urlscan.io logo urlscan.io
SecurityTrails logo

iw.omatomeloanhikaku.com Open in urlscan Pro
2606:4700:3032::6815:3812  Public Scan

Go To Rescan Add Verdict Report
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Submission: On February 10 via manual from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 94 IPs in 13 countries across 83 domains to perform 478 HTTP transactions. The main IP is 2606:4700:3032::6815:3812, located in United States and belongs to CLOUDFLARENET, US. The main domain is iw.omatomeloanhikaku.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 8th 2021. Valid for: a year.
This is the only time iw.omatomeloanhikaku.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
19 104.19.132.78 13335 (CLOUDFLAR...)
1 188.166.135.13 14061 (DIGITALOC...)
4 2600:9000:225... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 151.101.1.195 54113 (FASTLY)
4 95.216.65.102 24940 (HETZNER-AS)
3 7 2a02:6b8::1:119 208722 (YNDX)
10 142.250.186.98 15169 (GOOGLE)
1 1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 147.75.38.124 54825 (PACKET)
11 17 185.33.220.145 29990 (ASN-APPNEX)
40 2606:4700:10:... 13335 (CLOUDFLAR...)
8 212.77.99.29 12827 (WIRTUALNA...)
4 185.184.8.65 204995 (RTB-HOUSE...)
3 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 137.74.127.184 16276 (OVH)
18 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 31 2a00:1450:400... 15169 (GOOGLE)
2 6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 13 172.217.23.98 15169 (GOOGLE)
2 16 2.18.234.21 16625 (AKAMAI-AS)
7 2a03:90c0:41:... 199524 (GCORE)
19 104.19.134.78 13335 (CLOUDFLAR...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
6 54.146.48.179 14618 (AMAZON-AES)
2 142.250.186.162 15169 (GOOGLE)
1 34.226.70.99 14618 (AMAZON-AES)
1 213.202.235.10 24961 (MYLOC-AS ...)
1 2a00:1450:400... 15169 (GOOGLE)
3 144.76.128.227 24940 (HETZNER-AS)
35 35.186.238.232 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 162.55.233.29 24940 (HETZNER-AS)
2 5 185.86.137.32 201081 (SMARTADSE...)
1 35.241.45.217 15169 (GOOGLE)
2 2a04:4e42:600... 54113 (FASTLY)
4 2a04:4e42:a00... 54113 (FASTLY)
2 7 2.18.234.233 16625 (AKAMAI-AS)
1 34.102.243.38 15169 (GOOGLE)
1 1 2.19.35.65 16625 (AKAMAI-AS)
2 23.79.143.124 16625 (AKAMAI-AS)
2 54.246.208.198 16509 (AMAZON-02)
4 8 3.33.220.150 16509 (AMAZON-02)
1 35.227.248.159 15169 (GOOGLE)
2 69.173.144.138 26667 (RUBICONPR...)
2 185.94.180.123 35220 (SPOTX-AMS)
5 142.250.185.194 15169 (GOOGLE)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
4 212.77.98.32 12827 (WIRTUALNA...)
6 95.217.231.160 24940 (HETZNER-AS)
4 2600:9000:223... 16509 (AMAZON-02)
8 8 52.59.131.166 16509 (AMAZON-02)
12 13 18.156.0.31 16509 (AMAZON-02)
4 4 3.124.112.1 16509 (AMAZON-02)
4 4 34.203.157.179 14618 (AMAZON-AES)
8 8 96.46.186.59 7979 (SERVERS-COM)
4 51.89.7.202 16276 (OVH)
4 72.251.249.14 29791 (VOXEL-DOT...)
15 2.18.233.180 16625 (AKAMAI-AS)
4 51.89.9.254 16276 (OVH)
4 213.19.147.45 26120 (RHYTHMONE)
4 9 209.54.176.128 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 169.197.150.7 398989 (DEEPINTENT)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 108.128.225.181 16509 (AMAZON-02)
2 2 18.157.231.140 16509 (AMAZON-02)
3 185.33.221.88 29990 (ASN-APPNEX)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 52.6.103.226 14618 (AMAZON-AES)
2 5 159.122.14.34 36351 (SOFTLAYER)
3 3 185.29.134.244 30419 (MEDIAMATH...)
2 3 104.111.242.53 16625 (AKAMAI-AS)
1 1 185.183.112.148 60350 (VP)
1 1 66.155.71.150 13768 (COGECO-PEER1)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 198.47.127.19 3257 (GTT-BACKB...)
1 65.21.54.62 24940 (HETZNER-AS)
1 5.101.76.186 48096 (ITGRAD)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 185.64.190.75 62713 (AS-PUBMATIC)
3 37.157.4.29 198622 (ADFORM)
4 104.111.230.142 16625 (AKAMAI-AS)
2 3.67.65.254 16509 (AMAZON-02)
3 4 37.157.6.251 198622 (ADFORM)
8 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.184 1299 (TWELVE99 ...)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 198.47.127.20 62713 (AS-PUBMATIC)
3 3 141.94.170.77 16276 (OVH)
2 2 63.35.242.195 16509 (AMAZON-02)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
478 94
7    2606:4700:3032::6815:3812 (United States)

ASN13335 (CLOUDFLARENET, US)
iw.omatomeloanhikaku.com
omatomeloanhikaku.com
a.omatomeloanhikaku.com
2    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
19    104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
cdn.mgid.com
c.mgid.com
servicer.mgid.com
cm.mgid.com
s-img.mgid.com
1    188.166.135.13 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
go4s.biz
4    2600:9000:225e:d000:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
1    2600:9000:223c:3e00:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
1    151.101.1.195 (United States)

ASN54113 (FASTLY, US)
cdn.zx-adnet.com
4    95.216.65.102 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: frodo.min.org.ua
www.bigmp3db.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
10    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.veedmo-static.com
1    2606:4700:3035::ac43:ce26 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.veedmo-storage-2.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
4    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
17    185.33.220.145 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
40    2606:4700:10::6816:2460 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
8    212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl
ssp.wp.pl
4    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
3    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
18    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
2    137.74.127.184 (France)

ASN16276 (OVH, FR)
ares.veedmo.com
18    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
10    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
31    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
13    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
cm.g.doubleclick.net
16    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
7    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
video-native.mgid.com
19    104.19.134.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
2    2a02:26f0:6c00:28a::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
6    54.146.48.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-48-179.compute-1.amazonaws.com
track1.aniview.com
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads4.g.doubleclick.net
1    34.226.70.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-70-99.compute-1.amazonaws.com
go1.aniview.com
1    213.202.235.10 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    144.76.128.227 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ap16.adplayer.pro
serving.viewtraff.com
cdn.laim.tv
35    35.186.238.232 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 232.238.186.35.bc.googleusercontent.com
ads.viralize.tv
3    2606:4700::6812:9ca (United States)

ASN13335 (CLOUDFLARENET, US)
static.viralize.tv
1    162.55.233.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.233.55.162.clients.your-server.de
sync.richaudience.com
5    185.86.137.32 (France)

ASN201081 (SMARTADSERVER, FR)
www8.smartadserver.com
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
2    2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)
cdn.ravenjs.com
4    2a04:4e42:a00::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
7    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    34.102.243.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.243.102.34.bc.googleusercontent.com
pandg.tapad.com
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    54.246.208.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-208-198.eu-west-1.compute.amazonaws.com
ice.360yield.com
8    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-eu.rubiconproject.com
2    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
5    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
pubads.g.doubleclick.net
2    2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
cdn.stickyadstv.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
4    212.77.98.32 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: wifi32.ras.wp.pl
std.wpcdn.pl
6    95.217.231.160 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: ap11.adplayer.pro
serving.stat-rock.com
4    2600:9000:223f:4e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
8    52.59.131.166 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-131-166.eu-central-1.compute.amazonaws.com
pixel.advertising.com
13    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    3.124.112.1 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-112-1.eu-central-1.compute.amazonaws.com
match.sharethrough.com
4    34.203.157.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-157-179.compute-1.amazonaws.com
ssp.disqus.com
8    96.46.186.59 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
4    51.89.7.202 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p37.id5-sync.com
id5-sync.com
4    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
15    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
vpaid.pubmatic.com
aktrack.pubmatic.com
4    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
4    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
usermatch.targeting.unrulymedia.com
9    209.54.176.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2a05:d018:d29:3605:e7f2:7d0e:d8ab:42c4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    108.128.225.181 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-225-181.eu-west-1.compute.amazonaws.com
d.adroll.com
2    18.157.231.140 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-231-140.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    185.33.221.88 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    2620:116:800d:21:3175:5196:e3fd:8c1d (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    52.6.103.226 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-103-226.compute-1.amazonaws.com
rtb.adentifi.com
5    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
3    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
1    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
4    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
1    65.21.54.62 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.62.54.21.65.clients.your-server.de
spylees.com
1    5.101.76.186 (Russian Federation)

ASN48096 (ITGRAD, RU)
ads.adlook.me
1    2606:4700:3030::ac43:cd38 (United States)

ASN13335 (CLOUDFLARENET, US)
vast.mrpartner.net
2    2a02:26f0:6c00::210:ba12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
creatives.sascdn.com
2    185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
3    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
4    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
video-ads.rubiconproject.com
2    3.67.65.254 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-65-254.eu-central-1.compute.amazonaws.com
optimized-by.rubiconproject.com
4    37.157.6.251 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
8    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    213.155.156.184 (Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com
d5p.de17a.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
3    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel.onaudience.com
2    63.35.242.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
Apex Domain
Subdomains		 Transfer
52 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
393 KB
45 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 8575
cdn.mgid.com — Cisco Umbrella Rank: 10842
c.mgid.com — Cisco Umbrella Rank: 6289
servicer.mgid.com — Cisco Umbrella Rank: 8740
video-native.mgid.com — Cisco Umbrella Rank: 27360
s-img.mgid.com — Cisco Umbrella Rank: 7632
cm.mgid.com — Cisco Umbrella Rank: 2442
600 KB
40 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 9708
sync.quantumdex.io — Cisco Umbrella Rank: 2699
8 KB
38 viralize.tv
ads.viralize.tv — Cisco Umbrella Rank: 29543
static.viralize.tv — Cisco Umbrella Rank: 30282
476 KB
35 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
cm.g.doubleclick.net — Cisco Umbrella Rank: 175
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
pubads.g.doubleclick.net — Cisco Umbrella Rank: 506
298 KB
30 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 429
image6.pubmatic.com — Cisco Umbrella Rank: 582
vpaid.pubmatic.com — Cisco Umbrella Rank: 5792
vid.pubmatic.com — Cisco Umbrella Rank: 9104
aktrack.pubmatic.com — Cisco Umbrella Rank: 850 Failed
simage2.pubmatic.com — Cisco Umbrella Rank: 552
image2.pubmatic.com — Cisco Umbrella Rank: 752
image4.pubmatic.com — Cisco Umbrella Rank: 738
176 KB
20 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
secure.adnxs.com — Cisco Umbrella Rank: 350
14 KB
18 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
177 KB
16 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463
dsum.casalemedia.com — Cisco Umbrella Rank: 1042
22 KB
14 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 269
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419
3 KB
14 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
imasdk.googleapis.com — Cisco Umbrella Rank: 407
ajax.googleapis.com — Cisco Umbrella Rank: 250
2 MB
11 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 917
eus.rubiconproject.com — Cisco Umbrella Rank: 512
token.rubiconproject.com — Cisco Umbrella Rank: 593
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2038
video-ads.rubiconproject.com — Cisco Umbrella Rank: 6770
optimized-by.rubiconproject.com — Cisco Umbrella Rank: 3636
57 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 346
221 KB
9 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 266
6 KB
9 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 614
cdn.stickyadstv.com — Cisco Umbrella Rank: 2281
146 KB
9 aniview.com
player.aniview.com — Cisco Umbrella Rank: 2253
track1.aniview.com — Cisco Umbrella Rank: 2203
go1.aniview.com — Cisco Umbrella Rank: 4904
110 KB
9 google.com
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com — Cisco Umbrella Rank: 2
1 KB
8 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1448
5 KB
8 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 307
3 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
3 KB
8 wp.pl
ssp.wp.pl — Cisco Umbrella Rank: 28893
2 KB
7 adform.net
adx.adform.net — Cisco Umbrella Rank: 4785 Failed
c1.adform.net — Cisco Umbrella Rank: 529
4 KB
7 omatomeloanhikaku.com
iw.omatomeloanhikaku.com
omatomeloanhikaku.com — Cisco Umbrella Rank: 558466
a.omatomeloanhikaku.com
181 KB
6 stat-rock.com
serving.stat-rock.com — Cisco Umbrella Rank: 14664
4 KB
5 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 691
2 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 355
mug.criteo.com — Cisco Umbrella Rank: 3197
dis.criteo.com — Cisco Umbrella Rank: 619
2 KB
5 smartadserver.com
www8.smartadserver.com — Cisco Umbrella Rank: 5808
3 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 28275
2 KB
5 optad360.io
get.optad360.io — Cisco Umbrella Rank: 25229
cmp.optad360.io — Cisco Umbrella Rank: 40385
235 KB
4 unrulymedia.com
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 2868
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 865
3 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 598
1 KB
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 493
4 KB
4 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 6709
1 KB
4 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 561
957 B
4 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 659
961 B
4 wpcdn.pl
std.wpcdn.pl — Cisco Umbrella Rank: 34803
136 KB
4 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1195
1023 B
4 gstatic.com
fonts.gstatic.com
encrypted-tbn3.gstatic.com
105 KB
4 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5927
744 B
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1014
986 B
4 bigmp3db.com
www.bigmp3db.com — Cisco Umbrella Rank: 539557
19 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1400
1 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 789
1 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 387
2 KB
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1178
mwzeom.zeotap.com — Cisco Umbrella Rank: 1486
892 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 662
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4441
637 B
2 sascdn.com
creatives.sascdn.com — Cisco Umbrella Rank: 14213
756 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 704
1 KB
2 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 385
3 KB
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1432
696 B
2 tapad.com
pandg.tapad.com — Cisco Umbrella Rank: 1606
pixel.tapad.com — Cisco Umbrella Rank: 357
1 KB
2 ravenjs.com
cdn.ravenjs.com — Cisco Umbrella Rank: 6591
19 KB
2 viewtraff.com
serving.viewtraff.com — Cisco Umbrella Rank: 299517
99 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
76 KB
2 veedmo.com
ares.veedmo.com — Cisco Umbrella Rank: 117575
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1902
23 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2932
68 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 401
3 KB
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1393
501 B
1 laim.tv
cdn.laim.tv — Cisco Umbrella Rank: 92490
2 KB
1 mrpartner.net
vast.mrpartner.net — Cisco Umbrella Rank: 234808 Failed
754 B
1 adlook.me
ads.adlook.me — Cisco Umbrella Rank: 47161
1 KB
1 spylees.com
spylees.com — Cisco Umbrella Rank: 79835
913 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 1613
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2279
187 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 542
299 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1254
307 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 931
88 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 374
506 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1329
112 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 653
425 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 807
44 B
1 pghub.io
pghub.io — Cisco Umbrella Rank: 1411
4 KB
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1515
826 B
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 11797
1 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 9027
792 B
1 veedmo-storage-2.com
cdn.veedmo-storage-2.com — Cisco Umbrella Rank: 123091
352 KB
1 veedmo-static.com
cdn.veedmo-static.com — Cisco Umbrella Rank: 116737
619 B
1 zx-adnet.com
cdn.zx-adnet.com — Cisco Umbrella Rank: 124159
10 KB
1 go4s.biz
go4s.biz — Cisco Umbrella Rank: 316527
20 KB
0 sonobi.com Failed
sync.go.sonobi.com Failed
478 83
Domain Requested by
36 sync.quantumdex.io get.optad360.io
sync.quantumdex.io
ssum-sec.casalemedia.com
35 ads.viralize.tv player.aniview.com
static.viralize.tv
iw.omatomeloanhikaku.com
cdn.ravenjs.com
31 tpc.googlesyndication.com 1 redirects iw.omatomeloanhikaku.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
cdn.ampproject.org
20 s-img.mgid.com
18 s0.2mdn.net imasdk.googleapis.com
iw.omatomeloanhikaku.com
s0.2mdn.net
18 pagead2.googlesyndication.com securepubads.g.doubleclick.net
srcdoc
309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
17 ib.adnxs.com 11 redirects get.optad360.io
googleads.g.doubleclick.net
ssum-sec.casalemedia.com
13 ups.analytics.yahoo.com 12 redirects ssum-sec.casalemedia.com
13 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
11 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 imasdk.googleapis.com cdn.veedmo-static.com
imasdk.googleapis.com
player.aniview.com
static.viralize.tv
10 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
iw.omatomeloanhikaku.com
9 s.amazon-adsystem.com 4 redirects ssum-sec.casalemedia.com
9 ads.pubmatic.com sync.quantumdex.io
vpaid.pubmatic.com
ads.pubmatic.com
8 ads.betweendigital.com 8 redirects
8 pixel.advertising.com 8 redirects
8 match.adsrvr.org 4 redirects ssum-sec.casalemedia.com
8 ssp.wp.pl get.optad360.io
7 ads.stickyadstv.com 2 redirects cdn.ravenjs.com
cdn.stickyadstv.com
7 video-native.mgid.com jsc.mgid.com
cdn.mgid.com
video-native.mgid.com
6 serving.stat-rock.com
6 track1.aniview.com player.aniview.com
6 www.google.com 2 redirects iw.omatomeloanhikaku.com
tpc.googlesyndication.com
309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
5 um.simpli.fi 2 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
5 pubads.g.doubleclick.net imasdk.googleapis.com
5 www8.smartadserver.com 2 redirects iw.omatomeloanhikaku.com
5 googleads.g.doubleclick.net 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
iw.omatomeloanhikaku.com
5 mc.yandex.com 2 redirects
5 cdn.mgid.com jsc.mgid.com
4 image2.pubmatic.com ads.pubmatic.com
4 simage2.pubmatic.com ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 video-ads.rubiconproject.com cdn.ravenjs.com
static.viralize.tv
4 vpaid.pubmatic.com cdn.ravenjs.com
static.viralize.tv
4 image6.pubmatic.com ads.pubmatic.com
4 usermatch.targeting.unrulymedia.com sync.quantumdex.io
4 onetag-sys.com sync.quantumdex.io
4 ssum-sec.casalemedia.com sync.quantumdex.io
4 ap.lijit.com sync.quantumdex.io
4 id5-sync.com sync.quantumdex.io
4 ssp.disqus.com 4 redirects
4 match.sharethrough.com 4 redirects
4 s.ad.smaato.net sync.quantumdex.io
4 std.wpcdn.pl ssp.wp.pl
4 polyfill.io static.viralize.tv
iw.omatomeloanhikaku.com
4 c.mgid.com jsc.mgid.com
4 prebid-eu.creativecdn.com get.optad360.io
4 useast.quantumdex.io get.optad360.io
4 prebid.a-mo.net get.optad360.io
4 www.bigmp3db.com iw.omatomeloanhikaku.com
www.bigmp3db.com
4 get.optad360.io iw.omatomeloanhikaku.com
get.optad360.io
4 jsc.mgid.com iw.omatomeloanhikaku.com
jsc.mgid.com
4 a.omatomeloanhikaku.com iw.omatomeloanhikaku.com
3 pixel.onaudience.com 3 redirects
3 adx.adform.net cdn.ravenjs.com
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 sync.mathtag.com 3 redirects
3 secure.adnxs.com ssum-sec.casalemedia.com
3 static.viralize.tv player.aniview.com
static.viralize.tv
3 servicer.mgid.com jsc.mgid.com
3 fonts.gstatic.com fonts.googleapis.com
3 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
3 fonts.googleapis.com client
securepubads.g.doubleclick.net
2 sync.crwdcntrl.net 2 redirects
2 d5p.de17a.com 2 redirects
2 optimized-by.rubiconproject.com video-ads.rubiconproject.com
2 aktrack.pubmatic.com
2 vid.pubmatic.com vpaid.pubmatic.com
2 creatives.sascdn.com static.viralize.tv
2 pm.w55c.net 2 redirects
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 cdn.stickyadstv.com static.viralize.tv
cdn.stickyadstv.com
2 search.spotxchange.com cdn.ravenjs.com
2 ice.360yield.com cdn.ravenjs.com
2 eus.rubiconproject.com www8.smartadserver.com
eus.rubiconproject.com
2 cdn.ravenjs.com static.viralize.tv
2 serving.viewtraff.com player.aniview.com
2 googleads4.g.doubleclick.net iw.omatomeloanhikaku.com
2 cm.mgid.com jsc.mgid.com
2 player.aniview.com cdn.mgid.com
player.aniview.com
2 www.googletagservices.com 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
2 ares.veedmo.com cdn.veedmo-static.com
2 script.4dex.io get.optad360.io
script.4dex.io
2 mc.yandex.ru 1 redirects iw.omatomeloanhikaku.com
2 cdn.jsdelivr.net iw.omatomeloanhikaku.com
get.optad360.io
2 iw.omatomeloanhikaku.com iw.omatomeloanhikaku.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 cdn.laim.tv serving.viewtraff.com
1 vast.mrpartner.net serving.viewtraff.com
1 ads.adlook.me serving.viewtraff.com
1 spylees.com serving.viewtraff.com
1 ad4m.at ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 sync.adotmob.com 1 redirects
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 pixel.quantserve.com 1 redirects
1 d.adroll.com 1 redirects
1 ad.turn.com 1 redirects
1 match.deepintent.com ssum-sec.casalemedia.com
1 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 token.rubiconproject.com eus.rubiconproject.com
1 pixel.tapad.com pandg.tapad.com
1 secure-assets.rubiconproject.com 1 redirects
1 pandg.tapad.com pghub.io
1 pghub.io iw.omatomeloanhikaku.com
1 sync.richaudience.com iw.omatomeloanhikaku.com
1 ajax.googleapis.com tpc.googlesyndication.com
1 m.exactag.com iw.omatomeloanhikaku.com
1 go1.aniview.com player.aniview.com
1 encrypted-tbn3.gstatic.com iw.omatomeloanhikaku.com
1 adservice.google.de securepubads.g.doubleclick.net
1 cdn.veedmo-storage-2.com
1 cdn.veedmo-static.com 1 redirects
1 cdn.zx-adnet.com iw.omatomeloanhikaku.com
1 cmp.optad360.io iw.omatomeloanhikaku.com
1 go4s.biz iw.omatomeloanhikaku.com
1 omatomeloanhikaku.com iw.omatomeloanhikaku.com
0 sync.go.sonobi.com Failed sync.quantumdex.io
478 128
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-08 -
2022-09-07		 a year crt.sh
go1s.biz
R3		 2022-01-10 -
2022-04-10		 3 months crt.sh
*.optad360.io
Amazon		 2021-11-17 -
2022-12-15		 a year crt.sh
www.drivermanager.club
GTS CA 1D4		 2022-01-07 -
2022-04-07		 3 months crt.sh
www.bigmp3db.com
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.a-mo.net
R3		 2021-12-28 -
2022-03-28		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.wp.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-05 -
2022-03-14		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
ares.veedmo.com
R3		 2022-02-06 -
2022-05-07		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.mgid.com
Go Daddy Secure Certificate Authority - G2		 2021-09-13 -
2022-10-15		 a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
*.exactag.com
Sectigo RSA Organization Validation Secure Server CA		 2020-01-22 -
2022-04-21		 2 years crt.sh
serving.viewtraff.com
R3		 2022-01-09 -
2022-04-09		 3 months crt.sh
*.viralize.tv
Sectigo RSA Domain Validation Secure Server CA		 2021-11-10 -
2022-12-11		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-02 -
2023-02-17		 a year crt.sh
cdn.ravenjs.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-11-26 -
2022-12-28		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020		 2021-06-04 -
2022-07-06		 a year crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.360yield.com
Amazon		 2021-07-28 -
2022-08-26		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-12 -
2023-02-12		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.wpcdn.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-14 -
2022-05-15		 a year crt.sh
serving.stat-rock.com
R3		 2021-12-26 -
2022-03-26		 3 months crt.sh
s.ad.smaato.net
Amazon		 2021-09-21 -
2022-10-20		 a year crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-11 -
2022-07-06		 6 months crt.sh
cdn.spylees.com
R3		 2022-01-17 -
2022-04-17		 3 months crt.sh
*.adlook.me
Sectigo RSA Domain Validation Secure Server CA		 2020-06-12 -
2022-06-12		 2 years crt.sh
cdn.laim.tv
R3		 2021-12-26 -
2022-03-26		 3 months crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA		 2021-09-13 -
2022-09-13		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh

