5b70047659e745860ad2ba9081a1a06d7e9a45ef6f98c5
d0bf019e6e8c3169956678b6c85da689fefb9fe4e2602a1e5173c98e67727f7f
d1f91e655a9e406fc235e03d99fd2ccc948bbd7a134a66270eba56cef9714b7b
d590c75c23bd8d9f3cb49271d693512127bd7a6586fd52f4c818bb1540b12358
dacb5c5ccac740c7e831e049f6e1ff32e7fdc3604f9fc0ead402c24802992198
e277b162cdb301be5de38de7ab7eb6c3a15a5d4fc47550815a845f9c519a2d99
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea8d0aac0845198f8c36e8219e851e8518e587056a38b9339d92c13cf62e0ed8
f08d6a564cf051d5cd488600af0f811c4cbb4c39e1f2780b2b32870b5687541e
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b
f7a872d478df96263f9ffba7cd6261d1e702a1bfa2463f190688c6fb5f04d497
f89d9d323b4c2b1f0942a8ca5fca33d6ac5d87e394b426420bd0f7b8e78334f2
fbfdfbb16fdf69da4dc68583466d74abe9f91b2716e79754c447e2d429ba9024
fd5cd13534db869dfea94721722a5048d2ad25c8024b38eeb2f7821910f0ce7f
feddc610c076b6ed29578483491eba0862c19988047373acfcab105998bc0f3e