This page contains 73 frames:

Primary Page: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Frame ID: F5A18656597D4C9A0D6CCAAE7A7FF6FE
Requests: 129 HTTP requests in this frame

Frame: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 40AC46A297C16260A265BB77B09ED641
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: 13366EB62E10AC15AA71605BD7DA7DB7
Requests: 1 HTTP requests in this frame

Frame: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2736E9F5F0116152382A090BE413EB4A
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Frame ID: BEFC924774E02FDBE54F6669EEAE92FC
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: DD8E910E52A5F8B9E01604AD8DF7DA06
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D8096E3A0BFEE8FED0A7E5E35E3B32FE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 31E7DF607847D297002040EA95D4E338
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYzLeCmgEwAQ&v=APEucNWBbcnHgVcrrgKrHmkTnEQ3YHdN8XjCX68BSF0hA75mJ1hySdItaGYN1F_f986Onq7v94UnvnV6cmHl0Ce87TOw425pCd29HNNjwU3irzYmkrDgTuojJo9DpEtbaOgzznrwAaqIxQvrwF9LEwBw6LhnJoJ7XY-l9oSmx-z8NsztwqVqvi--exb2Iweld8_6JItKEQ0_k1QU7DQK4AWCDDqD6w-mBQ
Frame ID: 0D8539C9FEE9B741F8C7862807389AB4
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Frame ID: 1C47287015067BAF0A22D9B58AB25E89
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
Frame ID: 3A2E7C9652E6F3C7D9F64AE872CA1F3C
Requests: 15 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1644485245791610816116
Frame ID: E1ABA50773B719A3920FABE78AA3540C
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Frame ID: 2C715E1C0A48490718C1A840A282159E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2EB19F296B03136BBCE676CF275A4100
Requests: 3 HTTP requests in this frame

Frame: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 165CD6998A8B5757304BFBEA773FEC6B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/index.html
Frame ID: C2CD21EB594C0F12E304470519209503
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 17CC3204FBF2995DCEE49897CC197635
Requests: 2 HTTP requests in this frame

Frame: https://static.viralize.tv/viralize_vpaid.min.093edae1.js?e=ops
Frame ID: E60F679594123ACA96A15F6494878917
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: 55921CF20F1DDFCF12728AA203EE5F07
Requests: 32 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: DB8E5520F96D8A2A69FDAB9493BA0DB0
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: 26A30757AE43EA8096D61717FE078C3B
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: 3DC0E8AFB6F9442416C511C053360771
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: A41F4CCA8D1FBF3C0C110562CDB92A7B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 89238876F112E23BFC0D5C801C806A16
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 213B6D700BCDE1536CE45EB593A45330
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FDF66A8BAFA15E200ED43F4E827395D9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9D14D50BD864C74AFE7FA7DF556F2527
Requests: 1 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=0&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&owner=P%26G&bp_id=showheroes
Frame ID: 2EA971CB7091B6240D472E56E76F4FFF
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: AC92EA58979E3459474AF20596421B52
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: C85644EAF6716052DB60D960B559B7B6
Requests: 4 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 58339D44F8FBF2A68B1BD3BB7864196C
Requests: 12 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: C57E996A3A410AE9A4E64C58613F0C6B
Requests: 12 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 43EC3B9CC553E038954603538683D168
Requests: 2 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 77CFAEBC64DE8B870DFEBAD7EF1A034A
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: A1EF8B8A373FBAAD0EBBD1DC53B793A8
Requests: 12 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 7E24FEF877F094D4FA66E85663E286CC
Requests: 12 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: ED85934A994AB06279FDFE6075172A48
Requests: 2 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 2DA628D35D2A5B6C0C7299F57C0D7033
Requests: 2 HTTP requests in this frame

Frame: https://serving.viewtraff.com/player/viewtraff.js?adapter1
Frame ID: E1AE17E15B7C01B905CA4A95827AA611
Requests: 12 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: 4C36ED2678E45C154E0CDA73CF89A9CD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D71206836B76C6DF0B97D72296FEA8ED
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: DD5C3216A05DE757053DA159A1806EEF
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: FAF7FB4647BFF82856B9A82A3CB54309
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: F3CD81240EE850E0A6F4066B2BE1C178
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 3B2EC1526B26293B5AB5372214D9FFE0
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: D95CEDA4A0B4A878827D232D5D9F495E
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: A742E23A78B2ADFB4FE3CF471FC0E904
Requests: 10 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 4A29FAACDF324F5B9C2A973279B20F24
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 0BE51BD2A0A5A545701C5EB1E0070F62
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: BCAB2DE7539FA02BE6CF3DCAF3CF4FF9
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 91E20C5AAF1BC1F9A57A8B867F64D306
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 88E5EF18F33E13A762062720922FD51D
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: E16048862AF1D8D463FB583DE3733E28
Requests: 10 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 4A3C4059D248F811725C6EF0D4573EE4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: A31FE5BBA288E91F1997D67077A70CEB
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 3961CC3AE98A931F3BB7139AC3278311
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 1D8A23EC1C1FE5C763840974566B7A2D
Requests: 10 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: BC092E80B1984B373A774182AE0E497B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 9414893A70714AE9B74C7AB6DADDC2A6
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 8385A5C30A32EB485325F45DC2F76690
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 39CD19571B1FD377F368E824C5722FCF
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795658&adId=3435600&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=382&vw=679&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&cachebuster=1644485246
Frame ID: 061BF67480E5EC468299FFC8FB185520
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1D84637EBE8D2B472E07176DF7B5F848
Requests: 1 HTTP requests in this frame

Frame: https://video-ads.rubiconproject.com/video/bridge-31042.js
Frame ID: 5659E6D8E292ED86BC18AC9A90BF0E24
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: 5C5C5690314987D0D34351D81B18F4DF
Requests: 29 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=382&vw=679&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&cachebuster=1644485250
Frame ID: 4781D43E0C76339CE1C7EE80A0DF0A0A
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 8E5129C0956704B8BD7C64F3AFBC9C22
Requests: 11 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A17AF311-4935-4F28-947E-ACF051C4A222
Frame ID: BA30F22B9F454A8D11F6FEDAA2CFC35A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:15416204-da7f-4e00-82f4-e5d7d6e42bef&gdpr=0&gdpr_consent=
Frame ID: 01B12F42134AC909DBCCD501A12C28D3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5667020498877932406
Frame ID: 45520EA88FF2184307913C107CC26601
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 454A9B90FC70885CD37E9ED1EF0A7849
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7063010367520241818
Frame ID: 6548E612FACD01D5F2FA813D62D6D476
Requests: 1 HTTP requests in this frame

Frame: https://video-ads.rubiconproject.com/video/bridge-31042.js
Frame ID: 474CFA07F13CCB80C3D33F923DC41A37
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

מהו קובץ MPEG (וכיצד אוכל לפתוח קובץ אחד)? - איך ל - 2022

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

478
Requests

83 %
HTTPS

36 %
IPv6

83
Domains

128
Subdomains

94
IPs

13
Countries

5782 kB
Transfer

16613 kB
Size

113
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://cdn.veedmo-static.com/cdn/player/v2/current.js HTTP 301
  • https://cdn.veedmo-storage-2.com/cdn/player/v3/current.js?v=15
Request Chain 22
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9545.NBeUnPQaEFp9LcWk6LFBKTRuX9qPb9YAEbErU1mKAELMD_Z0RmIdWW26nv4A6Jn8.R1Y_2cL3sLw9pMf8SnlmF5jKKhI%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9545.wNEv9T7sFD8XCnQ6ipNJFv7t8U8CdU8gbA0Wey8ZfSrlhsytJ0vt1983maeGaE4v6ZSlEwQgkCPK63EaKRCgNQ%2C%2C.JZq8856RGYftD8S3Bfc1nS72l8w%2C
Request Chain 52
  • https://mc.yandex.com/watch/68209819?wmode=7&page-url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A337%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A403137640268%3Ahid%3A351354437%3Az%3A0%3Ai%3A20220210092723%3Aet%3A1644485244%3Ac%3A1%3Arn%3A27387190%3Arqn%3A1%3Au%3A1644485244248186551%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644485243466%3Ads%3A11%2C134%2C36%2C6%2C0%2C0%2C%2C15%2C0%2C317%2C317%2C3%2C232%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1644485244%3At%3A%D7%9E%D7%94%D7%95%20%D7%A7%D7%95%D7%91%D7%A5%20MPEG%20(%D7%95%D7%9B%D7%99%D7%A6%D7%93%20%D7%90%D7%95%D7%9B%D7%9C%20%D7%9C%D7%A4%D7%AA%D7%95%D7%97%20%D7%A7%D7%95%D7%91%D7%A5%20%D7%90%D7%97%D7%93)%3F%20-%20%D7%90%D7%99%D7%9A%20%D7%9C%20-%202022&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/68209819/1?wmode=7&page-url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A337%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A403137640268%3Ahid%3A351354437%3Az%3A0%3Ai%3A20220210092723%3Aet%3A1644485244%3Ac%3A1%3Arn%3A27387190%3Arqn%3A1%3Au%3A1644485244248186551%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644485243466%3Ads%3A11%2C134%2C36%2C6%2C0%2C0%2C%2C15%2C0%2C317%2C317%2C3%2C232%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1644485244%3At%3A%D7%9E%D7%94%D7%95%20%D7%A7%D7%95%D7%91%D7%A5%20MPEG%20%28%D7%95%D7%9B%D7%99%D7%A6%D7%93%20%D7%90%D7%95%D7%9B%D7%9C%20%D7%9C%D7%A4%D7%AA%D7%95%D7%97%20%D7%A7%D7%95%D7%91%D7%A5%20%D7%90%D7%97%D7%93%29%3F%20-%20%D7%90%D7%99%D7%9A%20%D7%9C%20-%202022&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 109
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 113
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCr6PbFiwEQnQkYnQkyCKuj71APLB1M HTTP 301
  • https://tpc.googlesyndication.com/simgad/16954104317476786032
Request Chain 117
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxOExHgGmoFCE8vMqEMS3Q&google_cver=1
Request Chain 118
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgTafWC6bcDOVUcfuefP4AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxOExHgGmoFCE8vMqEMS3Q&google_cver=1
Request Chain 119
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEgNdsgEcjIKpUZJPJB-InU&google_cver=1
Request Chain 120
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTAyODA5NTgxNDU1NDcwNzYzNQ%3D%3D
Request Chain 203
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 244
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Request Chain 247
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=88e981c3-ac50-4758-bc23-fbf8847877d8&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=88e981c3-ac50-4758-bc23-fbf8847877d8&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1589c039-bcd3-43fa-9686-b1409c835603&ttd_puid=88e981c3-ac50-4758-bc23-fbf8847877d8
Request Chain 263
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fiw.omatomeloanhikaku.com%2F&domain=iw.omatomeloanhikaku.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=DTCeTnx3cXpNQ3Q4T09ka2xTcExQZHM0MFZHVG1tRUptTU5VeGtlQ3JsT1h5VFl5ZjVLUnp6SEVSMm5ncWl5MkNlZTI5MzFGYmdJcFAySXN0NTVGSEg4dUg1TkhWNTZLVEhEcDZMWlpMbXo5dXhoU1pjWjd1ZWRGREtUMzhtajFCNVNFckt2Yno3M1lqUUl3UzZVYVNuMkJUcFcwU2M0Vnl4Nk5OS0xySzBLNG4yMXhWMnV0VGxRMGFRT05QZlN5RW5yeW5mNUJza0dyUWhrNHVRTWpkbWtKZTdMQzBXb0k3Mmhwc2FzU0JWd0FsY1F5V0t6MHgrcm5NU3VIUzJWcnFGNmxhfA&cppv=2
Request Chain 286
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPa9bbd2fa-8a53-11ec-b624-022bbe974822 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa9bbd2fa-8a53-11ec-b624-022bbe974822
Request Chain 287
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=9028095814554707635
Request Chain 288
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=0640f26f-910a-42ba-ad36-94f726990e40
Request Chain 289
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=9028095814554707635
Request Chain 290
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=2803d9fe-6136-794e-f6f6-1d11054da515
Request Chain 291
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9a0d8f06-4278-5329-8b91-083ce995d243
Request Chain 293
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OlI4gmRE2uFhNxKDeipR8XuJ.qNYEAWS4AMBNxM-~A
Request Chain 297
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OlI4gmRE2uFhNxKDeipR8XuJ.qNYEAWS4AMBNxM-~A
Request Chain 299
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPa9bbd2fa-8a53-11ec-b624-022bbe974822 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa9bbd2fa-8a53-11ec-b624-022bbe974822
Request Chain 300
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=9028095814554707635
Request Chain 301
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c929dc51-4195-4f53-9dc6-263ae2c2ac66
Request Chain 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=9028095814554707635
Request Chain 303
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=4900d01a-01ce-bf36-59b4-f9b4156468cb
Request Chain 304
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9a0d8f06-4278-5329-8b91-083ce995d243
Request Chain 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=9028095814554707635
Request Chain 309
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OlI4gmRE2uFhNxKDeipR8XuJ.qNYEAWS4AMBNxM-~A
Request Chain 312
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPa9bbd2fa-8a53-11ec-b624-022bbe974822 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa9bbd2fa-8a53-11ec-b624-022bbe974822
Request Chain 314
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2b7014c7-41bf-4311-a412-973613a78deb
Request Chain 315
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=9028095814554707635
Request Chain 316
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9a0d8f06-4278-5329-8b91-083ce995d243
Request Chain 317
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=75fb33a3-2b6b-e5b7-432c-d72bf9818913
Request Chain 319
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPa9bbd2fa-8a53-11ec-b624-022bbe974822 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa9bbd2fa-8a53-11ec-b624-022bbe974822
Request Chain 320
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=9028095814554707635
Request Chain 321
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=80717840-8dae-4661-9854-5dc6cd4eb7bc
Request Chain 322
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=9028095814554707635
Request Chain 323
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=5f40923c-e161-34b9-98d0-6ec184985b58
Request Chain 324
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=7b0a1856-21d4-5329-84c8-3ccfe6cce6b0
Request Chain 326
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OlI4gmRE2uFhNxKDeipR8XuJ.qNYEAWS4AMBNxM-~A
Request Chain 353
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB&dcc=t
Request Chain 356
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4499828146938309866
Request Chain 357
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 358
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=netShYYa1Ni5JB5&gdpr=1
Request Chain 360
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB&dcc=t
Request Chain 364
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=NnlT52QqVLUtL1LhNHJO4jdyVOotKgLjMHsw5YN_
Request Chain 366
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 367
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=15416204-da7f-4e00-82f4-e5d7d6e42bef&gdpr=1&gdpr_consent=
Request Chain 371
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB&dcc=t
Request Chain 373
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6977716471259884758&uid=Q6977716471259884758&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 374
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 375
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Request Chain 376
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1647077247
Request Chain 378
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB&dcc=t
Request Chain 382
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1644571647&gdpr=1
Request Chain 390
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=57b5dcbf70304a121181dd202cce869d&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=pc02b_7063010354620447351 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NTdiNWRjYmY3MDMwNGExMjExODFkZDIwMmNjZTg2OWQ=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEGnPqZ4aIljgAPJLXhHHWxE&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=1589c039-bcd3-43fa-9686-b1409c835603 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=9028095814554707635 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/57b5dcbf70304a121181dd202cce869d?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Qj4NtX9E2oNWQydrRScZOH0HAqmOp4WFZC_5rawU~A HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=15416204-da7f-4e00-82f4-e5d7d6e42bef&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=netShYYa1Ni5JB5&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAEJCE7ECbUAAHMm7y_wrA&gdpr=0 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&_test=YgTagAAFIKBP5wBB HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YgTagAAFIKBP5wBB&gdpr=0&_test=YgTagAAFIKBP5wBB
Request Chain 402
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTdiNWRjYmY3MDMwNGExMjExODFkZDIwMmNjZTg2OWQ=&gdpr=0&gdpr_consent=
Request Chain 403
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=57b5dcbf70304a121181dd202cce869d&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 405
  • https://www8.smartadserver.com/ac?siteid=115779&pgid=1188694&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1644485246&vpw=679&vph=382&pgDomain=omatomeloanhikaku.com&gdpr_consent=&gdpr=1&schain=1.0,1!viralize.com,4601,1,,, HTTP 302
  • https://www8.smartadserver.com/ac?siteid=115779&pgid=1188694&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1644485246&vpw=679&vph=382&pgDomain=omatomeloanhikaku.com&gdpr_consent=&gdpr=1&schain=1.0%2C1!viralize.com%2C4601%2C1%2C%2C%2C&cklb=1
Request Chain 443
  • https://www8.smartadserver.com/ac?siteid=115779&pgid=1188693&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1644485250&vpw=679&vph=382&pgDomain=omatomeloanhikaku.com&gdpr_consent=&gdpr=1&schain=1.0,1!viralize.com,4601,1,,, HTTP 302
  • https://www8.smartadserver.com/ac?siteid=115779&pgid=1188693&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1644485250&vpw=679&vph=382&pgDomain=omatomeloanhikaku.com&gdpr_consent=&gdpr=1&schain=1.0%2C1!viralize.com%2C4601%2C1%2C%2C%2C&cklb=1
Request Chain 458
  • https://c1.adform.net/serving/cookie/match?party=14&cid=A17AF311-4935-4F28-947E-ACF051C4A222 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A17AF311-4935-4F28-947E-ACF051C4A222
Request Chain 459
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:15416204-da7f-4e00-82f4-e5d7d6e42bef&gdpr=0&gdpr_consent=
Request Chain 460
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5667020498877932406
Request Chain 462
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7063010367520241818
Request Chain 463
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oXrzEUk1TyiUfqzwUcSiIg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 464
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=15416204-da7f-4e00-82f4-e5d7d6e42bef
Request Chain 465
  • https://pixel.onaudience.com/?partner=214&mapped=A17AF311-4935-4F28-947E-ACF051C4A222 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=1589c039-bcd3-43fa-9686-b1409c835603&icm HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=11e67964824f883c8e24a928826cbb04 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=be0956d0ac036261 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=df5dad70-5ace-4b7d-4358-b337b421e289&reqId=df12d757-a616-4056-687d-f4da5942ffde&zcluid=be0956d0ac036261&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEAJm3Xabgl83KX2pRAT4G9Q&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=df5dad70-5ace-4b7d-4358-b337b421e289&reqId=df12d757-a616-4056-687d-f4da5942ffde&zcluid=be0956d0ac036261&zdid=1332
Request Chain 466
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTE3QUYzMTEtNDkzNS00RjI4LTk0N0UtQUNGMDUxQzRBMjIy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 467
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJQ3oG0l5lRYxlLkLo7_ovE&google_cver=1
Request Chain 469
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3240898880148195667
Request Chain 470
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1589c039-bcd3-43fa-9686-b1409c835603
Request Chain 471
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9028095814554707635&gdpr=0&gdpr_consent=

478 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request what-is-an-mpeg-file-and-how-do-i-open-one-9074
iw.omatomeloanhikaku.com/ 		25 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:3812 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.15
Resource Hash
cc14aa257fb4c3dd3d8e3b9b99362712187684b51395b44362dbe69c7a7d8c5b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 10 Feb 2022 09:27:23 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.0.15
cache-control
max-age=86400
expires
Fri, 11 Feb 2022 09:27:23 GMT
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHjR8fCS3j2FBMuTMi%2FLpKaLsdH9t0AfrWzfWRV02zH3pA2QwQIutAj8NSDKTEZelIG6ijposZlHTnsC38NzOYG2CmHS4FUKX9F2uFBFAN1fHNmIa2lTxfF6HV5%2FfQISdsuBZOljiiuvQPX%2FaE4NxUYpP0RryHA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6db44d249ecb9130-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
42348
x-jsd-version
3.1.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19136-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6db44d251afc8fe3-FRA
style.css
omatomeloanhikaku.com/template/fashion/css/ 		79 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://omatomeloanhikaku.com/template/fashion/css/style.css
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:3812 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56b78d5d6a8f8dc918e152b4b18efa92137e8391358727fca57dde5b989269d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
642158
cf-polished
origSize=82063
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 02 Feb 2022 09:29:50 GMT
server
cloudflare
etag
W/"1408f-5d705a8c9a06d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x1wUR0pFvacrlk26UqRRwwY2bzY6AwKux3bUCn5ujFMUg4NqMgQiGRViGVW8WqwxBcDe0n%2FwmnsFCP6Kfxq7Q8GrnxTtgbP5EuWbueowJc9CYIjt3ykVqhSFuSm7%2BTJkBR0WwPPK%2B9iDRd%2FW1%2B5SYmhWOTY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Wed, 16 Feb 2022 23:04:45 GMT
cache-control
max-age=2678400
cf-ray
6db44d250fdc9130-FRA
cf-bgj
minify
what-is-an-mpeg-file-and-how-do-i-open-one.webp
a.omatomeloanhikaku.com/how-to/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.omatomeloanhikaku.com/how-to/what-is-an-mpeg-file-and-how-do-i-open-one.webp
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:3812 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
415d43d954c9bed785625b5b484eed06dd3b552b68a76fb426315ad7371e39d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33866
last-modified
Sat, 10 Apr 2021 19:37:58 GMT
server
cloudflare
etag
"844a-5bfa36aec5180"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmVqAga8aUAEj3Z5qFHPsdgVn34bFreu6ckebt3krKFvPs7IGwnIe5hArWHocacZ5afOA7PC3nuutbDknYanpBRtUSLAu5IiF43c3kBxMmcVkN%2FYFj4bPDw31MI2zm5fWXZ3c7E5%2B3ObyhWQVtjfr8FXPR7%2Bkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6db44d250fd49130-FRA
what-is-an-mpeg-file-and-how-do-i-open-one-1.webp
a.omatomeloanhikaku.com/how-to/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.omatomeloanhikaku.com/how-to/what-is-an-mpeg-file-and-how-do-i-open-one-1.webp
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:3812 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
402a1c95cf577f9967b8ded6eab9a5e3c2b975f9956f1d8f3b5afbeb503ea0fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24618
last-modified
Sat, 10 Apr 2021 19:37:58 GMT
server
cloudflare
etag
"602a-5bfa36aec5180"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHpzO%2F%2Fhx7VqwzR987AxogVtfdHEm%2Fl%2BgxmuTH8fEbxLONNQE%2F56Xqz85c3MLSv3OBUhvW0RYbv%2FgKRl2ZzbbKzo3%2FHrbalDcJiZa7WSAFAndIBH4QKWS5jSGKRrYPuCois5br3jPtSvQlzXQIVG%2FYJK2hM5DA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6db44d250fd99130-FRA
what-is-an-mpeg-file-and-how-do-i-open-one-2.webp
a.omatomeloanhikaku.com/how-to/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.omatomeloanhikaku.com/how-to/what-is-an-mpeg-file-and-how-do-i-open-one-2.webp
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:3812 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eecea606bd1353c10e972adb50b62abc0242988562e990cb4d565bf85f2ea4d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33856
last-modified
Sat, 10 Apr 2021 19:37:58 GMT
server
cloudflare
etag
"8440-5bfa36aec5180"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OyljFAHVfUh0tvMoSnKi17NS5mBQM6utw%2F6%2F2YAJ34fLEo3wMBOcx3W9vcCU9k9ctj2m%2Bt7lwVbXk9gFzOThke9sdcNF7VkN4QQujWZkOmjT78qEA4N6ILjGD6EFEdNwHMDex%2FkxDXTzUrBcDgmECo%2FoS7C6Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6db44d250fd89130-FRA
rocket-loader.min.js
iw.omatomeloanhikaku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iw.omatomeloanhikaku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:3812 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 08 Feb 2022 10:49:21 GMT
server
cloudflare
etag
W/"62024ab1-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNxXQmq2ccfq73YVMzd1LsBKRqIcuC%2BJtfgwokALVQfAvww6oVnncezrm3nMepsccyYI0kpuay3XCfraUbPiDwygxMSykqBQKdvzc5w1S16%2FDSCQ1VayMNrkx3d1UDkydOqMD77Aykor%2B09qWYn%2FnpY931FaFM4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6db44d24ffa69130-FRA
vary
Accept-Encoding
expires
Sat, 12 Feb 2022 09:27:23 GMT
warbletoncouncil.org.1101801.js
jsc.mgid.com/w/a/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.js
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
239a5bd35b80826b21f9de4020f9d1d3bea240067927bbe08619279eb81f02ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:23 GMT
content-encoding
br
cf-cache-status
HIT
age
794
last-modified
Thu, 10 Feb 2022 09:13:18 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
H5CP8RDV3X136SEP
x-amz-id-2
Ul1BORjPZeZcl8HSAwtJ5v498WBaYrwJyYWghSC7HrTCmGwkwagTCcXD/owOOq2q+nWekG6vplA=
cf-bgj
minify
server
cloudflare
etag
W/"fd1cefe74225f69c63c42599f0f96604"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6db44d255c4490e8-FRA
expires
Thu, 10 Feb 2022 12:27:23 GMT
warbletoncouncil.org.1102315.js
jsc.mgid.com/w/a/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.js
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c90df7a92cdf079fc95cf3d239b3227bf46fdc0ac241f673ffd10d881cb23b13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:23 GMT
content-encoding
br
cf-cache-status
HIT
age
5958
last-modified
Fri, 04 Feb 2022 09:39:04 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
PF7937MA621MB626
x-amz-id-2
bN0Gh2/rVBedjbwdncHjB6Clks5sf7WqNmqo6uoII7j7MaWUEO8Xi9bMaUjh9932y0cyps/SJR0=
cf-bgj
minify
server
cloudflare
etag
W/"5b1e458c6549042694ee29e3bacde4a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6db44d255c4590e8-FRA
expires
Thu, 10 Feb 2022 12:27:23 GMT
/
go4s.biz/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go4s.biz/?te=mfrtmyrsme5ha3ddf4ztomrv
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.135.13 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
b398a7cf792120913a10d2186e57d28e4be2d280832067d3086cf185869a29bb
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 10 Feb 2022 09:27:23 GMT
server
nginx
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
plugin.min.js
get.optad360.io/sf/5521cfde-fe56-47e5-b47e-82b7d8a13dfc/ 		392 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/5521cfde-fe56-47e5-b47e-82b7d8a13dfc/plugin.min.js
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d000:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c44df5362a765db376968858f998c96288aafdbc46c98151e19d062f4dcf2e58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 08:27:58 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 15:29:46 GMT
server
AmazonS3
age
3566
etag
W/"0dc3627d46af1ceb43f6785161a757fb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
Z0YBTUQXe6cGAe3_fx66M7BKuovrw1q47pW2TzhWr8Qz4_ntOAzKIg==
e486a3e5-1b2e-4495-9ebb-4a91fb01cc0f.min.js
cmp.optad360.io/items/ 		497 B
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/e486a3e5-1b2e-4495-9ebb-4a91fb01cc0f.min.js
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3e00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:10:48 GMT
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 08:54:56 GMT
server
AmazonS3
age
51396
etag
"7acdc116a0830ba0aef5e087010246ba"
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
497
x-amz-cf-id
1-ROG5WM-D0JXYW74looU_GkFHuoXkx4bdETuhh8YdoP7rlveRbaXw==
truncated
/ 		41 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/webp
what-is-an-mpeg-file-and-how-do-i-open-one-3.webp
a.omatomeloanhikaku.com/how-to/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.omatomeloanhikaku.com/how-to/what-is-an-mpeg-file-and-how-do-i-open-one-3.webp
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3812 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84a1f9a5cc9a5e87aaff0563d1f50bf9c96e72e6d3fc348929273abb05c94cfa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33188
last-modified
Sat, 10 Apr 2021 19:37:58 GMT
server
cloudflare
etag
"81a4-5bfa36aec5180"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWYP3h47%2BhfYFWzEJJUyOUC%2BCe7%2FbaTxxX5l%2Bz3qULO1ubvfpWOs4vpot3hJIDERN%2F6AOQ1qZsBAkS5rUrsQDThVbAPPNbQ4pieZ3%2FnhrJUrcWsR26DAo98S2kWoqJ%2B35CF4somP%2BtKKORkzpGg06wKUFX8erA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6db44d25aa2a9152-FRA
cookies_gdpr.js
cdn.zx-adnet.com/consent/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.21339332467317074
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Sun, 30 Jan 2022 07:45:32 GMT
x-timer
S1644485244.812691,VS0,VE112
etag
"e816600dd00bd96b1fef78362730b72e57d5bac88839b4da007d48db85d79519-br"
x-served-by
cache-hhn4061-HHN
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
no-cache
date
Thu, 10 Feb 2022 09:27:23 GMT
accept-ranges
bytes
x-cache-hits
0
1duwt.min.js
www.bigmp3db.com/ 		66 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.min.js?4cf7047
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
frodo.min.org.ua
Software
cloudflare-nginx /
Resource Hash
8a7dc53c5010a0b91b70acc6856f13abedb0937749643c3a1f996c723512e1fd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:23 GMT
content-encoding
br
server
cloudflare-nginx
duration
332046
strict-transport-security
max-age=63072000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=300
access-control-allow-headers
*
expires
Thu, 10-Feb-2022 11:32:23 EET
tag.js
mc.yandex.ru/metrika/ 		198 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
d98da1540993d215b6f4e184906020e8ce32286b315a4261127d26bf79146bb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:23 GMT
content-encoding
br
last-modified
Wed, 09 Feb 2022 12:47:03 GMT
etag
"62038d97-10e38"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
69176
expires
Thu, 10 Feb 2022 10:27:23 GMT
warbletoncouncil.org.1102315.es6.js
jsc.mgid.com/w/a/ 		241 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7742b7f5c1b61988dec17599f94e260fdaf23252c898c710367479a4fb1b3410

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:23 GMT
content-encoding
br
cf-cache-status
HIT
age
6687
last-modified
Fri, 04 Feb 2022 09:39:05 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
PF7EGSGZ43ZTQ27D
x-amz-id-2
A2Wsc4UOzfBzb8bVD5FMUnJcAzi2gdddBFtqPoQk1j2XqwownoUyTfmbrMG/8TIW5Pf9SmzbUsc=
cf-bgj
minify
server
cloudflare
etag
W/"34db3370252674eafbd18299105f966e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6db44d25cc1f6921-FRA
expires
Thu, 10 Feb 2022 12:27:23 GMT
warbletoncouncil.org.1101801.es6.js
jsc.mgid.com/w/a/ 		244 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68c63a264982bd4095ae4cfb659a8f7c15f5199a82b604290265faa8f2a28ec0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:23 GMT
content-encoding
br
cf-cache-status
HIT
age
795
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
H5CKSEV7X85TD7BW
x-amz-id-2
1lKRTAq5j9yeyxUlhsa6c17s8Q8FKdsvKmcXkqjF62iKqsFTkwuxVfpAgEH8mIYQnvZMbBU/PBg=
last-modified
Thu, 10 Feb 2022 09:13:19 GMT
server
cloudflare
etag
W/"507c4c9e6e2d3e20bbc932ed50ccded2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6db44d25cc206921-FRA
expires
Thu, 10 Feb 2022 12:27:23 GMT
mgWidget_1.11.81.es6.js
cdn.mgid.com/js/wglibs/ 		314 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mgid.com/js/wglibs/mgWidget_1.11.81.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4ebe3ebe71bf4025ecbc6a82a8c886917377bec419dcd886978dfdb5db2377e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:23 GMT
content-encoding
br
cf-cache-status
HIT
age
1436
last-modified
Wed, 09 Feb 2022 08:56:23 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
JHB6AW5GDHZWGVBM
x-amz-id-2
Ucg8cD1HcjEDcy3DukI3qjznvns1QA+ePkgfOgDLovsL756XGGPAwhPAupnNEURMPNXNNYiGJd8=
cf-bgj
minify
server
cloudflare
etag
W/"e65eac6d8953ac4dd339ed48aaf21336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
cf-ray
6db44d25cd2690e8-FRA
expires
Fri, 11 Feb 2022 09:27:23 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/5521cfde-fe56-47e5-b47e-82b7d8a13dfc/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
824bd0fb03e3a7dda60da229c28e12ad4aba3ea3e88bec1759f32687565e7b97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27179
x-xss-protection
0
server
sffe
etag
"1127 / 152 of 1000 / last-modified: 1644448022"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 10 Feb 2022 09:27:24 GMT
prebid5.14.0.js
get.optad360.io/sf/ 		460 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid5.14.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/5521cfde-fe56-47e5-b47e-82b7d8a13dfc/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d000:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 08:09:18 GMT
content-encoding
gzip
last-modified
Thu, 23 Sep 2021 07:59:54 GMT
server
AmazonS3
age
12100686
etag
W/"6dd0a13bde35d2daa452bba998871016"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
5ZnyK6g-LQG3GoIfic5KuHsrFHs5rIA2lp7gLLznE1qEU1LK-kDwUw==
current.js
cdn.veedmo-storage-2.com/cdn/player/v3/
Redirect Chain
  • https://cdn.veedmo-static.com/cdn/player/v2/current.js
  • https://cdn.veedmo-storage-2.com/cdn/player/v3/current.js?v=15
1 MB
352 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.veedmo-storage-2.com/cdn/player/v3/current.js?v=15
Protocol
H2
Server
2606:4700:3035::ac43:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933f5b71c74d5e895a880e4ff9619ad62e09c54c53b1f86f659ace4dcac9c5af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20233
x-iplb-instance
39399
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 04 Feb 2022 19:10:43 GMT
server
cloudflare
x-iplb-request-id
AC46FA86:7466_894A7FB8:0050_62048B73_1E4770A:E29B
etag
W/"61fd7a33-1134cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBw30emRRJk7LSRjhEfKCLVrtWhu96OpMSUoXAPkRnJMo0kqyJFpl5YFc46IhdbzRclx%2Fi0%2F8JWwfa43WjspIpYP%2BcR27lqauqM731WstRZk64WEr4Ldc6udUfYo46L4JzBb%2F9Avgnh8DnCCrQ48S1ia6aaSo64%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
expires
Thu, 10 Feb 2022 09:50:11 GMT
cache-control
max-age=21600
access-control-allow-credentials
true
cf-ray
6db44d276c0c9195-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj
minify

Redirect headers

x-77-pop
frankfurtDE
date
Thu, 10 Feb 2022 09:27:23 GMT
x-iplb-instance
39399
x-77-cache
HIT
x-cache
HIT
x-age
643
alt-svc
quic="185.59.220.16:443"; ma=2592000; v="44,43,39"
content-length
178
x-77-nzt
Abk73BA1/n//gwIAAA==
x-accel-expires
@1644491800
server
CDN77-Turbo
x-iplb-request-id
B93BDC12:31C6_894A7FB8:01BB_6204D7F8_201D34A:E29E
x-77-nzt-ray
L0jNzEOeNrU=
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html
location
https://cdn.veedmo-storage-2.com/cdn/player/v3/current.js?v=15
cache-control
public, max-age=600, s-maxage=7200
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9545.NBeUnPQaEFp9LcWk6LFBKTRuX9qPb9YAEbErU1mKAELMD_Z0RmIdWW26nv4A6Jn8.R1Y_2cL3sLw9pMf8SnlmF5jKKhI%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9545.wNEv9T7sFD8XCnQ6ipNJFv7t8U8CdU8gbA0Wey8ZfSrlhsytJ0vt1983maeGaE4v6ZSlEwQgkCPK63EaKRCgNQ%2C%2C.JZq8856RGYftD8S3Bfc1nS72l8w%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9545.wNEv9T7sFD8XCnQ6ipNJFv7t8U8CdU8gbA0Wey8ZfSrlhsytJ0vt1983maeGaE4v6ZSlEwQgkCPK63EaKRCgNQ%2C%2C.JZq8856RGYftD8S3Bfc1nS72l8w%2C
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:24 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9545.wNEv9T7sFD8XCnQ6ipNJFv7t8U8CdU8gbA0Wey8ZfSrlhsytJ0vt1983maeGaE4v6ZSlEwQgkCPK63EaKRCgNQ%2C%2C.JZq8856RGYftD8S3Bfc1nS72l8w%2C
date
Thu, 10 Feb 2022 09:27:24 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:24 GMT
last-modified
Wed, 09 Feb 2022 12:47:03 GMT
etag
"62038d97-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 10 Feb 2022 10:27:24 GMT
1duwt.json
www.bigmp3db.com/ 		59 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?4cf7047
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
frodo.min.org.ua
Software
cloudflare-nginx /
Resource Hash
e3c00d56665ffb06ce8bfd7cc417119955988b8c2595124d19d1d9ef1340a3bc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Feb 2022 09:27:24 GMT
content-encoding
br
server
cloudflare-nginx
strict-transport-security
max-age=63072000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
1duwt.json
www.bigmp3db.com/ 		308 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?4cf7047
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
frodo.min.org.ua
Software
cloudflare-nginx /
Resource Hash
387ac466ed330c6c9a1386746c1ac1af47911b2bf7578e35fd3dc4ef0cb21b13
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Feb 2022 09:27:24 GMT
content-encoding
br
server
cloudflare-nginx
strict-transport-security
max-age=63072000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220210
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09529316c4f55a31f86ebcddd685f068affa4c1b865b700b6096b9019b2de855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Feb 2022 09:27:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
23171
x-jsd-version
1.0.1248
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19153-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69b-xwjpryhFowQ88exT72tb6bFH2h8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6db44d272a63690d-FRA
localstore.js
script.4dex.io/ 		483 B
943 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1276558
x-amz-request-id
txf45eb0ec59964c72a71f4-0061f15fee
x-amz-id-2
txf45eb0ec59964c72a71f4-0061f15fee
last-modified
Wed, 26 Jan 2022 14:43:29 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMlPTCsUh8eKzbgRUcZyrj5VLx1fu69WR%2BaRJT2dzF3Jkvwy9P1iRW4A6L5pUgUdAgJHkOk45PAeLzx%2BFrl2%2FCxvTk2IZj2uR8uqG7%2F%2FItC8ULxAH5W555mLuYizMw2EXvJscPmzNMt4qkHK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1643208209303360
cf-ray
6db44d274ab99267-FRA
c
prebid.a-mo.net/a/ 		0
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://iw.omatomeloanhikaku.com
date
Thu, 10 Feb 2022 09:27:24 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		50 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:24 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ad48dcf0-3cf5-4e50-88b3-ecdb5924e4ce
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://iw.omatomeloanhikaku.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
apacdex
useast.quantumdex.io/auction/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Feb 2022 09:27:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://iw.omatomeloanhikaku.com
access-control-allow-credentials
true
cf-ray
6db44d275b105c1a-FRA
/
ssp.wp.pl/bidder/ 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://iw.omatomeloanhikaku.com
date
Thu, 10 Feb 2022 09:27:24 GMT
access-control-allow-credentials
true
server
nginx
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
vary
Origin
accept-ch-lifetime
604800
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://iw.omatomeloanhikaku.com
date
Thu, 10 Feb 2022 09:27:24 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		50 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:24 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a6e88c1f-2e7f-45b5-9c50-6bf2c5d6527d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://iw.omatomeloanhikaku.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://iw.omatomeloanhikaku.com
date
Thu, 10 Feb 2022 09:27:23 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
22
vary
origin, Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://iw.omatomeloanhikaku.com
date
Thu, 10 Feb 2022 09:27:24 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
apacdex
useast.quantumdex.io/auction/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Feb 2022 09:27:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://iw.omatomeloanhikaku.com
access-control-allow-credentials
true
cf-ray
6db44d275b115c1a-FRA
/
ssp.wp.pl/bidder/ 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://iw.omatomeloanhikaku.com
date
Thu, 10 Feb 2022 09:27:24 GMT
access-control-allow-credentials
true
server
nginx
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
vary
Origin
accept-ch-lifetime
604800
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://iw.omatomeloanhikaku.com
date
Thu, 10 Feb 2022 09:27:24 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
apacdex
useast.quantumdex.io/auction/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Feb 2022 09:27:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://iw.omatomeloanhikaku.com
access-control-allow-credentials
true
cf-ray
6db44d275b125c1a-FRA
prebid
ib.adnxs.com/ut/v3/ 		50 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:24 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3a03ccca-6725-412e-aff2-7fd9d3f32572
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://iw.omatomeloanhikaku.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ssp.wp.pl/bidder/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://iw.omatomeloanhikaku.com
date
Thu, 10 Feb 2022 09:27:24 GMT
access-control-allow-credentials
true
server
nginx
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
vary
Origin
accept-ch-lifetime
604800
c
prebid.a-mo.net/a/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://iw.omatomeloanhikaku.com
date
Thu, 10 Feb 2022 09:27:23 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://iw.omatomeloanhikaku.com
date
Thu, 10 Feb 2022 09:27:24 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		50 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:24 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
11e958a5-640d-4886-9062-fa7739e21503
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://iw.omatomeloanhikaku.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
apacdex
useast.quantumdex.io/auction/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Feb 2022 09:27:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://iw.omatomeloanhikaku.com
access-control-allow-credentials
true
cf-ray
6db44d275b135c1a-FRA
c
prebid.a-mo.net/a/ 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://iw.omatomeloanhikaku.com
date
Thu, 10 Feb 2022 09:27:23 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
/
ssp.wp.pl/bidder/ 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://iw.omatomeloanhikaku.com
date
Thu, 10 Feb 2022 09:27:24 GMT
access-control-allow-credentials
true
server
nginx
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
vary
Origin
accept-ch-lifetime
604800
adagio.js
script.4dex.io/ 		71 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7447c1664f6a06328cd895a4914acad40ad47827ebe00becbd570138ff7e785c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1276151
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx196aad00ddce4cefb17b7-0061f16181
x-amz-id-2
tx196aad00ddce4cefb17b7-0061f16181
last-modified
Wed, 26 Jan 2022 14:43:28 GMT
server
cloudflare
etag
W/"88567a823cfd2840dd0a3198b929d466"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3ttYy1fK%2FITDpF5YCnf5RXms8QLC%2BlGmweMFg1kAzLKpn1%2B28JW5eArlpkx31u9TMKY%2Bwazk7VFEk06CKFZGdHW8zFhez9QuQ0u5dcDUZFnH9z0WGo6RtuT%2Fd%2BFURT5jI3Huo7tczfDxi%2B%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1643208208262354
cf-ray
6db44d279e46927d-FRA
access-control-allow-headers
Authorization
pubads_impl_2022020301.js
securepubads.g.doubleclick.net/gpt/ 		351 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
05ed7424c6f3c3d2aec5dfe7fa92e5f617afe58a01666c1c584d342a8b57a0e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 11:19:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79675
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122037
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 09:34:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 09 Feb 2023 11:19:29 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		112 B
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=iw.omatomeloanhikaku.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
a568eccbb3e854c85c3bfc718a38326c43fc8260b0fbc3f324b711cddfa76684
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Feb 2022 09:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96
x-xss-protection
0
expires
Thu, 10 Feb 2022 09:27:24 GMT
1duwt.json
www.bigmp3db.com/ 		59 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?4cf7047
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
frodo.min.org.ua
Software
cloudflare-nginx /
Resource Hash
0a0f9ca81a64d1a595b0aa04ef03b6b677048990f753717e0d9a46de3db8cfae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Feb 2022 09:27:24 GMT
content-encoding
br
server
cloudflare-nginx
strict-transport-security
max-age=63072000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
1
mc.yandex.com/watch/68209819/
Redirect Chain
  • https://mc.yandex.com/watch/68209819?wmode=7&page-url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7...
  • https://mc.yandex.com/watch/68209819/1?wmode=7&page-url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3...
331 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/68209819/1?wmode=7&page-url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A337%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A403137640268%3Ahid%3A351354437%3Az%3A0%3Ai%3A20220210092723%3Aet%3A1644485244%3Ac%3A1%3Arn%3A27387190%3Arqn%3A1%3Au%3A1644485244248186551%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644485243466%3Ads%3A11%2C134%2C36%2C6%2C0%2C0%2C%2C15%2C0%2C317%2C317%2C3%2C232%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1644485244%3At%3A%D7%9E%D7%94%D7%95%20%D7%A7%D7%95%D7%91%D7%A5%20MPEG%20%28%D7%95%D7%9B%D7%99%D7%A6%D7%93%20%D7%90%D7%95%D7%9B%D7%9C%20%D7%9C%D7%A4%D7%AA%D7%95%D7%97%20%D7%A7%D7%95%D7%91%D7%A5%20%D7%90%D7%97%D7%93%29%3F%20-%20%D7%90%D7%99%D7%9A%20%D7%9C%20-%202022&t=gdpr%2814%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
f756f1c2a850c459e4e909c16423d7267c7d8be7bad9edf57421aa9213a5b8ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:24 GMT
x-content-type-options
nosniff
last-modified
Thu, 10-Feb-2022 09:27:24 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://iw.omatomeloanhikaku.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Thu, 10-Feb-2022 09:27:24 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:24 GMT
last-modified
Thu, 10-Feb-2022 09:27:24 GMT
location
/watch/68209819/1?wmode=7&page-url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A337%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A403137640268%3Ahid%3A351354437%3Az%3A0%3Ai%3A20220210092723%3Aet%3A1644485244%3Ac%3A1%3Arn%3A27387190%3Arqn%3A1%3Au%3A1644485244248186551%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644485243466%3Ads%3A11%2C134%2C36%2C6%2C0%2C0%2C%2C15%2C0%2C317%2C317%2C3%2C232%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1644485244%3At%3A%D7%9E%D7%94%D7%95%20%D7%A7%D7%95%D7%91%D7%A5%20MPEG%20%28%D7%95%D7%9B%D7%99%D7%A6%D7%93%20%D7%90%D7%95%D7%9B%D7%9C%20%D7%9C%D7%A4%D7%AA%D7%95%D7%97%20%D7%A7%D7%95%D7%91%D7%A5%20%D7%90%D7%97%D7%93%29%3F%20-%20%D7%90%D7%99%D7%9A%20%D7%9C%20-%202022&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://iw.omatomeloanhikaku.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 10-Feb-2022 09:27:24 GMT
css
fonts.googleapis.com/ 		569 B
868 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Material+Icons
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d44a3249e2be052d683c7b58d03890937199b056a6313bd7ae0834281a70a2d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 09:27:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 10 Feb 2022 09:27:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Feb 2022 09:27:24 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.veedmo-static.com
URL: https://cdn.veedmo-static.com/cdn/player/v2/current.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127061
x-xss-protection
0
expires
Thu, 10 Feb 2022 09:27:24 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=iw.omatomeloanhikaku.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Feb 2022 09:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=iw.omatomeloanhikaku.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Feb 2022 09:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2624235579341539&correlator=567347179495319&output=ldjh&impl=fif&eid=31064764%2C31064538&vrg=2022020301&ptt=17&sc=1&sfv=1-0-38&ecs=20220210&iu_parts=121764058%3A22612148122%2Comatomeloanhikaku.com_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=700x100%7C728x90%7C750x100%7C970x90&cookie_enabled=1&bc=31&abxe=1&dt=1644485244325&lmt=1644485244&dlt=1644485243652&idt=639&frm=20&biw=1600&bih=1200&oid=2&adxs=450&adys=1200&adks=183197058&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=700x-1&ga_vid=2067865165.1644485244&ga_sid=1644485244&ga_hid=447983302&ga_fc=false&fws=644&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
22deb78cc95398cb12ee7f01ca44a0a4fe3ed298ab1b30053be45355f46ce10d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8241
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://iw.omatomeloanhikaku.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bfdee6a158723ce7213d8c5402e0ffa8cc9453e207dcd8f7c89a60c888e3c15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Feb 2022 09:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9890
x-xss-protection
0
container.html
309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 40AC 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 10 Feb 2022 09:27:25 GMT
expires
Fri, 10 Feb 2023 09:27:25 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		50 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2624235579341539&correlator=567347179495319&output=ldjh&impl=fif&eid=31064764%2C31064538&vrg=2022020301&ptt=17&sc=1&sfv=1-0-38&ecs=20220210&iu_parts=121764058%3A22612148122%2Comatomeloanhikaku.com_am_S1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C728x200%7C300x250%7C336x280%7C360x300&cookie_enabled=1&bc=31&abxe=1&dt=1644485244334&lmt=1644485244&dlt=1644485243652&idt=639&frm=20&biw=1600&bih=1200&oid=2&adxs=246&adys=733&adks=3112319897&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=728x0&ga_vid=2067865165.1644485244&ga_sid=1644485244&ga_hid=447983302&ga_fc=false&fws=644&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
0d73c75a799d604aa8cee7c0ba0208becf18543517537e642aa11b9641606fa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11968
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://iw.omatomeloanhikaku.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2624235579341539&correlator=567347179495319&output=ldjh&impl=fif&eid=31064764%2C31064538&vrg=2022020301&ptt=17&sc=1&sfv=1-0-38&ecs=20220210&iu_parts=121764058%3A22612148122%2Comatomeloanhikaku.com_adi_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C728x200%7C970x90%7C970x100%7C970x250%7C970x300&cookie_enabled=1&bc=31&abxe=1&dt=1644485244340&lmt=1644485244&dlt=1644485243652&idt=639&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=215&adks=694568092&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=728x0&ga_vid=2067865165.1644485244&ga_sid=1644485244&ga_hid=447983302&ga_fc=false&fws=644&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
f770b9f59710aaa80c7eed3c905ebb311e646bfab03b13b7edc2317266652dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12933
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://iw.omatomeloanhikaku.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		101 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2624235579341539&correlator=567347179495319&output=ldjh&impl=fif&eid=31064764%2C31064538&vrg=2022020301&ptt=17&sc=1&sfv=1-0-38&ecs=20220210&iu_parts=121764058%3A22612148122%2Comatomeloanhikaku.com_adi_W1&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x600%7C160x600%7C240x400%7C240x600%7C300x250%7C300x600&cookie_enabled=1&bc=31&abxe=1&dt=1644485244346&lmt=1644485244&dlt=1644485243652&idt=639&frm=20&biw=1600&bih=1200&oid=2&adxs=1120&adys=870&adks=271279430&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=120x0&ga_vid=2067865165.1644485244&ga_sid=1644485244&ga_hid=447983302&ga_fc=false&fws=644&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e119e5cbbb30933756b85e38b3826ddc8f4fb2cc63874d7390fb423be14b14a5
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIDShPfo9PUCFYKkdwodypIMiQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/1035796082874087593/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIDShPfo9PUCFYKkdwodypIMiQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/1035796082874087593/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33772
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Thu, 10 Feb 2022 09:27:25 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://iw.omatomeloanhikaku.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
ares.veedmo.com/o/ 		2 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ares.veedmo.com/o/s
Requested by
Host: cdn.veedmo-static.com
URL: https://cdn.veedmo-static.com/cdn/player/v2/current.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.127.184 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

Date
Thu, 10 Feb 2022 09:27:25 GMT
X-Content-Type-Options
nosniff
X-IPLB-Instance
39398
X-DNS-Prefetch-Control
off
Vary
Origin
Content-Length
2
X-XSS-Protection
1; mode=block
Server
nginx/1.18.0 (Ubuntu)
X-IPLB-Request-ID
B9D59BA3:8DD4_894A7FB8:01BB_6204DA7D_202D2F5:16D57
X-Frame-Options
SAMEORIGIN
ETag
W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=15768000
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://iw.omatomeloanhikaku.com
Cache-Control
no-store
s
ares.veedmo.com/o/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ares.veedmo.com/o/s
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.127.184 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://iw.omatomeloanhikaku.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Thu, 10 Feb 2022 09:27:25 GMT
Content-Length
0
X-DNS-Prefetch-Control
off
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=15552000; includeSubDomains max-age=15768000
X-Download-Options
noopen
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Access-Control-Allow-Origin
https://iw.omatomeloanhikaku.com
Vary
Origin, Access-Control-Request-Headers
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Headers
content-type
X-IPLB-Request-ID
B9D59BA3:8DD4_894A7FB8:01BB_6204DA7C_202D2ED:16D57
X-IPLB-Instance
39398
bio_diversity_protects_life.mp4
get.optad360.io/video/ 		128 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/video/bio_diversity_protects_life.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d000:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 02 Nov 2021 08:56:51 GMT
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified
Fri, 19 Feb 2021 10:40:36 GMT
server
AmazonS3
age
8641834
etag
"0538cd08a593387db670eee4176f6e26"
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 0-4054554/4054555
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
Content-Length
4054555
x-amz-cf-id
bz9nNXpp5mdVvCSg3eLKFrm9zB3gjaDpJdbjm0Y5i3EXFmB24kqMcg==
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
bridge3.496.0_en.html
imasdk.googleapis.com/js/core/ Frame 1336 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199641
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 09 Feb 2022 11:12:25 GMT
expires
Thu, 09 Feb 2023 11:12:25 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 28 Jan 2022 21:03:56 GMT
content-type
text/html
age
80100
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Feb 2022 09:27:25 GMT
optadVeedmoLogo.png
get.optad360.io/_assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://get.optad360.io/_assets/img/optadVeedmoLogo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d000:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b716981df17d43bef46a03ca1ea6a53c737b208f872498bea8a0fceaed077a2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 13:36:41 GMT
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 11:06:31 GMT
server
AmazonS3
age
7501845
etag
"d07132fb0cc704b474040b7075270e9c"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
1610
x-amz-cf-id
AG1zLDxgIYtrtIBx8MCYE1TctA0m63oLAX6pXvjAF8IuFSgYo3nq0g==
container.html
309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2736 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 10 Feb 2022 09:27:25 GMT
expires
Fri, 10 Feb 2023 09:27:25 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012201141909000/ Frame BEFC 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
88710
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61542
x-xss-protection
0
server
sffe
date
Wed, 09 Feb 2022 08:48:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"00d9ef7efeb287da"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Feb 2023 08:48:55 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame BEFC 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
66181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5698
x-xss-protection
0
server
sffe
date
Wed, 09 Feb 2022 15:04:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"919adc590e0ff503"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Feb 2023 15:04:24 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame BEFC 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
65396
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29570
x-xss-protection
0
server
sffe
date
Wed, 09 Feb 2022 15:17:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c52208c2e07002d5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Feb 2023 15:17:29 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame BEFC 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
117902
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1851
x-xss-protection
0
server
sffe
date
Wed, 09 Feb 2022 00:42:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"76a8c96b6aaec2c9"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Feb 2023 00:42:23 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame BEFC 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
173919
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13611
x-xss-protection
0
server
sffe
date
Tue, 08 Feb 2022 09:08:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7aefe3fe93cc7383"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 08 Feb 2023 09:08:46 GMT
css
fonts.googleapis.com/ Frame BEFC 		8 KB
888 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 09:21:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 10 Feb 2022 09:27:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Feb 2022 09:27:25 GMT
iw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BEFC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/iw.png
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 04:11:50 GMT
x-content-type-options
nosniff
server
cafe
age
18935
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
415739381108731362
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2712
x-xss-protection
0
expires
Fri, 11 Feb 2022 04:11:50 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BEFC 		344 B
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
59300
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 10 Feb 2022 16:59:05 GMT
l
www.google.com/ads/measurement/ Frame BEFC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR87MICR_skaDxJ30h0X753Vwcm0Ln21phYLd8NdNw7Ac8phCnZOX5GdFOHYexXfb7LcIQICBNxRcSQzFAzIa-aJnPLHg
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame BEFC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUGdKfNoEYpOMJIOSrATVy6wIlNL5ymaj6Put5g6Xz_7V9xoQASCqgMMiYJXikIKgB6AB_9uKyAPIAQHgAgCoAwHIAwqqBKICT9AmQEt5LKAW8UScjwDlY04X0xlAjnVgkJkaeL1RK0kWtKG62fURKksGhA8rYwnJJ_hRroox-EpgNwqcV5oBJlQjk7v_IsauyocN5yOVLEbIN6nTFuGi_n7TriYA_9Hn6euYpifc5R6jlMBIN6L0n_n8VOz-vI9DVSAqXRwaJNFoHQjf42gc0ZGStatiGkU_BN97HSZxF9ViwbadevvxHvIHhOd-tt4SuWs-42UwhqndsGYRcRp0S1KaHpq-17Pcf7k_-GYlGfqB9kB5eL3jvUK8adLwGGp-ojQjv0A-VwXQLgYVFa804hqI8zuy-NJItvnXEToKRfypjRMrmMX0wToSl2mrBlBy9mhyHggvstVSujtolkkAbbZVDDNmcxfMib7ABLvJgvjCA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAfw7qyiAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEELPgHtIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tMzQyMzc0ODM1MDE3NTc5OIAKA8gLAdgTDIgUAtAVAYAXAbIXHgocCAASFHB1Yi01NTEyMzkwNzA1MTM3NTA3GJLvIQ&sigh=QxZjUvomfRg&uach_m=[UACH]
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Feb 2022 09:27:25 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DD8E 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 08:41:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 10 Feb 2022 09:41:31 GMT
/
c.mgid.com/pv/ 		0
302 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1644485245096716537941&uniqId=0922a&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&lu=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&sessionId=6204da7d-09617&pageView=1&pvid=17ee2f578a899f51f5c&site=692293&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6db44d2e085290e8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:25 GMT
content-encoding
br
cf-cache-status
HIT
age
6887
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6db44d2dfeec6921-FRA
expires
Fri, 11 Feb 2022 09:27:25 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:25 GMT
content-encoding
br
cf-cache-status
HIT
age
6887
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
8KE49RBWCJ5QH1AR
x-amz-id-2
zZ6zE08YJcPOjxt60oq3ijyDWaqYBQ/hC6Rayp7+3fbs91ub4rGX09ngQCecW1G6ZJIu8n5/R7w=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6db44d2dfeef6921-FRA
expires
Fri, 11 Feb 2022 09:27:25 GMT
truncated
/ Frame BEFC 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4575507a0d276e57457ae5b87a3e22c525e635674729f9af524bc0241b24c7e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame BEFC 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 01:22:38 GMT
x-content-type-options
nosniff
age
115487
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28196
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 17:53:50 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 01:22:38 GMT
1
servicer.mgid.com/1101801/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1101801/1?pv=5&cbuster=1644485245254964876606&uniqId=0922a&niet=4g&nisd=false&jsv=es6&w=730&h=2926&p6_w=300&p6_h=250&maxw_6=300&maxh_6=250&cols=1&ref=&cxurl=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&lu=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&sessionId=6204da7d-09617&pageView=1&pvid=17ee2f578a899f51f5c&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
627a31c788bd09510307b71861641e8c2309ea094ee5980825fe6e99d99d81c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6db44d2f0a7a90e8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1
servicer.mgid.com/1102315/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1102315/1?w=730&h=180&wrongImageSize=1&cols=2&pv=5&cbuster=1644485245259297773369&uniqId=142b7&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&lu=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&sessionId=6204da7d-09617&pageView=0&pvid=17ee2f578a899f51f5c&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a039c5691258eec501ce610b6c60d5448e93548b1010c9b3e1ac7fd1384b288

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6db44d2f0a7e90e8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1
servicer.mgid.com/1102315/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1102315/1?w=730&h=180&wrongImageSize=1&cols=2&pv=5&cbuster=1644485245261709793371&uniqId=10413&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&lu=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&sessionId=6204da7d-09617&pageView=0&pvid=17ee2f578a899f51f5c&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bd435f619651ad053c844ce82689f84c8f5f432e6c411fe00f395315f8f45c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6db44d2f0a7c90e8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D809 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 10 Feb 2022 09:26:08 GMT
expires
Fri, 10 Feb 2023 09:26:08 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
77
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 31E7 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
33a322dc145771c1af35e78e3adeff24519be649d8e54313d02ec74e7d92bd95
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PK7MMyAkeUG/w8WatT8T5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 10 Feb 2022 09:27:25 GMT
date
Thu, 10 Feb 2022 09:27:25 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-PK7MMyAkeUG/w8WatT8T5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0D85 		624 B
838 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYzLeCmgEwAQ&v=APEucNWBbcnHgVcrrgKrHmkTnEQ3YHdN8XjCX68BSF0hA75mJ1hySdItaGYN1F_f986Onq7v94UnvnV6cmHl0Ce87TOw425pCd29HNNjwU3irzYmkrDgTuojJo9DpEtbaOgzznrwAaqIxQvrwF9LEwBw6LhnJoJ7XY-l9oSmx-z8NsztwqVqvi--exb2Iweld8_6JItKEQ0_k1QU7DQK4AWCDDqD6w-mBQ
Requested by
Host: 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
URL: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 10 Feb 2022 09:27:25 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 10 Feb 2022 09:27:25 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 2736 		78 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cd2JUeluvVSju9v6QkLgMqoBn8R56h203OvGMFtAL5zrDSFiugSiFj1vki33DEJFxATBJ0mhQyjhWtzuR0Yckr0X6qi6ynS0Gq0kDOQgs1f2RlkXqEhPWQ8-Usp67-dKXA1djH4m4NyU0I2xtQ6qjtKnj1dQ&dbm_d=AKAmf-AW4tgd0Euq3bymp-fxGM8cQHaEex-fGWJet4AYrBSQ6ZSdFAmp_ClJaadRYuTwRKbgTGSfrwT26f6oFwAoXl0qUdQl4xnsugHDaVTqUulqnTgb-6T1922Js-pbdA3dXrNADGBsdtVsINkU7XBgxIlMopee4ETX1HuN7r6tNEMw8h0Cbb8r7T5UAgnydYJtZtSyIb3sM5nCKQiDsDaSPx5pGHMVqzSgyQV40Kv7ZBPwYnWgAReyKaP5cZlbvMe-dPt0DaZPxvnwtBImXcTjf9h0IOQ_BP4qY-7Q4BKeRl1r6wbDWcgdDEjETghbwtCe0WzOT-v33OiaOlRj5H2hMRdksXs3QLtok8Y2OUyEXsr46aXPRceZOI-Sj6gmQZRfJdtXGVp3Cj0S8HG7TH1-6KXqMCDoadO7VtKnZSkt6ozCuE_zIpao6twjPkpj4WuouyQQiKuuZsZpVY2d2p32x772_s5ll5tBVtQn1tlNOa6_svJg_IGI85qxyt912DwA92kIfhGi528Yr0IXaRRTqKVizh6jWaCkbZvtTWtNlG4wYQPEfoKYcOnnc0aW-Qt1g3Ca-Be3aqYhTO-l2BDa_M6yp7PStN0VHPI-FfPHaKQtnwXVWQrWgxljfbUENJEQeNNm5gYn99EalWrEYbUP6mi7DgDCsLet_xC6LyZ7m8HAR07wQnq_AfKbtnIa96V6oQwUvkxP597IKmnXiWh8y7LZt1H84A99UIj7zoX7tX21QkjeURs2G2rmOZzqxbjKXRyxwypTlZIGbbtVv_YrCGgH0jDZnX2oCNooMKs2DTDkYp4b-tGE9JiZQ1PDHRHdSi5Ex9cIVwYtn-22LOdUeMQ380xhxgrtIe9RJ_iDdqp9_XvlSO3GDmtLpyFuMxO5KDzo2D_4JjgxFK091BZKLaDe-fFXeO6x1_4n0PseSy_PcYMDyWjBP1vvblj9-EsSoNtPv49qf6Dgo4Fp2BeKGPOSG4HoKEldhkU-OcfsAeYrVEGbsWiakIWr_N7-p3uQILD90mcDcxWG2vMgqpGzgR-GgcqxZaidUiDx5b1mhZdO1jDjz6TqgaqzZDvRkeWfEl8CH94Vp7uP06beQpqwVlfnONX9QxkndrAQwyxnvIr3ZAZVdtvbEJ2R3CFT83gahA4YEKtxy-WEDXYicsaIPTsetIQjmaeCsmTfk71IxXSQ8L_VAb6Rthuond4sJ6RT8EXgEpAIJMXctWN99rIV-5lXC02Op60fWqNLVMno5xgCciM9cDyKXOrFkaQjTsdjUmZ6G7A6vXpe85cWn6qjB_7k6v-ubWcFtGdOtFIQ7wrIteIYsNcVqUugb5mebtibbHW8Rcq8gvRZ9vChS1u2F46MTx_WheDuqgRLRLgu0o__LLKK00gd_hXD9JSqgMGrWXWeQ8u-IOjRwZ6OCyLERcoPEs4iI-TL-pFSIrqvNclNX_mg6O1sh42Tclc82wwh7g-OnxtK3t731T-gr_9FNKZ_TrOaC7QNOXN_34smUvyGss5qLDtBsXYoEb7iq0yip0JZVz_-bLZoeut4Zmzb30TGviXodJ_-T4uu1CljsLtl9ayIPtMmym50CxmCoa5hxgC_kafN5vHBHVO4lDmYtFr6WFf-fhje5PZ02ZCL3Z7j0f9vlAkzkvMpq2afmKFHYOR2684ds2pBlgegKXgvWPIGWEz-QkvYUkIKJQvxTCbQL1iAJikdO9oFzEhsBzR70eibgiQI4JNDmmS1z0slRFveQCv-ZGsg82I36RlrlgT69CZcMCl84ZFTmvQeCSH1TGsFoMGiDN3U4DvYZ-kCim8YtBHi0APuT0v2xbWbMAIfF5U9LIa6WfhdXD8Ytk68HLaoU6Pp8Fa_dYzcF4g_Nz3HwRnq4-hNFd3yJHE6FXx-SCT8aumzuw0MCA5rQ_z0HCOk1G4qOubM5JeYxSCAuM6CXvZ1dySw6y7ecLjjkNkDklxXP4o-G8WKAWcnVJlgpN1qK2GHwq4sucduTanrFfsw8ZWJs-6wfoLeXmFyLVz-j6iS1E2wxl96_aH4lHz9IpD35PURaHD8VwcWNHYDTGlP2ShN5opKQvzegZGCjZvwuZDUmkcjBg4NwNc5w3lUjRReLgf-eVp1dqfVFcSBNyENHrwvv3RJcxvh1J3Wsp80Jewe__WeLIa_y5i22XI44KoYZwU4CUE23i3Iyj6MdihMK1wfazUUkmE-oyCqzQT-8EVTZmYS98bB8EsRXxIDjgjQixu9gpF3U0C51ps7jwLGgGj0pMzHH93GTXBAerJQAr9lAP7Blqsdfqy12mOlHTHopE-jOeVWkoUidd85ts_W_oUZGtsd_-If4Csr48bTMy9XnS_1tunnXYnRKEnHUSpvJV_jXT60cTpqXqnuAkdKKAtK6wMnfGpnc3Z_2Kx2jrx5NO8vzYj0bR40Z4SPtZPtMhv58w8a_SBRh3PCNFPhIq7W94OREWih35jVSwS7bv2v-FM_KvXwEjoX87DT5zWF9eLn6twapkjSfFi4yBmn_UARsW1coj1wvuQKRAqsG-IylO2Xz7mp1mcPZvs3cM71sBEDbc0TWXSOS5AEJFo5V6RZijXLdShTzuy5pjOXk0O4s2V6YnZm10CM9s8BdxEbeYMyBidxMxNp9iFAma7MDhh0hKJShOawJ3s0Nj8qH8q2NjuPJf1isJjkR8QHajHPdghVPukdmC8AO2AtMJGoeNmGw8VVT6SQmtYD82Q9EEKmXSCB_7Q39vjqsHlmf1wZWr7_Osu5ASA_NxY71UD2bVBb27-IhGrNZSThXDLB8Zlbb51yT2GNYF7ZZcywI96c5D5OQ-iKciv0VtxadmkLnz10AH2a_ocM3EYt2NLS7_ymCg1Xm87sEu3vLtvVAJletNRr57DYRS1rgkEjPCUvIS4U-M6zyhPc4OErAnPE1pLepj6NHtfe4O6jzVbg8DpddshNKkaTHX9CLQlKV0GzAkadGFGfBtMiC79E8JN4dc3bGO1K0JJgWSCRC2FJzaWjQvlY_xEzfukYePVpu-hBovSllPvo7lpKGki2QeevHNUSAAyLV01Ug03hQDMtbLE0NghwAssdrEYS8r5Ki3MLWSR7uUk0YUgw4KV1Yh1UVmj8jjwjPUeQufg7JX9szdZOBurIWxGjd4dAjcv6kYKiNAGUpT3Jc4-zHfF5BxxO43_oGXAcf3gXjE-BBAvizFUFWp7ahA_cDGNO-EJoJ0u-2VHxRtIZpPr9FM_eoxxRDZgdz8yD393TBT_ZjZyYFixmgW-nrvsmE5wx16pIbw3aXiI5gT48xOg6Juaa4RieevqN7CCIkSI6RtEHxf8yk_13R0cyAJwrmRm4x3_LCQScv6wGczjmWBGz8nl-DcuLi73WiDi_27U2BV8KJR39TeJFl3XP524sCvA9kieLEDsbYXPd4kMaJDtrFM_S2TRV-2zjpPBuuC65FmSTaKYs_pYy-tdY2M48qwRBb5qHVvhqcIvaOw&cid=CAASFeRoLupHP0Gns5QQBLZUAlZvkFRr9g&rfl=1%2Chttps%253A%252F%252Fiw.omatomeloanhikaku.com%252F%240
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b27e2c968e69b60c024d3a63baed051ce98d980fad517597e1a720f6676a60b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2736 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ChcN-1JvKnp0bEWxsFNOUe7ys45Kyo3HltAQ8EpYSsU8aEcZcFBNTd7WNBXUf2BMeKWhJ7cwyMspgCteGc1t3ETRkmdkY_C1R3ZVazmctoEENmehM
Requested by
Host: 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
URL: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 2736 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/window_focus_fy2019.js
Requested by
Host: 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
URL: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:26:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Feb 2022 09:26:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2736 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
URL: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38562
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644410386637351"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Feb 2022 09:27:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 2736 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
URL: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6367
x-xss-protection
0
server
cafe
etag
17798303060702513824
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Feb 2022 09:26:29 GMT
l
www.google.com/ads/measurement/ Frame 2736 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfc7Pp6NF3FoOOtoL6kHRmPnAfYRc6_TRxjUNzMWfmVsEuBZ3xpbj2KK53ty3TCi-WZFGxnzJQt4F4_3Glj0eXESEPyA
Requested by
Host: 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
URL: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012201141909000/ Frame 1C47 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
88710
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61542
x-xss-protection
0
server
sffe
date
Wed, 09 Feb 2022 08:48:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"00d9ef7efeb287da"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Feb 2023 08:48:55 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 1C47 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
66181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5698
x-xss-protection
0
server
sffe
date
Wed, 09 Feb 2022 15:04:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"919adc590e0ff503"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Feb 2023 15:04:24 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 1C47 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
65396
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29570
x-xss-protection
0
server
sffe
date
Wed, 09 Feb 2022 15:17:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c52208c2e07002d5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Feb 2023 15:17:29 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 1C47 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
117902
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1851
x-xss-protection
0
server
sffe
date
Wed, 09 Feb 2022 00:42:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"76a8c96b6aaec2c9"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Feb 2023 00:42:23 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 1C47 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
173919
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13611
x-xss-protection
0
server
sffe
date
Tue, 08 Feb 2022 09:08:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7aefe3fe93cc7383"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 08 Feb 2023 09:08:46 GMT
css
fonts.googleapis.com/ Frame 1C47 		3 KB
599 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4807a6369eb785c61dc62752412d0b5f58e16601fb3c0d3b4c919d52a0cf8988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 07:27:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 10 Feb 2022 09:27:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Feb 2022 09:27:25 GMT
iw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1C47 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/iw.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 04:11:50 GMT
x-content-type-options
nosniff
server
cafe
age
18935
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
415739381108731362
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2712
x-xss-protection
0
expires
Fri, 11 Feb 2022 04:11:50 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1C47 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
59300
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 10 Feb 2022 16:59:05 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1C47 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-xBXfNoEYoSDOKPH3gO2iaCAD--7oulmjdfv1p8MrtT-4JgWEAEgqoDDImCV4pCCoAegAdKf8NsDyAEGqQJF4ABXsSuzPuACAKgDAcgDCqoEpAJP0H5_mUa0cSkudDA8HT64uoiA5cRUbrxnWt63Rf2xal1zsL8owuDm5q_u6lRn5ikKj15BUhED5ZvLTpHh5avPnmfgr33I_maR60dLOx6BT-jMjytkHDibfRl7KytI-TTp7Bj6NcNb5nm2gmmjx9GNihGrZuoIlar9BrE0JdaJELnFVsJTxfZq2VjNBkCN1m8Z16raMaeA1t10iw1uwVoOLRepD92kIyJmFavlHxjuxMATb-eAfVKPvRJerebVQP1Aodf3dAO26BctWlp_qtdyrNvQuUxpjcltoZ2ZlLDdkSlnfZ5pB5Rue1-Of7UQawjGNTzabwvQtU2j21Ds3BIWrt2GVwsGVfOhBgm8l9UQlm1WXzIg7B_9DKT2HG9VC3Z_FVdXwASz9Y_ziwLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AHluCPJKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAfIHBBCj6B3SCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTM0MjM3NDgzNTAxNzU3OTiACgPICwHYEw2IFALQFQGYFgGAFwGyFx4KHAgAEhRwdWItNTUxMjM5MDcwNTEzNzUwNxiS7yE&sigh=iLC2oDeL6eo&uach_m=[UACH]&template_id=493
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame BEFC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H3
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date
Thu, 10 Feb 2022 09:27:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
iw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BEFC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/iw.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 04:11:50 GMT
x-content-type-options
nosniff
server
cafe
age
18935
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
415739381108731362
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2712
x-xss-protection
0
expires
Fri, 11 Feb 2022 04:11:50 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BEFC 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
59300
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 10 Feb 2022 16:59:05 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 1C47 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSQduFOYyWO8La0lc5iiXzP7yFH3ZvtKPe3af3_DXrZiiXqFLQ16EXQuB0LRo4&usqp=CAI
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f86de435aaca56dd7e506148f423ad070df94e970de7ef16f94a93fef39fbb4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 11:35:42 GMT
x-content-type-options
nosniff
age
78703
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35815
x-xss-protection
0
last-modified
Sat, 20 Nov 2021 11:18:28 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 09 Feb 2023 11:35:42 GMT
16954104317476786032
tpc.googlesyndication.com/simgad/ Frame 1C47
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCr6PbFiwEQnQkYnQkyCKuj71APLB1M
  • https://tpc.googlesyndication.com/simgad/16954104317476786032
34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16954104317476786032
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H3
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
847d2854bb34bc89ab8514267909dbec0fe245278448227d23714781f9dfab71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 06 Feb 2022 20:05:50 GMT
x-content-type-options
nosniff
age
307295
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34759
x-xss-protection
0
last-modified
Wed, 13 Mar 2019 08:47:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 06 Feb 2023 20:05:50 GMT

Redirect headers

date
Thu, 10 Feb 2022 08:31:06 GMT
x-content-type-options
nosniff
server
cafe
age
3379
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://tpc.googlesyndication.com/simgad/16954104317476786032
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 12 Mar 2022 08:31:06 GMT
truncated
/ Frame 1C47 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa72b963ab90c281374a4ebacf04c6da8271613936e37622263bafa2256eaa8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v20/ Frame 1C47 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v20/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:31:22 GMT
x-content-type-options
nosniff
age
50163
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20784
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:54 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:31:22 GMT
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v20/ Frame 1C47 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v20/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:37:31 GMT
x-content-type-options
nosniff
age
49794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21428
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:37:31 GMT
rum
dsum-sec.casalemedia.com/ Frame 0D85
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxOExHgGmoFCE8vMqEMS3Q&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxOExHgGmoFCE8vMqEMS3Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYzLeCmgEwAQ&v=APEucNWBbcnHgVcrrgKrHmkTnEQ3YHdN8XjCX68BSF0hA75mJ1hySdItaGYN1F_f986Onq7v94UnvnV6cmHl0Ce87TOw425pCd29HNNjwU3irzYmkrDgTuojJo9DpEtbaOgzznrwAaqIxQvrwF9LEwBw6LhnJoJ7XY-l9oSmx-z8NsztwqVqvi--exb2Iweld8_6JItKEQ0_k1QU7DQK4AWCDDqD6w-mBQ
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Feb 2022 09:27:25 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxOExHgGmoFCE8vMqEMS3Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0D85
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgTafWC6bcDOVUcfuefP4AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxOExHgGmoFCE8vMqEMS3Q&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxOExHgGmoFCE8vMqEMS3Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYzLeCmgEwAQ&v=APEucNWBbcnHgVcrrgKrHmkTnEQ3YHdN8XjCX68BSF0hA75mJ1hySdItaGYN1F_f986Onq7v94UnvnV6cmHl0Ce87TOw425pCd29HNNjwU3irzYmkrDgTuojJo9DpEtbaOgzznrwAaqIxQvrwF9LEwBw6LhnJoJ7XY-l9oSmx-z8NsztwqVqvi--exb2Iweld8_6JItKEQ0_k1QU7DQK4AWCDDqD6w-mBQ
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Feb 2022 09:27:25 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxOExHgGmoFCE8vMqEMS3Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0D85
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEgNdsgEcjIKpUZJPJB-InU&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEEgNdsgEcjIKpUZJPJB-InU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYzLeCmgEwAQ&v=APEucNWBbcnHgVcrrgKrHmkTnEQ3YHdN8XjCX68BSF0hA75mJ1hySdItaGYN1F_f986Onq7v94UnvnV6cmHl0Ce87TOw425pCd29HNNjwU3irzYmkrDgTuojJo9DpEtbaOgzznrwAaqIxQvrwF9LEwBw6LhnJoJ7XY-l9oSmx-z8NsztwqVqvi--exb2Iweld8_6JItKEQ0_k1QU7DQK4AWCDDqD6w-mBQ
Protocol
HTTP/1.1
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:25 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b6735e66-db2d-41ac-92b5-7a4253d3222a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEEgNdsgEcjIKpUZJPJB-InU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0D85
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTAyODA5NTgxNDU1NDcwNzYzNQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTAyODA5NTgxNDU1NDcwNzYzNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYzLeCmgEwAQ&v=APEucNWBbcnHgVcrrgKrHmkTnEQ3YHdN8XjCX68BSF0hA75mJ1hySdItaGYN1F_f986Onq7v94UnvnV6cmHl0Ce87TOw425pCd29HNNjwU3irzYmkrDgTuojJo9DpEtbaOgzznrwAaqIxQvrwF9LEwBw6LhnJoJ7XY-l9oSmx-z8NsztwqVqvi--exb2Iweld8_6JItKEQ0_k1QU7DQK4AWCDDqD6w-mBQ
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:25 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
82d50c07-e279-40e9-a2b2-ec1a51f387a2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTAyODA5NTgxNDU1NDcwNzYzNQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 31E7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020301&jk=2624235579341539&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
performance.css
video-native.mgid.com/mgPlayer/css/1.11/ 		40 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/1.11/performance.css
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
5bf7378bca4930ee4e9fb8ab093c16ab60489c74376390de855b71d0c706ea57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Thu, 10 Feb 2022 09:27:25 GMT
content-encoding
gzip
last-modified
Fri, 21 Jan 2022 08:57:47 GMT
server
nginx
etag
"a089-5d613d01797c6-gzip"
vary
Accept-Encoding
x-cached-since
2022-02-04T09:30:10+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
6903
expires
Sat, 04 Feb 2023 09:30:10 GMT
mgPlayer_v2.css
video-native.mgid.com/mgPlayer/css/ 		24 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/mgPlayer_v2.css
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
46b8c54b65b5fd3bbe9242cee35773736c5997c027128c7b852df478c6398b4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Thu, 10 Feb 2022 09:27:25 GMT
content-encoding
gzip
last-modified
Tue, 28 Sep 2021 08:55:19 GMT
server
nginx
etag
"6184-5cd0a5f7ec588-gzip"
vary
Accept-Encoding
x-cached-since
2022-02-04T09:30:03+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
3405
expires
Sat, 04 Feb 2023 09:30:03 GMT
51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js
pagead2.googlesyndication.com/bg/ Frame D809 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e751e56a80eafc3eae652801cd95947a621fa19d13b51e8ae2ba8ca92809b824
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 08:14:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
4364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13873
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Feb 2023 08:14:41 GMT
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:25 GMT
content-encoding
br
cf-cache-status
HIT
age
6887
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6db44d304bef6921-FRA
expires
Fri, 11 Feb 2022 09:27:25 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:25 GMT
content-encoding
br
cf-cache-status
HIT
age
6887
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
8KE49RBWCJ5QH1AR
x-amz-id-2
zZ6zE08YJcPOjxt60oq3ijyDWaqYBQ/hC6Rayp7+3fbs91ub4rGX09ngQCecW1G6ZJIu8n5/R7w=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6db44d304bf26921-FRA
expires
Fri, 11 Feb 2022 09:27:25 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzFiZjY1ODE1OTI1ZGVjNzBhYTQzMDMzNTM2NGRjOTlmLmpwZWc.webp
s-img.mgid.com/g/4147879/492x277/0x158x642x428/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4147879/492x277/0x158x642x428/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzFiZjY1ODE1OTI1ZGVjNzBhYTQzMDMzNTM2NGRjOTlmLmpwZWc.webp?v=1644485245-goIcb0yEmsP9EX7YrlsdmEN7vN_4Qr6DVb4PeNKvRs8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ff538091b471bf8008583b9d394c466a60f6b4fcf01c2808acc4e5a268a54b5

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:25 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:50:20 GMT
x-mg-request-uuid
ef486b53-587a-4326-b3c0-f63dcfd8dad5
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6db44d308e4a5c68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11070
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0Lzg0ZmY3MzBiMGY5NTBiODIwMjFmZDBiOTc2M2U5MDJmLmpwZWc.webp
s-img.mgid.com/g/4723163/492x277/0x14x625x416/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4723163/492x277/0x14x625x416/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0Lzg0ZmY3MzBiMGY5NTBiODIwMjFmZDBiOTc2M2U5MDJmLmpwZWc.webp?v=1644485245-e6iS3vCahF9vSIfuESdoGmemfXzdvRGeAkFZ0wKJT6s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e958acd33f23ea0b43f6ce74fc0854f016522eff111bd46b3b7d4543a83f5eb9

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:25 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 16:00:15 GMT
x-mg-request-uuid
06961e23-14f2-4c99-b986-8d3f000fe669
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6db44d308e4d5c68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24166
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNi8xMDE5MjQvYTIzZjE2NGUxZDNmYjg4N...
s-img.mgid.com/g/11533484/492x277/-/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533484/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNi8xMDE5MjQvYTIzZjE2NGUxZDNmYjg4NzEwNTY5NzkxZWIwYTZhMTMuanBlZw.webp?v=1644485245-DMqr5nodywJ-onCrKIj8IM-sK6j2uwL7g_rDRojhlgA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
085f8bdcc85e4eb1af657321f31f3c27ae41ff6ff16e2fa4694a10de6fc7c8ba

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:25 GMT
cf-cache-status
MISS
last-modified
Wed, 01 Dec 2021 12:34:38 GMT
x-mg-request-uuid
82634aca-57d9-42a2-b1b9-ee6f0ef7daad
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6db44d308e4e5c68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13108
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2U5ODNkOWY1MWVmZmY5YjAzY2JkYTc4YTM4N2M0Njk4LmpwZz90PTE0OTgxNjA4MTYxMjM.webp
s-img.mgid.com/g/3805494/492x277/0x60x539x359/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805494/492x277/0x60x539x359/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2U5ODNkOWY1MWVmZmY5YjAzY2JkYTc4YTM4N2M0Njk4LmpwZz90PTE0OTgxNjA4MTYxMjM.webp?v=1644485245-Ww2wEfVIJaNCm5ocYvLysf80OJwfrfYV0Thnn2VOpB0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90dd60ca14caa7eda327d78f9ad109b06feb5b69f3664b8a28519d2383adb689

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:25 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:56:28 GMT
x-mg-request-uuid
111dd7cf-9fa2-474f-be7e-e4e02eeb8309
age
58734
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6db44d308e4f5c68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12380
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvOWMxN2YxMmNjZThlYzAzY...
s-img.mgid.com/g/11739849/492x277/-/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739849/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvOWMxN2YxMmNjZThlYzAzYTY4YzkwNWNjMDJlYmJjZGMuanBlZw.webp?v=1644485245-LW_QtY9iQV3TEaa_X-X9s4g0ZaQLlWl5Fs0RAs6v_yc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9a5757457f5d0a6c5b8baaa68f08cc569f3c4f265a8f3005c127c7167f8a516

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:25 GMT
cf-cache-status
MISS
last-modified
Tue, 21 Dec 2021 12:52:35 GMT
x-mg-request-uuid
2cd55e02-cf63-46e4-a11c-3d69d6ca96c0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6db44d308e545c68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28280
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzkwM2VlODlmNjcyY2ZiMTU4MjY0NjY3MDE0M2NjYzkxLmpwZWc.webp
s-img.mgid.com/g/4003646/492x277/0x93x1001x667/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4003646/492x277/0x93x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzkwM2VlODlmNjcyY2ZiMTU4MjY0NjY3MDE0M2NjYzkxLmpwZWc.webp?v=1644485245-V48MtSYP48EAH-C7uj6CAp7wP0X5i8XRejCrxhYVDSE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d6e6bb2053fb97d5a021ab4855c6762a9f263e05edb099419b546b488c31b07

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:25 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:56:00 GMT
x-mg-request-uuid
f08bf712-3292-44e0-8e92-9a3f2de56e61
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6db44d308e555c68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7030
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2U1YTBhNjczOTQzYWNlYTA3OTU3OWEyZGI1ZDlmOGY4LmpwZWc.webp
s-img.mgid.com/g/3931460/492x277/9x9x492x328/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3931460/492x277/9x9x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2U1YTBhNjczOTQzYWNlYTA3OTU3OWEyZGI1ZDlmOGY4LmpwZWc.webp?v=1644485245-v5LKoJ0HmFSkWsoJlo3Yr4aUqmrGQRFfh5uxaKe6xWA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3427b69a7a53aaaa1b70f0bfd45fd171c0b73d5cdaa8200696bf5d1d1b3a9626

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
cf-cache-status
MISS
last-modified
Mon, 27 Dec 2021 03:34:57 GMT
x-mg-request-uuid
e6d53985-8f27-419d-9b47-809b076d7090
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6db44d30b8568fec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8022
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp
s-img.mgid.com/g/8193526/492x277/0x26x798x532/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193526/492x277/0x26x798x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp?v=1644485245-9d78CghSDEd80T3AKrGXfbpFCn2NS_hr3c6iMK_kh-k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22dc09e053641dbee00b20cf2894802b3a119e99d568ff099e7c6b413a85ba38

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:25 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:53:57 GMT
x-mg-request-uuid
9eb1f102-91af-4699-bc3e-f5a247645c51
age
1084
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6db44d30b8588fec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15828
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvNzYzMjFhNGRiNjE0ZTc5Y...
s-img.mgid.com/g/10881043/492x277/-/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10881043/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvNzYzMjFhNGRiNjE0ZTc5YTdkODIzYmNmNzQwOGZiZGEuanBlZw.webp?v=1644485245-Gn9vr7iSi7aLuhbH_oP5W15GtBfCw5wLl0uNwcJyRyc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d23f1be52de0a58b44cdfafbf10e84ac4917e1b137b1c530feac51f91cb13d7

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:57:50 GMT
x-mg-request-uuid
841525d8-c25e-4be3-a9c8-5d8a9611d3af
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6db44d30b8558fec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20788
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvMjNkYjllMjM4MjE0MWQ4N...
s-img.mgid.com/g/11533485/492x277/-/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533485/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvMjNkYjllMjM4MjE0MWQ4NTY3NGU0MGVkZTVkMDY3ZjMuanBn.webp?v=1644485245-vH9lmrFDjTP3ZfMJxkpCRvCf8no9HPDjnyTDYt21APc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0afcb6112a6d30cc9b084d7342fd755f00f92424e2d46e142d75837860e7fe91

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
cf-cache-status
MISS
last-modified
Tue, 21 Dec 2021 12:08:56 GMT
x-mg-request-uuid
f2b66366-01f0-4ca9-827a-4d343c9c340c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6db44d30b8598fec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20562
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTAxOTI0LzRiZTMxYWU4Mjg4NzBjOTZmNmRjYWJhZDJlOTQ0YTA1LmpwZWc.webp
s-img.mgid.com/g/8164898/492x277/0x64x545x363/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164898/492x277/0x64x545x363/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTAxOTI0LzRiZTMxYWU4Mjg4NzBjOTZmNmRjYWJhZDJlOTQ0YTA1LmpwZWc.webp?v=1644485245-TdP_pmk7PojFEKUj5Fn8AOo9kKiKcWtY_DoJRcIMuck
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e84a25c477e8e023d8fb0d0351dc484393303cd7c64525d42f599c80513acb47

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
cf-cache-status
MISS
last-modified
Mon, 20 Dec 2021 07:10:35 GMT
x-mg-request-uuid
381cfbf1-1abb-498f-b175-ac5b4929ad2c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6db44d30b8618fec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11274
server
cloudflare
aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzM4MDM0OGNiLmpwZWc.jpg
s-img.mgid.com/l/-/492x277/-/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/-/492x277/-/aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzM4MDM0OGNiLmpwZWc.jpg?v=1644485245-IpKLShV3dLxlQuR5ZkJSJ2h48MetOLKTk1FMogyCbbA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
693c1fc05326e4380777179beeb3c1487c75efb8c83fc995a3a8d8c7c756885f

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:25 GMT
cf-cache-status
HIT
x-mg-request-uuid
1ae86b6a-08c3-44cb-942d-ff063ab60399
age
16497
cf-polished
qual=85, origFmt=jpeg, origSize=41842
content-disposition
inline; filename="aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzM4MDM0OGNiLmpwZWc.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32968
last-modified
Thu, 11 Nov 2021 15:40:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6db44d30b8638fec-FRA
cf-bgj
imgq:85,h2pri
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNC8xMDE5MjQvZGYwYzM1N2ZkYzQ4YzJhO...
s-img.mgid.com/g/11533451/492x277/-/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533451/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNC8xMDE5MjQvZGYwYzM1N2ZkYzQ4YzJhOGUyMjg5N2FmZTRlYzgyMWUuanBlZw.webp?v=1644485245--bzvuYiDShTHJxyqx0n6jsdnaE4tguKcI7SERrs2uKo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8a9b82b6f802a3b7f2c31c8d05a224268c0e12fbfed9dc79e76eba186e2fe15

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jan 2022 14:38:24 GMT
x-mg-request-uuid
77f37e06-f3f0-4645-866b-9948996dc069
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6db44d30b8678fec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16838
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNGIwNDE4ZTBlYWFjMmYwY...
s-img.mgid.com/g/11533306/492x277/-/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533306/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNGIwNDE4ZTBlYWFjMmYwYzI1YTZjYjVhNzQ0Mzg4NzQucG5n.webp?v=1644485245-ve0U0cqV3aFKM_QA8RpgOWsmnsnAeIt_-OirUhaYm6E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82c2d8dc583506050c45289b85c71ad5320420d2062a9c07322b40ac900c3da8

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
cf-cache-status
MISS
last-modified
Wed, 01 Dec 2021 12:23:55 GMT
x-mg-request-uuid
f948db3e-c9a4-417a-94f8-9d48ef6d7c71
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6db44d30b85f8fec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13686
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNjAyNDM5YjIwMDk1MTUwN...
s-img.mgid.com/g/11533307/492x277/-/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533307/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNjAyNDM5YjIwMDk1MTUwNDEyN2NjMGM5NTg5NjkyODYucG5n.webp?v=1644485245-lw_XLt0Z5RBEIlYh5OF7v7m55tiD7hX1MlLW9YSFJUw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb8529edc34ff55b7b85731e442f3d5b5d3d941eb3cbe43a88d7b46568486739

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:25 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:24:02 GMT
x-mg-request-uuid
9126d832-4d72-4e77-a7c5-47755d9abbe9
age
1084
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6db44d30b8608fec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12614
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMy8xMDE5MjQvNDYzNzQxOThkNTY5YjhlY...
s-img.mgid.com/g/10881021/492x277/-/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10881021/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMy8xMDE5MjQvNDYzNzQxOThkNTY5YjhlY2E2OGZkNzkxMzFjNDkxMTcuanBlZw.webp?v=1644485245-WbF5KhxnRG4DEMZww_vtca4DLDloSeYqkL7nK8QH3Nk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65772f5d2029b3f616d43c8beedcdb2d4add3cda1d1068e761dfbf966fd4d6af

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:54:46 GMT
x-mg-request-uuid
a6b7f495-288d-4a8c-a367-be8ce6446e3b
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6db44d30b8658fec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23960
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Q0MjQyOWVkMmI0MDE5ZDFiZDgxNjZlNjQ1YzQyNTM3LmpwZWc.webp
s-img.mgid.com/g/3839412/492x277/0x20x899x599/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3839412/492x277/0x20x899x599/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Q0MjQyOWVkMmI0MDE5ZDFiZDgxNjZlNjQ1YzQyNTM3LmpwZWc.webp?v=1644485245-1IwHH8ggleELqmgNZAqpFT1zM2JDaUefl2WcF_huOQo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bbba8ffbd30285300e9571b23cb5c32edfc7740811f95ca28a258112fa9400

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
cf-cache-status
MISS
last-modified
Wed, 22 Dec 2021 11:58:10 GMT
x-mg-request-uuid
d529d3a1-0a76-43b9-86f7-ce4206122926
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6db44d30b85b8fec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20976
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTIvMTAxOTI0Lzc5ZjU2ZGFhYjZiOTEzNzU3OTMwNjY0NjFmMWViYzAyLmpwZz90PTE0OTIwMjgyNjQyNDU.webp
s-img.mgid.com/g/3805539/492x277/0x51x900x600/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805539/492x277/0x51x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTIvMTAxOTI0Lzc5ZjU2ZGFhYjZiOTEzNzU3OTMwNjY0NjFmMWViYzAyLmpwZz90PTE0OTIwMjgyNjQyNDU.webp?v=1644485245-WywaAmAl12yQv1O-kNzVDvzOsgwhVRPLmrFCjAvBXyQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926b9f8f35cf8fc3daadc4415aaa890adea52ccb58f60c990c55020018a057d4

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 16:00:22 GMT
x-mg-request-uuid
36ddfb68-8d4c-41c9-8a78-3528596fafaa
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6db44d30b85d8fec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20060
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvNDEyZWU0NzIzMzIxZGVjZ...
s-img.mgid.com/g/12068041/492x277/-/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12068041/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvNDEyZWU0NzIzMzIxZGVjZmMyNjhmNTZkZjUzNjQ4OGMuanBlZw.webp?v=1644485245-rVxhjbwRo2HAhwtQ59sGkC7NSm6_SseAyfZTnfVqWLU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f86d5798814cbee32d210b324fcd9fc285a90a97a966cc706cb225d7e01b411a

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
cf-cache-status
MISS
last-modified
Wed, 26 Jan 2022 14:12:58 GMT
x-mg-request-uuid
31e14438-8cb0-40e9-b741-1c5915db3d68
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6db44d30b85c8fec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6714
server
cloudflare
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 2736 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/
Origin
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 06:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11681
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Feb 2022 06:12:44 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220208/r20110914/elements/html/ Frame 2736 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220208/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cd2JUeluvVSju9v6QkLgMqoBn8R56h203OvGMFtAL5zrDSFiugSiFj1vki33DEJFxATBJ0mhQyjhWtzuR0Yckr0X6qi6ynS0Gq0kDOQgs1f2RlkXqEhPWQ8-Usp67-dKXA1djH4m4NyU0I2xtQ6qjtKnj1dQ&dbm_d=AKAmf-AW4tgd0Euq3bymp-fxGM8cQHaEex-fGWJet4AYrBSQ6ZSdFAmp_ClJaadRYuTwRKbgTGSfrwT26f6oFwAoXl0qUdQl4xnsugHDaVTqUulqnTgb-6T1922Js-pbdA3dXrNADGBsdtVsINkU7XBgxIlMopee4ETX1HuN7r6tNEMw8h0Cbb8r7T5UAgnydYJtZtSyIb3sM5nCKQiDsDaSPx5pGHMVqzSgyQV40Kv7ZBPwYnWgAReyKaP5cZlbvMe-dPt0DaZPxvnwtBImXcTjf9h0IOQ_BP4qY-7Q4BKeRl1r6wbDWcgdDEjETghbwtCe0WzOT-v33OiaOlRj5H2hMRdksXs3QLtok8Y2OUyEXsr46aXPRceZOI-Sj6gmQZRfJdtXGVp3Cj0S8HG7TH1-6KXqMCDoadO7VtKnZSkt6ozCuE_zIpao6twjPkpj4WuouyQQiKuuZsZpVY2d2p32x772_s5ll5tBVtQn1tlNOa6_svJg_IGI85qxyt912DwA92kIfhGi528Yr0IXaRRTqKVizh6jWaCkbZvtTWtNlG4wYQPEfoKYcOnnc0aW-Qt1g3Ca-Be3aqYhTO-l2BDa_M6yp7PStN0VHPI-FfPHaKQtnwXVWQrWgxljfbUENJEQeNNm5gYn99EalWrEYbUP6mi7DgDCsLet_xC6LyZ7m8HAR07wQnq_AfKbtnIa96V6oQwUvkxP597IKmnXiWh8y7LZt1H84A99UIj7zoX7tX21QkjeURs2G2rmOZzqxbjKXRyxwypTlZIGbbtVv_YrCGgH0jDZnX2oCNooMKs2DTDkYp4b-tGE9JiZQ1PDHRHdSi5Ex9cIVwYtn-22LOdUeMQ380xhxgrtIe9RJ_iDdqp9_XvlSO3GDmtLpyFuMxO5KDzo2D_4JjgxFK091BZKLaDe-fFXeO6x1_4n0PseSy_PcYMDyWjBP1vvblj9-EsSoNtPv49qf6Dgo4Fp2BeKGPOSG4HoKEldhkU-OcfsAeYrVEGbsWiakIWr_N7-p3uQILD90mcDcxWG2vMgqpGzgR-GgcqxZaidUiDx5b1mhZdO1jDjz6TqgaqzZDvRkeWfEl8CH94Vp7uP06beQpqwVlfnONX9QxkndrAQwyxnvIr3ZAZVdtvbEJ2R3CFT83gahA4YEKtxy-WEDXYicsaIPTsetIQjmaeCsmTfk71IxXSQ8L_VAb6Rthuond4sJ6RT8EXgEpAIJMXctWN99rIV-5lXC02Op60fWqNLVMno5xgCciM9cDyKXOrFkaQjTsdjUmZ6G7A6vXpe85cWn6qjB_7k6v-ubWcFtGdOtFIQ7wrIteIYsNcVqUugb5mebtibbHW8Rcq8gvRZ9vChS1u2F46MTx_WheDuqgRLRLgu0o__LLKK00gd_hXD9JSqgMGrWXWeQ8u-IOjRwZ6OCyLERcoPEs4iI-TL-pFSIrqvNclNX_mg6O1sh42Tclc82wwh7g-OnxtK3t731T-gr_9FNKZ_TrOaC7QNOXN_34smUvyGss5qLDtBsXYoEb7iq0yip0JZVz_-bLZoeut4Zmzb30TGviXodJ_-T4uu1CljsLtl9ayIPtMmym50CxmCoa5hxgC_kafN5vHBHVO4lDmYtFr6WFf-fhje5PZ02ZCL3Z7j0f9vlAkzkvMpq2afmKFHYOR2684ds2pBlgegKXgvWPIGWEz-QkvYUkIKJQvxTCbQL1iAJikdO9oFzEhsBzR70eibgiQI4JNDmmS1z0slRFveQCv-ZGsg82I36RlrlgT69CZcMCl84ZFTmvQeCSH1TGsFoMGiDN3U4DvYZ-kCim8YtBHi0APuT0v2xbWbMAIfF5U9LIa6WfhdXD8Ytk68HLaoU6Pp8Fa_dYzcF4g_Nz3HwRnq4-hNFd3yJHE6FXx-SCT8aumzuw0MCA5rQ_z0HCOk1G4qOubM5JeYxSCAuM6CXvZ1dySw6y7ecLjjkNkDklxXP4o-G8WKAWcnVJlgpN1qK2GHwq4sucduTanrFfsw8ZWJs-6wfoLeXmFyLVz-j6iS1E2wxl96_aH4lHz9IpD35PURaHD8VwcWNHYDTGlP2ShN5opKQvzegZGCjZvwuZDUmkcjBg4NwNc5w3lUjRReLgf-eVp1dqfVFcSBNyENHrwvv3RJcxvh1J3Wsp80Jewe__WeLIa_y5i22XI44KoYZwU4CUE23i3Iyj6MdihMK1wfazUUkmE-oyCqzQT-8EVTZmYS98bB8EsRXxIDjgjQixu9gpF3U0C51ps7jwLGgGj0pMzHH93GTXBAerJQAr9lAP7Blqsdfqy12mOlHTHopE-jOeVWkoUidd85ts_W_oUZGtsd_-If4Csr48bTMy9XnS_1tunnXYnRKEnHUSpvJV_jXT60cTpqXqnuAkdKKAtK6wMnfGpnc3Z_2Kx2jrx5NO8vzYj0bR40Z4SPtZPtMhv58w8a_SBRh3PCNFPhIq7W94OREWih35jVSwS7bv2v-FM_KvXwEjoX87DT5zWF9eLn6twapkjSfFi4yBmn_UARsW1coj1wvuQKRAqsG-IylO2Xz7mp1mcPZvs3cM71sBEDbc0TWXSOS5AEJFo5V6RZijXLdShTzuy5pjOXk0O4s2V6YnZm10CM9s8BdxEbeYMyBidxMxNp9iFAma7MDhh0hKJShOawJ3s0Nj8qH8q2NjuPJf1isJjkR8QHajHPdghVPukdmC8AO2AtMJGoeNmGw8VVT6SQmtYD82Q9EEKmXSCB_7Q39vjqsHlmf1wZWr7_Osu5ASA_NxY71UD2bVBb27-IhGrNZSThXDLB8Zlbb51yT2GNYF7ZZcywI96c5D5OQ-iKciv0VtxadmkLnz10AH2a_ocM3EYt2NLS7_ymCg1Xm87sEu3vLtvVAJletNRr57DYRS1rgkEjPCUvIS4U-M6zyhPc4OErAnPE1pLepj6NHtfe4O6jzVbg8DpddshNKkaTHX9CLQlKV0GzAkadGFGfBtMiC79E8JN4dc3bGO1K0JJgWSCRC2FJzaWjQvlY_xEzfukYePVpu-hBovSllPvo7lpKGki2QeevHNUSAAyLV01Ug03hQDMtbLE0NghwAssdrEYS8r5Ki3MLWSR7uUk0YUgw4KV1Yh1UVmj8jjwjPUeQufg7JX9szdZOBurIWxGjd4dAjcv6kYKiNAGUpT3Jc4-zHfF5BxxO43_oGXAcf3gXjE-BBAvizFUFWp7ahA_cDGNO-EJoJ0u-2VHxRtIZpPr9FM_eoxxRDZgdz8yD393TBT_ZjZyYFixmgW-nrvsmE5wx16pIbw3aXiI5gT48xOg6Juaa4RieevqN7CCIkSI6RtEHxf8yk_13R0cyAJwrmRm4x3_LCQScv6wGczjmWBGz8nl-DcuLi73WiDi_27U2BV8KJR39TeJFl3XP524sCvA9kieLEDsbYXPd4kMaJDtrFM_S2TRV-2zjpPBuuC65FmSTaKYs_pYy-tdY2M48qwRBb5qHVvhqcIvaOw&cid=CAASFeRoLupHP0Gns5QQBLZUAlZvkFRr9g&rfl=1%2Chttps%253A%252F%252Fiw.omatomeloanhikaku.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Feb 2022 09:26:31 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220208/r20110914/ Frame 2736 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220208/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cd2JUeluvVSju9v6QkLgMqoBn8R56h203OvGMFtAL5zrDSFiugSiFj1vki33DEJFxATBJ0mhQyjhWtzuR0Yckr0X6qi6ynS0Gq0kDOQgs1f2RlkXqEhPWQ8-Usp67-dKXA1djH4m4NyU0I2xtQ6qjtKnj1dQ&dbm_d=AKAmf-AW4tgd0Euq3bymp-fxGM8cQHaEex-fGWJet4AYrBSQ6ZSdFAmp_ClJaadRYuTwRKbgTGSfrwT26f6oFwAoXl0qUdQl4xnsugHDaVTqUulqnTgb-6T1922Js-pbdA3dXrNADGBsdtVsINkU7XBgxIlMopee4ETX1HuN7r6tNEMw8h0Cbb8r7T5UAgnydYJtZtSyIb3sM5nCKQiDsDaSPx5pGHMVqzSgyQV40Kv7ZBPwYnWgAReyKaP5cZlbvMe-dPt0DaZPxvnwtBImXcTjf9h0IOQ_BP4qY-7Q4BKeRl1r6wbDWcgdDEjETghbwtCe0WzOT-v33OiaOlRj5H2hMRdksXs3QLtok8Y2OUyEXsr46aXPRceZOI-Sj6gmQZRfJdtXGVp3Cj0S8HG7TH1-6KXqMCDoadO7VtKnZSkt6ozCuE_zIpao6twjPkpj4WuouyQQiKuuZsZpVY2d2p32x772_s5ll5tBVtQn1tlNOa6_svJg_IGI85qxyt912DwA92kIfhGi528Yr0IXaRRTqKVizh6jWaCkbZvtTWtNlG4wYQPEfoKYcOnnc0aW-Qt1g3Ca-Be3aqYhTO-l2BDa_M6yp7PStN0VHPI-FfPHaKQtnwXVWQrWgxljfbUENJEQeNNm5gYn99EalWrEYbUP6mi7DgDCsLet_xC6LyZ7m8HAR07wQnq_AfKbtnIa96V6oQwUvkxP597IKmnXiWh8y7LZt1H84A99UIj7zoX7tX21QkjeURs2G2rmOZzqxbjKXRyxwypTlZIGbbtVv_YrCGgH0jDZnX2oCNooMKs2DTDkYp4b-tGE9JiZQ1PDHRHdSi5Ex9cIVwYtn-22LOdUeMQ380xhxgrtIe9RJ_iDdqp9_XvlSO3GDmtLpyFuMxO5KDzo2D_4JjgxFK091BZKLaDe-fFXeO6x1_4n0PseSy_PcYMDyWjBP1vvblj9-EsSoNtPv49qf6Dgo4Fp2BeKGPOSG4HoKEldhkU-OcfsAeYrVEGbsWiakIWr_N7-p3uQILD90mcDcxWG2vMgqpGzgR-GgcqxZaidUiDx5b1mhZdO1jDjz6TqgaqzZDvRkeWfEl8CH94Vp7uP06beQpqwVlfnONX9QxkndrAQwyxnvIr3ZAZVdtvbEJ2R3CFT83gahA4YEKtxy-WEDXYicsaIPTsetIQjmaeCsmTfk71IxXSQ8L_VAb6Rthuond4sJ6RT8EXgEpAIJMXctWN99rIV-5lXC02Op60fWqNLVMno5xgCciM9cDyKXOrFkaQjTsdjUmZ6G7A6vXpe85cWn6qjB_7k6v-ubWcFtGdOtFIQ7wrIteIYsNcVqUugb5mebtibbHW8Rcq8gvRZ9vChS1u2F46MTx_WheDuqgRLRLgu0o__LLKK00gd_hXD9JSqgMGrWXWeQ8u-IOjRwZ6OCyLERcoPEs4iI-TL-pFSIrqvNclNX_mg6O1sh42Tclc82wwh7g-OnxtK3t731T-gr_9FNKZ_TrOaC7QNOXN_34smUvyGss5qLDtBsXYoEb7iq0yip0JZVz_-bLZoeut4Zmzb30TGviXodJ_-T4uu1CljsLtl9ayIPtMmym50CxmCoa5hxgC_kafN5vHBHVO4lDmYtFr6WFf-fhje5PZ02ZCL3Z7j0f9vlAkzkvMpq2afmKFHYOR2684ds2pBlgegKXgvWPIGWEz-QkvYUkIKJQvxTCbQL1iAJikdO9oFzEhsBzR70eibgiQI4JNDmmS1z0slRFveQCv-ZGsg82I36RlrlgT69CZcMCl84ZFTmvQeCSH1TGsFoMGiDN3U4DvYZ-kCim8YtBHi0APuT0v2xbWbMAIfF5U9LIa6WfhdXD8Ytk68HLaoU6Pp8Fa_dYzcF4g_Nz3HwRnq4-hNFd3yJHE6FXx-SCT8aumzuw0MCA5rQ_z0HCOk1G4qOubM5JeYxSCAuM6CXvZ1dySw6y7ecLjjkNkDklxXP4o-G8WKAWcnVJlgpN1qK2GHwq4sucduTanrFfsw8ZWJs-6wfoLeXmFyLVz-j6iS1E2wxl96_aH4lHz9IpD35PURaHD8VwcWNHYDTGlP2ShN5opKQvzegZGCjZvwuZDUmkcjBg4NwNc5w3lUjRReLgf-eVp1dqfVFcSBNyENHrwvv3RJcxvh1J3Wsp80Jewe__WeLIa_y5i22XI44KoYZwU4CUE23i3Iyj6MdihMK1wfazUUkmE-oyCqzQT-8EVTZmYS98bB8EsRXxIDjgjQixu9gpF3U0C51ps7jwLGgGj0pMzHH93GTXBAerJQAr9lAP7Blqsdfqy12mOlHTHopE-jOeVWkoUidd85ts_W_oUZGtsd_-If4Csr48bTMy9XnS_1tunnXYnRKEnHUSpvJV_jXT60cTpqXqnuAkdKKAtK6wMnfGpnc3Z_2Kx2jrx5NO8vzYj0bR40Z4SPtZPtMhv58w8a_SBRh3PCNFPhIq7W94OREWih35jVSwS7bv2v-FM_KvXwEjoX87DT5zWF9eLn6twapkjSfFi4yBmn_UARsW1coj1wvuQKRAqsG-IylO2Xz7mp1mcPZvs3cM71sBEDbc0TWXSOS5AEJFo5V6RZijXLdShTzuy5pjOXk0O4s2V6YnZm10CM9s8BdxEbeYMyBidxMxNp9iFAma7MDhh0hKJShOawJ3s0Nj8qH8q2NjuPJf1isJjkR8QHajHPdghVPukdmC8AO2AtMJGoeNmGw8VVT6SQmtYD82Q9EEKmXSCB_7Q39vjqsHlmf1wZWr7_Osu5ASA_NxY71UD2bVBb27-IhGrNZSThXDLB8Zlbb51yT2GNYF7ZZcywI96c5D5OQ-iKciv0VtxadmkLnz10AH2a_ocM3EYt2NLS7_ymCg1Xm87sEu3vLtvVAJletNRr57DYRS1rgkEjPCUvIS4U-M6zyhPc4OErAnPE1pLepj6NHtfe4O6jzVbg8DpddshNKkaTHX9CLQlKV0GzAkadGFGfBtMiC79E8JN4dc3bGO1K0JJgWSCRC2FJzaWjQvlY_xEzfukYePVpu-hBovSllPvo7lpKGki2QeevHNUSAAyLV01Ug03hQDMtbLE0NghwAssdrEYS8r5Ki3MLWSR7uUk0YUgw4KV1Yh1UVmj8jjwjPUeQufg7JX9szdZOBurIWxGjd4dAjcv6kYKiNAGUpT3Jc4-zHfF5BxxO43_oGXAcf3gXjE-BBAvizFUFWp7ahA_cDGNO-EJoJ0u-2VHxRtIZpPr9FM_eoxxRDZgdz8yD393TBT_ZjZyYFixmgW-nrvsmE5wx16pIbw3aXiI5gT48xOg6Juaa4RieevqN7CCIkSI6RtEHxf8yk_13R0cyAJwrmRm4x3_LCQScv6wGczjmWBGz8nl-DcuLi73WiDi_27U2BV8KJR39TeJFl3XP524sCvA9kieLEDsbYXPd4kMaJDtrFM_S2TRV-2zjpPBuuC65FmSTaKYs_pYy-tdY2M48qwRBb5qHVvhqcIvaOw&cid=CAASFeRoLupHP0Gns5QQBLZUAlZvkFRr9g&rfl=1%2Chttps%253A%252F%252Fiw.omatomeloanhikaku.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
406dae81a8e95037a3bca53ca771f446df097cf86084d76de62fd308e2bf32a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
285
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9577
x-xss-protection
0
server
cafe
etag
11201793935764353180
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Feb 2022 09:22:40 GMT
adSrcNoUi.js
video-native.mgid.com/scripts/ 		1 KB
622 B 		Script
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/scripts/adSrcNoUi.js
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.81.es6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
0db75643a6c905d8d9d813015b6ce4b2dfb2b9631d61cbc9ab2e61f6c0380b1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Thu, 10 Feb 2022 09:27:25 GMT
content-encoding
gzip
last-modified
Mon, 28 Sep 2020 12:35:01 GMT
server
nginx
etag
"56d-5b05ee52e311c-gzip"
vary
Accept-Encoding
x-cached-since
2022-02-02T12:01:49+00:00
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
481
expires
Thu, 02 Feb 2023 12:01:49 GMT
aniview.js
player.aniview.com/script/6.1/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.81.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
67faa0264275e2020fed25c1aaf427b43782d2bf826272fc83daa54e44e31f5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:25 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvKrX1scyLj7ROygNj_X6IZ-NAy1vOgxpfSsJ2AMGQ--aE-Y_HQZ-G3VAVnlPWhPtGblndLQ4vWBBarNpDhHcFBi6eTvw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9564
last-modified
Tue, 08 Feb 2022 14:26:39 GMT
server
UploadServer
etag
"27812b9490469813a33511dfee48141b"
vary
Accept-Encoding
x-goog-hash
crc32c=zjJ/yg==, md5=J4ErlJBGmBOjNRHf7kgUGw==
content-language
en
access-control-allow-origin
*
x-goog-generation
1644330398915664
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9564
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 10 Feb 2022 09:32:25 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5ac2203f073ef46a6856c7b0&cid=60ad238b92aa2272e1594459&e=playerLoaded&cb=1644485245635
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.48.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-48-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:25 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mgPlayer_v2.css
video-native.mgid.com/mgPlayer/css/ 		24 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/mgPlayer_v2.css
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.81.es6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
46b8c54b65b5fd3bbe9242cee35773736c5997c027128c7b852df478c6398b4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Thu, 10 Feb 2022 09:27:25 GMT
content-encoding
gzip
last-modified
Tue, 28 Sep 2021 08:55:19 GMT
server
nginx
etag
"6184-5cd0a5f7ec588-gzip"
vary
Accept-Encoding
x-cached-since
2022-02-04T09:30:03+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
3405
expires
Sat, 04 Feb 2023 09:30:03 GMT
XHcEUCFl-720.jpg
video-native.mgid.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video-native.mgid.com/XHcEUCFl-720.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
a215dfc619c9f8aa50e5aab45d1ee793c44ffe2a6dcd0bc1ba27dbb3f1cdcff6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Thu, 10 Feb 2022 09:27:25 GMT
last-modified
Tue, 02 Apr 2019 14:58:39 GMT
server
nginx
etag
"202c-5858d5f4d012f"
x-cached-since
2022-02-05T14:46:41+00:00
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
8236
expires
Sun, 05 Feb 2023 14:46:41 GMT
mgPlayer_v2_sprite.svg
video-native.mgid.com/mgPlayer/img/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video-native.mgid.com/mgPlayer/img/mgPlayer_v2_sprite.svg
Requested by
Host: video-native.mgid.com
URL: https://video-native.mgid.com/mgPlayer/css/mgPlayer_v2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e59c0f735471d90ea02234c6d94ee8fb9033ddd50f3f6b50ecf238dba336b842

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video-native.mgid.com/mgPlayer/css/mgPlayer_v2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Thu, 10 Feb 2022 09:27:25 GMT
content-encoding
gzip
last-modified
Wed, 07 Jul 2021 14:37:30 GMT
server
nginx
etag
"c1c-5c6897a74212b-gzip"
vary
Accept-Encoding
x-cached-since
2022-02-02T12:01:57+00:00
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
1154
expires
Thu, 02 Feb 2023 12:01:57 GMT
i.js
cm.mgid.com/ 		0
113 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1644485245676980910391
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6db44d31985190e8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzM4MDM0OGNiLmpwZWc.jpg
s-img.mgid.com/l/-/492x277/-/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/-/492x277/-/aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzM4MDM0OGNiLmpwZWc.jpg?v=1644485245-IpKLShV3dLxlQuR5ZkJSJ2h48MetOLKTk1FMogyCbbA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
693c1fc05326e4380777179beeb3c1487c75efb8c83fc995a3a8d8c7c756885f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:25 GMT
cf-cache-status
HIT
x-mg-request-uuid
715870d1-cc5b-409e-9506-328e54935974
age
39931
cf-polished
qual=85, origFmt=jpeg, origSize=41842
content-disposition
inline; filename="aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzM4MDM0OGNiLmpwZWc.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32968
last-modified
Thu, 11 Nov 2021 15:40:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6db44d318f776921-FRA
cf-bgj
imgq:85,h2pri
/
c.mgid.com/vs/ 		43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?tid=601&iid=1101801&e=vr_load&h=fv7N9V1QI5A_wyi9Ke8AfW_MHmXami5An1IhDh5Ltfzw7epFz9InYqa6zAHWsa7C&o=%7B%22vrViewable%22%3A0%2C%22sticky%22%3A0%2C%22playlistSeq%22%3A0%2C%22uuid%22%3A%22%22%2C%22format%22%3A%22instream%22%2C%22tt%22%3A%22Direct%22%2C%22timeOffset%22%3A0%7D&t=0&c=32737
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6db44d318f7a6921-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
index.html
s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/ Frame 3A2E 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a951356f93f3cbf49bf5f70e17705826acf63ec55fb9bae245b2191c10d0f854
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
3756
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
date
Thu, 10 Feb 2022 04:12:24 GMT
expires
Fri, 10 Feb 2023 04:12:24 GMT
cache-control
public, max-age=31536000
age
18901
last-modified
Tue, 09 Feb 2021 19:34:02 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 2736 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7R37ZoYz-r86Eql6jM8BkMfEvPWvLp2cw5t6jI27fcQ80Lk6Qolj5UXB8cV7sx3jlbjUj-Yn6CWNAqJy3PFs1qXyXJl-NCAti2eosKQEgWmlRA0H9p0Ykg__nUtp3g2IxwLH3EKGhwFChcpoHs9Iypnw3NJW-0mhjs9o5Tyk4n5MO8AzlG6s3BtOnc9o-U_MqE4xTpEiU88jWaHj4EhSs20lu3e0b6Zknq-v_bCLRU2XHGdm-uIfn8IbH032ETI5jbUGsWEqQhdCM54Q772Cr-akCgwt8HNZRRxpboN4Jp739ET72yKgIqd5O5ERHEIWSTUu3qLX2Iz3wSkkYDnFIAZFjZw1EqCnHCApIv_KWgt8jgLjgq0nM1Ky9o_3FsiJLA5_UPtzVOs9-L_EsihnRmiSkqLeCiHExLPRHjmCxycLBMJqXya6YCWxyov21tPRNBLZCIClz1nvZCl9zwRbBPRlYKXzZEsG6DW3vfJBVQG-YvxkbnCnbYysLOH7S0lYzTlKwjpBs1CyIrQXq0kbD4cn_W6By8mlaqmVZ_l3Cz4QEf0r5iMTcPqyZo6aPNGBiu-M-wYkrClNiY_LfNdjlarBfxq5c27dwMzjg9MrZb7gLiHdVHyZomkbq8PdSfSCQgZS-Hxye8Ztj4X1kHHN8nvvnf-h6kVlUhLrYxOoCb6tDIKPMzxdAPzn7avdQbWrHtg1JVbjH2uS3jF7BalectPVT727N6ejjOJsWKB6y-mVHDp8ZQgHOTtzqZ0FWbhdPhaqYKuhIrRhDy6htzTbD4llnpAd36GFkbAV-bWAdwdN-_H_8Fz9uzVeQTjgNZ1KZxOM6n_6xO2cAUI-KAvhAgQPl-1sxKkbyo2xbpGibr3d7zfyYztUW6zL4H6U9z1_-7K_QSO3fc4twJJJi0qWLSiLplUl5q2Vfv195_pF7SLToLzMunTuLJkIQOnAQulIbOY8NFQajOa1nBaDzuvR2RTjqSkz074-nfVxOD7XFm2n_QoyyS-sU4U5ZIWuAh_h2e0WU02Wzysoy9erzdqL1Pi9PWcr2Ju_rJM8qa_LoqPU4C5ui90G8i7QxBAttS5SksDMB7TtlwBbPjdgAFDZYsPk71e0k5L5Fk0nCNlwbelkjUcRPPCzPBdfFbmpcSjUG3lyCJl_zfElPqja9x9vCdt-72uVk5aU-XIsi0-FQ6d5qkaIpV8Q2MoxWntpM7GuhHac_Ec_4sBsEQAuzdV_n5t81tFhP6tmiKFUQIHNvRaBPcCodqZ5Oef6P7vyoww4&sai=AMfl-YQcvCgT0Y_7wqAx3XK-VwDDQ194l3uLLw6VdwNx4Ram9n3V4ct0vh4EZs9Q6DCHhx0xuYIUyuZ-Uf5hJT_pyS7BQnGfZC5b8Zsj2a_Dk2F-cgj0eN5JOu2NYX2ZsBeah1gil7yomxgxIghs1nF6o74f5DDYHP4cNHw8C-E&sig=Cg0ArKJSzGfmKQaFN3d8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=140&cbvp=1&cstd=138&cisv=r20220208.88598&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 10 Feb 2022 09:27:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
mgPlayer_v2_sprite.svg
video-native.mgid.com/mgPlayer/img/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video-native.mgid.com/mgPlayer/img/mgPlayer_v2_sprite.svg
Requested by
Host: video-native.mgid.com
URL: https://video-native.mgid.com/mgPlayer/css/mgPlayer_v2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e59c0f735471d90ea02234c6d94ee8fb9033ddd50f3f6b50ecf238dba336b842

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video-native.mgid.com/mgPlayer/css/mgPlayer_v2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Thu, 10 Feb 2022 09:27:25 GMT
content-encoding
gzip
last-modified
Wed, 07 Jul 2021 14:37:30 GMT
server
nginx
etag
"c1c-5c6897a74212b-gzip"
vary
Accept-Encoding
x-cached-since
2022-02-02T12:01:57+00:00
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
1154
expires
Thu, 02 Feb 2023 12:01:57 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2736 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
URL: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 15:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Feb 2023 15:11:49 GMT
truncated
/ Frame 2736 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c63a206e5442d431f258392c1634a0f76521d8c887fb35cbc22ad30534a4082

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
i-noref.js
cm.mgid.com/ Frame E1AB 		0
62 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1644485245791610816116
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6db44d3239a890e8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
AVmanager.js
player.aniview.com/script/6.1/ Frame 2C71 		347 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
c1547a6f623d4d38158668e66bf805c9ce9e6956c3ab50ec65d49b083ab7350b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:25 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdscwotEp3f7SGgz1YE7AWgeHsDxh2NETZSR-fmvPl8l3Wq5yc9UqNarrIQy3BX6Z7SH3ontafsVdKOb3z4dGw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99202
last-modified
Tue, 08 Feb 2022 14:25:50 GMT
server
UploadServer
etag
"78cb9001c631bf20e486f9f43f45106d"
vary
Accept-Encoding
x-goog-hash
crc32c=dOnpPQ==, md5=eMuQAcYxvyDkhvn0P0UQbQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1644330350791877
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99202
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 10 Feb 2022 09:32:25 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2EB1 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 09 Feb 2022 15:11:50 GMT
expires
Thu, 09 Feb 2023 15:11:50 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
65735
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
keyvisual-x2.jpg
s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/images/ Frame 3A2E 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/images/keyvisual-x2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95ecf84569d27ebc65210d50e0909e4ae8074fb4f6f43cc6dc3cd67fcb05dea1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 07:28:17 GMT
x-content-type-options
nosniff
age
93548
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25641
x-xss-protection
0
last-modified
Tue, 09 Feb 2021 19:34:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Feb 2023 07:28:17 GMT
attribute-1-x2.png
s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/images/ Frame 3A2E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/images/attribute-1-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
533b48c9c5147142d3a07394f46778b9173527108aa60db85378b6c10177261d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 06:02:26 GMT
x-content-type-options
nosniff
age
185099
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2060
x-xss-protection
0
last-modified
Tue, 09 Feb 2021 19:34:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 06:02:26 GMT
attribute-2-x2.png
s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/images/ Frame 3A2E 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/images/attribute-2-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e745925dd2871ad9fbbfd067272b53a05747872be0f6d1f5a11cf73d6d5a37c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 15:03:24 GMT
x-content-type-options
nosniff
age
152641
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12460
x-xss-protection
0
last-modified
Tue, 09 Feb 2021 19:34:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 15:03:24 GMT
box-push-x2.png
s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/images/ Frame 3A2E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/images/box-push-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
527897ef3072133347a5b376d87bb22512ec34b6c24de5f00fa921b681dd1dd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 07:28:17 GMT
x-content-type-options
nosniff
age
93548
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6949
x-xss-protection
0
last-modified
Tue, 09 Feb 2021 19:34:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Feb 2023 07:28:17 GMT
push-1-x2.png
s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/images/ Frame 3A2E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/images/push-1-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4180aec0b64dbf313f0666d408be706a1882d3e45d27668ed95d114100e78921
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:35:47 GMT
x-content-type-options
nosniff
age
517898
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2870
x-xss-protection
0
last-modified
Tue, 09 Feb 2021 19:34:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Feb 2023 09:35:47 GMT
push-2-x2.png
s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/images/ Frame 3A2E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/images/push-2-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be2d88c4e8c1c25fd8d9415cb1bdc04612ab464378898cd5b3e4edc81c59cb51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 17:40:37 GMT
x-content-type-options
nosniff
age
143208
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5014
x-xss-protection
0
last-modified
Tue, 09 Feb 2021 19:34:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 17:40:37 GMT
box-cta-x2.png
s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/images/ Frame 3A2E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/images/box-cta-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
543f6e29b5f4a45f1ed7228430078964330382a976587704e40887e24c7f39ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 06:52:30 GMT
x-content-type-options
nosniff
age
268495
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2882
x-xss-protection
0
last-modified
Tue, 09 Feb 2021 19:34:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 07 Feb 2023 06:52:30 GMT
partner.svg
s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/images/ Frame 3A2E 		351 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/images/partner.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72fd1fa5c56689ff1fc4d3d60c6065f7f99fe6953a3c54ed3ad0c82aa9a34fa2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 12:12:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
508468
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
264
x-xss-protection
0
last-modified
Tue, 09 Feb 2021 19:34:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Feb 2023 12:12:57 GMT
logo.svg
s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/images/ Frame 3A2E 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/images/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23f66936773cf6edddcdc7b474a536146779ca32fca06d731861ff069544b93e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 17:34:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
143567
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1369
x-xss-protection
0
last-modified
Tue, 09 Feb 2021 19:34:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 17:34:38 GMT
overlay-push-x2.png
s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/images/ Frame 3A2E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/images/overlay-push-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab772ffed7945bc1a1160274561ed4f8a22df6e6d826a9cc0865f0c00843c854
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 10:13:55 GMT
x-content-type-options
nosniff
age
83610
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2336
x-xss-protection
0
last-modified
Tue, 09 Feb 2021 19:34:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Feb 2023 10:13:55 GMT
overlay-cta-hover-x2.png
s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/images/ Frame 3A2E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/images/overlay-cta-hover-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d6a5f1fd30398a93b2248cf48c62a16f2b6c396c09aec5061d3c0f1d9399e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 09:58:09 GMT
x-content-type-options
nosniff
age
84556
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1629
x-xss-protection
0
last-modified
Tue, 09 Feb 2021 19:34:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Feb 2023 09:58:09 GMT
overlay-cta-x2.png
s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/images/ Frame 3A2E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/images/overlay-cta-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4c62966b16197d8a85d91bbbb7ec339a6d744764e6ba4c86d3f42b93c1101db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:44:19 GMT
x-content-type-options
nosniff
age
517386
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1628
x-xss-protection
0
last-modified
Tue, 09 Feb 2021 19:34:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Feb 2023 09:44:19 GMT
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3A2E 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Feb 2022 09:27:25 GMT
creative-1.0.6.min.js
s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/scripts/ Frame 3A2E 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/scripts/creative-1.0.6.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a44400fb88aaf018fb0e9aff450c4b708da545d38ab0317d6bc599f093e20030
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12516165214914619557/eC_Online_PERSOENLICH_728x90/eC_Online_PERSOENLICH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 07:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180756
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
855
x-xss-protection
0
last-modified
Tue, 09 Feb 2021 19:34:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 07:14:49 GMT
generate_204
tpc.googlesyndication.com/ Frame D809 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?WxmNWw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=iw.omatomeloanhikaku.com&sn=&cd1=desktop&cd2=0&cd3=native&cd4=1101801&cd6=11&ic=0&tgt=0&app=&wi=679&he=382&test=&d36=6.1.4&apppkg=&fv=3&proto=https&pid=5ac2203f073ef46a6856c7b0&cid=60ad238b92aa2272e1594459&stagid=&stplid=&e=inventory&vi=0&cb=1644485245889
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.48.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-48-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:25 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
go1.aniview.com/api/adserver/tag/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=desktop&AV_CUSTOM1=undefined&AV_CDIM2=0&AV_CDIM3=native&AV_CDIM4=1101801&AV_CDIM5=&AV_CDIM6=11&AV_CUSTOM2=67&AV_CUSTOM3=The%20World%27s%20Fastest%20Supercomputer%20Is%20Back%20In%20America&AV_CUSTOM4=2&AV_CUSTOM5=7&AV_CUSTOM6=3&AV_CUSTOM7=7&AV_CUSTOM8=40&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&AV_CHANNELID=60ad238b92aa2272e1594459&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=iw.omatomeloanhikaku.com&AV_DADPOS=3&d36=6.1.4&responsive=1&sver=1&avtoken=245888&AV_WIDTH=679&AV_HEIGHT=382&AV_DNT=0&cb=1644485245909
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.70.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-70-99.compute-1.amazonaws.com
Software
/
Resource Hash
a0b9f4766c764286fc31c8bf1158cc5f2cbdb3d02ee8c24a258fd151c8c63495

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://iw.omatomeloanhikaku.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Sat, 29 Jan 2022 19:40:46 GMT
/
c.mgid.com/vs/ 		43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?tid=601&iid=1101801&e=adinventory&o=%7B%22timeOffset%22%3A0%2C%22adPlayer%22%3Anull%2C%22uuid%22%3A%22%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%2C%22tt%22%3A%22Direct%22%7D&t=0&c=16500&h=fv7N9V1QI5A_wyi9Ke8AfW_MHmXami5An1IhDh5Ltfzw7epFz9InYqa6zAHWsa7C
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6db44d32fae06921-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js
pagead2.googlesyndication.com/bg/ Frame 2EB1 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e751e56a80eafc3eae652801cd95947a621fa19d13b51e8ae2ba8ca92809b824
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 08:14:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
4364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13873
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Feb 2023 08:14:41 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2736 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7R37ZoYz-r86Eql6jM8BkMfEvPWvLp2cw5t6jI27fcQ80Lk6Qolj5UXB8cV7sx3jlbjUj-Yn6CWNAqJy3PFs1qXyXJl-NCAti2eosKQEgWmlRA0H9p0Ykg__nUtp3g2IxwLH3EKGhwFChcpoHs9Iypnw3NJW-0mhjs9o5Tyk4n5MO8AzlG6s3BtOnc9o-U_MqE4xTpEiU88jWaHj4EhSs20lu3e0b6Zknq-v_bCLRU2XHGdm-uIfn8IbH032ETI5jbUGsWEqQhdCM54Q772Cr-akCgwt8HNZRRxpboN4Jp739ET72yKgIqd5O5ERHEIWSTUu3qLX2Iz3wSkkYDnFIAZFjZw1EqCnHCApIv_KWgt8jgLjgq0nM1Ky9o_3FsiJLA5_UPtzVOs9-L_EsihnRmiSkqLeCiHExLPRHjmCxycLBMJqXya6YCWxyov21tPRNBLZCIClz1nvZCl9zwRbBPRlYKXzZEsG6DW3vfJBVQG-YvxkbnCnbYysLOH7S0lYzTlKwjpBs1CyIrQXq0kbD4cn_W6By8mlaqmVZ_l3Cz4QEf0r5iMTcPqyZo6aPNGBiu-M-wYkrClNiY_LfNdjlarBfxq5c27dwMzjg9MrZb7gLiHdVHyZomkbq8PdSfSCQgZS-Hxye8Ztj4X1kHHN8nvvnf-h6kVlUhLrYxOoCb6tDIKPMzxdAPzn7avdQbWrHtg1JVbjH2uS3jF7BalectPVT727N6ejjOJsWKB6y-mVHDp8ZQgHOTtzqZ0FWbhdPhaqYKuhIrRhDy6htzTbD4llnpAd36GFkbAV-bWAdwdN-_H_8Fz9uzVeQTjgNZ1KZxOM6n_6xO2cAUI-KAvhAgQPl-1sxKkbyo2xbpGibr3d7zfyYztUW6zL4H6U9z1_-7K_QSO3fc4twJJJi0qWLSiLplUl5q2Vfv195_pF7SLToLzMunTuLJkIQOnAQulIbOY8NFQajOa1nBaDzuvR2RTjqSkz074-nfVxOD7XFm2n_QoyyS-sU4U5ZIWuAh_h2e0WU02Wzysoy9erzdqL1Pi9PWcr2Ju_rJM8qa_LoqPU4C5ui90G8i7QxBAttS5SksDMB7TtlwBbPjdgAFDZYsPk71e0k5L5Fk0nCNlwbelkjUcRPPCzPBdfFbmpcSjUG3lyCJl_zfElPqja9x9vCdt-72uVk5aU-XIsi0-FQ6d5qkaIpV8Q2MoxWntpM7GuhHac_Ec_4sBsEQAuzdV_n5t81tFhP6tmiKFUQIHNvRaBPcCodqZ5Oef6P7vyoww4&sai=AMfl-YQcvCgT0Y_7wqAx3XK-VwDDQ194l3uLLw6VdwNx4Ram9n3V4ct0vh4EZs9Q6DCHhx0xuYIUyuZ-Uf5hJT_pyS7BQnGfZC5b8Zsj2a_Dk2F-cgj0eN5JOu2NYX2ZsBeah1gil7yomxgxIghs1nF6o74f5DDYHP4cNHw8C-E&sig=Cg0ArKJSzGfmKQaFN3d8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=415&vt=11&dtpt=275&dett=3&cstd=138&cisv=r20220208.88598&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Feb 2022 09:27:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
container.html
309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 165C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 10 Feb 2022 09:27:25 GMT
expires
Fri, 10 Feb 2023 09:27:25 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/ Frame C2CD 		156 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/index.html
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5049956f393ca7e8ec02a85d189653330a75ecd27153d79e0ba9ff0f4dd3ae46
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
date
Tue, 08 Feb 2022 06:22:15 GMT
expires
Wed, 08 Feb 2023 06:22:15 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 01 Feb 2022 16:51:59 GMT
content-type
text/html
content-length
27488
age
183911
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ai.aspx
m.exactag.com/ Frame 165C 		43 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://m.exactag.com/ai.aspx?extProvId=5&extPu=30854-gaw&extLi=16073138603&rnd=2493344485
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection
close
X-ET-Monitoring
1
Content-Length
43
Pragma
no-cache
X-ET-Code
0
Last-Modified
Do, 10 Feb 2022 09:27:26 GMT
Server
Microsoft-IIS/8.5
Date
Thu, 10 Feb 2022 09:27:26 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1645
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 165C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CWU8FfdoEYsCfDYLJ3gPKpbLICPaB9qJo9I6v4oQPv-EeEAEgqoDDImCV4pCCoAegAbv7wtkDyAEJqQJF4ABXsSuzPuACAKgDAcgDCKoEqgJP0LJ91Dk4MPcLvsyINlUSikrFtI2s-9R2CHcg6agmxCC8ok38BKPFBPcZMETi0edz0kLzAZPuqutrRy3faTNmFvStXUgcgUDKS4nXHLDaYVFWU6B2eiRNXGNW_e2IPP__M0TMlbN0hC6hd7JjV6rvE3JPmn581Tmffgo0uvSU6fPPfhUBTNV6u9PBvK1yxddUGwgGH-OVqMA0j6O33HfWB2rPJnoPFCB-zOXBYYQlhRYKwTjdO42UzB2UTeNwFE2LJ4a_RvS-8iy-S9H9cUGno7zObuFr3AKYoUtFwjOtGKYvuohjGWI9g8NKu4XqDlXJxOxSbqCsS6vQLzJatgQ0BjxGjVRwQNmw-Qwk5vzI-7I3CNqLMlGMzWRPLoLK3NhnsJsLg6sRJFgrwATtjIKT7QPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHoYCOJKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEIGhDtIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tMzQyMzc0ODM1MDE3NTc5OIAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi01NTEyMzkwNzA1MTM3NTA3GJLvIQ&sigh=gvQTB1E6LYQ&uach_m=[UACH]&template_id=419
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/ Frame 165C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/abg_lite_fy2019.js
Requested by
Host: 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
URL: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:22:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
272
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7817
x-xss-protection
0
server
cafe
etag
7051432691878289762
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Feb 2022 09:22:54 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 165C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/window_focus_fy2019.js
Requested by
Host: 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
URL: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:26:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Feb 2022 09:26:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 165C 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
URL: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38562
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644410386637351"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Feb 2022 09:27:26 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 165C 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
URL: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6367
x-xss-protection
0
server
cafe
etag
17798303060702513824
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Feb 2022 09:26:29 GMT
l
www.google.com/ads/measurement/ Frame 165C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRMM4OsJEj92fBfdSE4w4Tw1JUntA20r5zSF7ZmSXaG1y3ox2syYassTpKagkK8gJd5oALum_u3Kgq6DKQXXac_HpGMIQ
Requested by
Host: 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
URL: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2EB1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bv9YsfdoEYtH2GJvMgAeM4K-4CAAAAAA4AeAEAg&bg=!0dKl0pbNAAbS3PJy0tw7ACkAdvg8Wr0nYBJGWT8TiWQFEsSbRmxI2C61rXSUJ0K4x1C2bJ0MvirnrwIAAAChUgAAAAJoAQeZAtwzZ_aeHWXG9tJRgspxNDjoEu8wpBSS07itCDetS5zh80Q3XpI07KWVXNHAwNGiR7Yxg_Evt47s2hx1sgY6-fG_jGC1ivD_rpOmVnk-u50n-oESoqe9r2EzD6LYuq6LyiLdDM4wc2BeFkR1U7yFAdCQqIKsKyeMu56dJlV_AgmYFogveP5V_nFi9x-tPi-uX2fOYLVjhi4ZIdy3IryxfA6MOEWu6XriuNgqKMlaF1bZ7jVUs3x7T8Wwo2Cvupb90IIYC02PYcBh4ROjLgUPnOh-e4RcdkLESShGXZdc8-PDSrB_04Jn38UJzQPIlLyMKjRk2CIPcYmheEqf9IA2CtJNnt98-EPT3kll4ZbLG1DR54IYeyt15yrIPj5D4ixHX4HO2QG7fPIHTitT8LNSIG-yYkZWgncnOOpGXAFA_8c4ek9j45xoRe5C-u-WFIFtM0Ujzq9USGlm6A-u7f7i9UZxEj5vi6mmVAaq5XHI3-NOUtP5bPwKWCWte7EwJKNk5ssfd5rlm2PYCpGsicZlY30Ob89bt5vL2cC4CbrzPQ_E2N_mj7t7q9IgtKcGN25xfCEfDCV8Kt-6F-naYRBbJgnzaXgyMYPYlIP67L5yNvZFQxng2vtqeWcMcAiJR7BhkWCapv0U-qrcqGl9TnVy6uRtVNeAKrVJ9QpKZ8gHM4XQSD7xRMMwTcOmp3zGLvb-KQMZEm6vwqwMWKqWivfnro017gFRPjYemefIwDe8tdncPA4GHwe6JAhkiFhOG0sWUGga28bMjDrSjftKbB_D9VUcU6AdbfCAc6x_vXI3ssx_sXNVxEpse0R4SCx1KGJI7vY_9xp6YClJXfY1kfHF8SPAnsD2hxBnhtKBkUBDr7SSoLype0vSVaPLln2EXs1Ecu57iabicPnvBjRvPvXvX3BrjEaHH7P-XZCWqXlg4iGK0RC5dfA0bWDK6R5AcprBKwLVUEODpu_kuwe4bSg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ Frame C2CD 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 10:09:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83859
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Feb 2023 10:09:47 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C2CD 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 04:22:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18273
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 11 Feb 2022 04:22:53 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C2CD 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 14:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68720
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 10 Feb 2022 14:22:06 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 17CC 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
URL: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Thu, 10 Feb 2022 09:03:07 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
1459
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1
serving.viewtraff.com/v1/placements/J2op30f7Jk5B/code/vpaid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://serving.viewtraff.com/v1/placements/J2op30f7Jk5B/code/vpaid/1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.128.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap16.adplayer.pro
Software
nginx /
Resource Hash
a07c49b31c6f7aa41a45f4118a02210f0e748ae87695d2bdb452ffadff7d50db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:26 GMT
content-encoding
gzip
server
nginx
srvb
127.0.0.1:8082
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET
content-type
application/xml;charset=UTF-8
access-control-allow-origin
https://iw.omatomeloanhikaku.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
srvf
144.76.128.227
/
ads.viralize.tv/vast/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/vast/?zid=AADqeagKps_2jM40&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&cs=&gdpr=1&cbb=4485246239
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
54beae4e35e4882799778a41c51f55469c4dcab790240252f9ead3ba7f95dc79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:26 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://iw.omatomeloanhikaku.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
expires
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=iw.omatomeloanhikaku.com&rs=iw.omatomeloanhikaku.com&sid=81348&t=1644485246&cip=185.213.155.163&sn=&tgt=0&osv=10&bv=98.0&brn=Chrome&wi=679&he=382&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1644485246168-950310148444-006317-015-001355&cha=0.7&stagid=&stplid=&d35=&d36=6.1.4&cb=83768727350&cd1=desktop&cd2=0&cd3=native&cd4=1101801&cd6=11&d9=1000&d37=realtime&AV_WIDTH=679&AV_HEIGHT=382&nid=5ac2203f073ef46a6856c7b0&ncid=60ad238b92aa2272e1594459&e=request&cb=1644485246240&asid=60ae36aecd9acb73fe1a1867%2C60ad2564af4e6d580351ce36%2C60ae3776eb9dd019f533d628%2C60ae36ab1af4fe0b906a70a9%2C60a4dc5bdabbf34a5360f365%2C60ae3778d8e0b33df20060c4%2C5f6da35a57c64938c212257f&ofpr=%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.48.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-48-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 17CC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
URL: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 10 Feb 2022 09:27:26 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 10 Feb 2022 09:27:26 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 10 Feb 2022 09:27:26 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 165C 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01bb3fe27a750e994f702952de2250539e12a2c5092c3e2c65130c3c0fe5a0e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
Logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/ Frame C2CD 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/Logo.png
Requested by
Host: 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
URL: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
603c9b7f5674dcc498ef3c6bddf672a912aff520290062561f1908876f123635
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
522339
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7180
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 16:51:59 GMT
server
sffe
date
Fri, 04 Feb 2022 08:21:47 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 04 Feb 2023 08:21:47 GMT
cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/ Frame C2CD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/cta.png
Requested by
Host: 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
URL: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5166bb282f20509cb3980dc5140a237203b4aea8aa365fd3ec901cf0427276f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
163897
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2384
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 16:51:59 GMT
server
sffe
date
Tue, 08 Feb 2022 11:55:49 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 08 Feb 2023 11:55:49 GMT
Trip.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/ Frame C2CD 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/Trip.png
Requested by
Host: 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
URL: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0866609eccae538f95bb592b446bf6f50abfa6468eb49fb5d0f019336100d75e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
99858
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2604
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 16:51:59 GMT
server
sffe
date
Wed, 09 Feb 2022 05:43:08 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 09 Feb 2023 05:43:08 GMT
txt_Destination.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/ Frame C2CD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/txt_Destination.png
Requested by
Host: 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
URL: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c88540ecee687ff6bac38fa3e38cbf2abbf63c73cf7ecce02d54e8cff46c490
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
54210
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1700
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 16:51:59 GMT
server
sffe
date
Wed, 09 Feb 2022 18:23:56 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 09 Feb 2023 18:23:56 GMT
txt_Angebot.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/ Frame C2CD 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/txt_Angebot.png
Requested by
Host: 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
URL: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f026ded3d8bbdac78b0875ed587a00c29a73974de78c6f7465d8502d65492daa
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
522339
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4005
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 16:51:59 GMT
server
sffe
date
Fri, 04 Feb 2022 08:21:47 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 04 Feb 2023 08:21:47 GMT
txt_inkl.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/ Frame C2CD 		209 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/txt_inkl.png
Requested by
Host: 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
URL: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a99be886ba034a77b8017cf97e038b031f9cb7c1b2a856accd5bb6a865fe035
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
522339
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
209
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 16:51:59 GMT
server
sffe
date
Fri, 04 Feb 2022 08:21:47 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 04 Feb 2023 08:21:47 GMT
HL_2a.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/ Frame C2CD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/HL_2a.png
Requested by
Host: 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
URL: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b605d2f41ade51c3da43217e21cab87f6cf2a6fad18cda5d28ef58bd403f930
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
164587
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2351
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 16:51:59 GMT
server
sffe
date
Tue, 08 Feb 2022 11:44:19 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 08 Feb 2023 11:44:19 GMT
Motiv_action_2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/ Frame C2CD 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/Motiv_action_2.jpg
Requested by
Host: 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
URL: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0a4f428e1492da2aeba5b402613e0641caddd6561da9fd4ad01bea041ac02d6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
522339
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35365
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 16:51:59 GMT
server
sffe
date
Fri, 04 Feb 2022 08:21:47 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 04 Feb 2023 08:21:47 GMT
HL_1a.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/ Frame C2CD 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/HL_1a.png
Requested by
Host: 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
URL: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46eae9ed23dfba726f9954898b6874564e9070e2785de701fb0e3146d93fc6df
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
522339
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2565
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 16:51:59 GMT
server
sffe
date
Fri, 04 Feb 2022 08:21:47 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 04 Feb 2023 08:21:47 GMT
Motiv_action_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/ Frame C2CD 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1035796082874087593/Motiv_action_1.jpg
Requested by
Host: 309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
URL: https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ad8839b0b8f2e961293a559ef5411d3e37d598ecc687c2a0e2c36bd2f101ac6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
152107
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57833
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 16:51:59 GMT
server
sffe
date
Tue, 08 Feb 2022 15:12:19 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 08 Feb 2023 15:12:19 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BEFC 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthgj8BAQrCC_9KwVdK0HmOZugNoGyyXYH74IqcjbbcE3edVCMsi8l1RJpFLk6lbCrdqOpEjUoHhC_NO14QTDYSeFAbbzb7d1ul2xiV0Sx1upKtBP-UVw&sai=AMfl-YR_camyh8CgSroswaviJHJHGvRB9yK4gAy_zz2NBB4mkydqkgtIT08c4WXChs61VEioQG3LGqvAL_7yG5pt4WnZ955tOdNMASFvqpgrN6DYQaK6afYcbTcP94U66MA&sig=Cg0ArKJSzIbf6ZU2lTO7EAE&id=ampim&o=246,718&d=728,300&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=397&tls=1398&g=69.9999988079071&h=69.9999988079071&tt=1398&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=3112319897
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020301&jk=2624235579341539&bg=!-Pul-7_NAAbS3PJy0tw7ACkAdvg8WpH7CV4aWcC73isQLLtlM_vSksc7Vmv0hF60C-e7cN2h1681UQIAAAEYUgAAAAhoAQcKAFAtjKPtJCeCKL6iXTt0PG6jJO6B36qN836f68QllUjh4ii8hwR70dLAn9ljtaifvuDvcRuNzI002ma9g-mD2UosN6P-m5xfA7AxKsQiYpvZRJkCg0sq9mWmI6hhjFd-Fjb_N8LOEZ6KHeGJA1S_fv-d12fJ8cDe8t7U-BYkZT5-xYlMYe--2PnZnZ4zpvQKkZKA0fKJAWD4zakGW-mi4S_ZbMAoFMfQHLujEA3opVIEzPYL6zBBxkPn0vHk1hpLf46c_lDjhM7WIRoNNhFuO7QFdFqGfbp2QFRzdCHDUCcMmCMQ__A1DUz5ykCZxnkGuH8wZhVGyg6CazrLn2MpFnVdt8l1CkKBhA7COB020JYBzMUQSIJNm4_Uml5M4q9d8M6hK80kwG5wKi7xu7j0mFCXWtptqOvvhz2kxkRWXTi1fP83dFkJboi_pK2J6S2KFoBMFA_NxHOiusidLLPB5TYa9pxJkHyTf2dXGy8awFbyhDwSh3aVHTS_imEK1PyqH6ld11L4-7GH1WYAuZVa8AN_53DNCoVFHZgnjwj-ZpNeAhydRp_3gl31sPyA_yFL0SURjrxBd2bUpNO3AAO0S6VO_5n6czefSzhBbiY-CO0bU_CIky5wcclZikfwF9VgdRIUVb07vFzYba_dc1q4eaR0uM4sh9k5qQuTJTt9ed-wA5Gw_PRC0pzb7ZdPwmayuE25AizwWqZp1RwIbBHI00KbzpsnylvdCFXGt4wr9KgzHyjP1D3w4cfQpKTQAQQWTZVPo6oyz-CuTijzvv09VKwNrXuTf_8m_JyRuVS75gaNAHCB5aidH89OTT8qp-xpU3agTvP9zYLJsVlAChrtAfz3wIu1ooz-0m5MFNgekyHg-ST1tWV_CxxPRc_TS-JAFOrgeI7d1RV0y24sfHChFjzEYuPzE4m1OzVhSqeoLCK2-86krqLLRspSjaeiVOVUhmDS5ETriLI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=iw.omatomeloanhikaku.com&rs=iw.omatomeloanhikaku.com&sid=81348&t=1644485246&cip=185.213.155.163&sn=&tgt=0&osv=10&bv=98.0&brn=Chrome&wi=679&he=382&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1644485246168-950310148444-006317-015-001355&cha=0.7&stagid=&stplid=&d35=&d36=6.1.4&cb=83768727350&cd1=desktop&cd2=0&cd3=native&cd4=1101801&cd6=11&d9=1000&d37=realtime&AV_WIDTH=679&AV_HEIGHT=382&nid=5ac2203f073ef46a6856c7b0&ncid=60ad238b92aa2272e1594459&e=bid&cb=1644485246531&asid=60ae36aecd9acb73fe1a1867%2C60ad2564af4e6d580351ce36%2C60ae3776eb9dd019f533d628%2C60ae36ab1af4fe0b906a70a9%2C60ae3778d8e0b33df20060c4%2C5f6da35a57c64938c212257f%2C60a4dc5bdabbf34a5360f365&ofpr=%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.48.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-48-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
viralize_vpaid.min.093edae1.js
static.viralize.tv/ Frame E60F 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.viralize.tv/viralize_vpaid.min.093edae1.js?e=ops
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
827d8eb3eb149555ede81026ead6b67fe055393ad4de57ab2feedaedb25223f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
content-encoding
br
cf-cache-status
HIT
age
1387944
x-guploader-uploadid
ADPycdsC0xzkE8jN1vFPC6VyAgtA4NPMginiCXPX_iHTJo4vpmCDSBHFTGEEsvkUFjQr6HT5P7PYzRbKT4Fhh9q5O-CxHSBhfw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 21 Jan 2022 14:24:42 GMT
server
cloudflare
etag
W/"093edae1546dfb3944b4fd6138612464"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=zUaEiQ==, md5=CT7a4VRt+zlEtP1hOGEkZA==
x-goog-generation
1642775082319046
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=2592000
x-goog-stored-content-length
67236
cf-ray
6db44d376a92904e-FRA
expires
Sat, 12 Mar 2022 09:27:26 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 2C71 		376 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127061
x-xss-protection
0
expires
Thu, 10 Feb 2022 09:27:26 GMT
/
sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/js/ 		2 KB
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/js/?r=62646106483
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
c81d385094258a16ed73e19cfef6b5ddd91ffcd692474281cc7b73b95f71a545

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
ac
www8.smartadserver.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?pgid=1473518&insid=5733718&tmstp=3811550915&out=js
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
6bb57686c77bc147d93f5012eee030116ae9d282651b872e477ab01108a87744

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:26 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i
5733718
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
pandg-sdk.js
pghub.io/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9cd1b5630bcc34ecc71dbcbdfe45ddb9ed3cb4c0464a2abeb76bcc490635e376

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 08:31:03 GMT
content-encoding
gzip
age
3383
x-guploader-uploadid
ADPycdsmXFIIaMZ6i_S47H8wdmQ49gC-eS4sZfy4uSIdbMkUFeT0FMC3ijhfvMm9VHmlBC8Mwggd-bgnknRZa9hi_Rq6FpaZtQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3637
last-modified
Mon, 22 Nov 2021 21:22:46 GMT
server
UploadServer
etag
"9f5012774da47c70284c82ae0ce443d7"
vary
Accept-Encoding
x-goog-hash
crc32c=oAHW2w==, md5=n1ASd02kfHAoTIKuDORD1w==
x-goog-generation
1637616166247508
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
3637
accept-ranges
bytes
content-type
application/javascript
/
ads.viralize.tv/player/ Frame E60F 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/player/?zid=AADqeagKps_2jM40&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&gdpr=1&cbb=4485246239&sid=01ec8a53a8f07626468717dc5d9eea61&experiment=ops.&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%22017ee2f57eb9410cc5b48632c9d4da90%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A9453%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A679%2C%22height%22%3A382%7D%7D&pub_platform=&dd=iw.omatomeloanhikaku.com&sc=1&gdpr=1&cs=&cmp=unavailable
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.093edae1.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
1081918bb45192c7512509c2349ebee409b4049bf71c15b2a6673037d0600570

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://iw.omatomeloanhikaku.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
raven.min.js
cdn.ravenjs.com/3.17.0/ Frame 5592 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.093edae1.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2017 16:58:06 GMT
server
Fastly
age
20236
etag
"51d6eff0ea5151f41fa0e2f3310fc7c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9634
polyfill.min.js
polyfill.io/v3/ Frame 5592 		101 B
586 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.093edae1.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b4c9b940ff725bf2c2c73932c44d43b5ca6aa4302cd2e0ee6648d80ffa52c3ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1440660
detected-user-agent
Chrome Mobile/98.0.4758
server-timing
MISS-CLUSTER, fastly;desc="Edge time";dur=23, HIT, fastly;desc="Edge time";dur=1
content-length
94
referrer-policy
origin-when-cross-origin
last-modified
Mon, 24 Jan 2022 14:41:42 GMT
date
Thu, 10 Feb 2022 09:27:26 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/98.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 5592 		376 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.093edae1.js?e=ops
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127061
x-xss-protection
0
expires
Thu, 10 Feb 2022 09:27:26 GMT
viralize_player.min.bae13cac.js
static.viralize.tv/ Frame 5592 		764 KB
224 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.viralize.tv/viralize_player.min.bae13cac.js?e=ops
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.093edae1.js?e=ops
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:9ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df15e4261812909e01681768fd203100a1cced276c27455e38bb04d7e993e2c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
content-encoding
br
cf-cache-status
HIT
age
502592
x-guploader-uploadid
ADPycduWoKAvDIwkU6A6PuXAuGwyk5cQW8lPhe9MYg29UVF2qQ8c7lU2k375DVB4Yfymrkymlt9D6vimRoZqQwjj7MV_SOgaSg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 04 Feb 2022 13:47:09 GMT
server
cloudflare
etag
W/"bae13cac007bb39fc5fc71aabeeb7987"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=kHKNJw==, md5=uuE8rAB7s5/F/HGqvut5hw==
x-goog-generation
1643982429257857
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=2592000
x-goog-stored-content-length
782712
cf-ray
6db44d37bf9b914c-FRA
expires
Sat, 12 Mar 2022 09:27:26 GMT
/
ads.viralize.tv/track/ Frame E60F 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?session_id=01ec8a53a8f07626468717dc5d9eea61:0&player_session_id=0&label=ad_opportunity&ver=12&reason=ok&type=event&category=player_session
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
auto-user-sync
ads.stickyadstv.com/ 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:26 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1644485246679041-593
Expires
Thu, 10 Feb 2022 09:27:26 GMT
bridge3.496.0_en.html
imasdk.googleapis.com/js/core/ Frame DB8E 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199641
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 09 Feb 2022 11:12:25 GMT
expires
Thu, 09 Feb 2023 11:12:25 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 28 Jan 2022 21:03:56 GMT
content-type
text/html
age
80101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 2C71 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Feb 2022 09:27:26 GMT
bridge3.496.0_en.html
imasdk.googleapis.com/js/core/ Frame 26A3 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199641
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 09 Feb 2022 11:12:25 GMT
expires
Thu, 09 Feb 2023 11:12:25 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 28 Jan 2022 21:03:56 GMT
content-type
text/html
age
80101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.496.0_en.html
imasdk.googleapis.com/js/core/ Frame 3DC0 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199641
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 09 Feb 2022 11:12:25 GMT
expires
Thu, 09 Feb 2023 11:12:25 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 28 Jan 2022 21:03:56 GMT
content-type
text/html
age
80101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.496.0_en.html
imasdk.googleapis.com/js/core/ Frame A41F 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199641
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 09 Feb 2022 11:12:25 GMT
expires
Thu, 09 Feb 2023 11:12:25 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 28 Jan 2022 21:03:56 GMT
content-type
text/html
age
80101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ Frame 2C71 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=iw.omatomeloanhikaku.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Feb 2022 09:27:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 1C47 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_X2nCu5U8kZ-Px5Q6x5KQJk7qI-CKRhIKbEdQTOzq1ZygqAgmHgNYcryUnCC0JXu4NigZLaZE0J8EgfbxjCl4_31gCOfiQKVx_LhmdreZ1GqaOoI0Tdy0V9WPxtEWGd5kKE3a_o0_VzgfYw&sai=AMfl-YRnTCxHHP95SuQSbiFHNGITIdChA9jmK1qReW_GO0pn5xfdqCYnh6-KSCoLHyS-MjwKI686D1Oee3ymP9rNh7_gpJaxzKGjqBhd7opaeOy8WtiyOSJp10gbUa9kaYzC&sig=Cg0ArKJSzA3ainwyZc10EAE&id=ampim&o=315,200&d=970,300&ss=1600,1200&bs=1600,1200&mcvt=1048&mtos=0,0,0,1048,1048&tos=0,0,0,1048,0&tfs=358&tls=1406&g=100&h=100&tt=1406&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=694568092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8923 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 08:41:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 10 Feb 2022 09:41:31 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 213B 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 08:41:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 10 Feb 2022 09:41:31 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FDF6 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 08:41:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 10 Feb 2022 09:41:31 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9D14 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 08:41:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 10 Feb 2022 09:41:31 GMT
polyfill.min.js
polyfill.io/v3/ Frame 5592 		101 B
136 B 		Other
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b4c9b940ff725bf2c2c73932c44d43b5ca6aa4302cd2e0ee6648d80ffa52c3ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1440660
detected-user-agent
Chrome Mobile/98.0.4758
server-timing
MISS-CLUSTER, fastly;desc="Edge time";dur=23, HIT, fastly;desc="Edge time";dur=1
content-length
94
referrer-policy
origin-when-cross-origin
last-modified
Mon, 24 Jan 2022 14:41:42 GMT
date
Thu, 10 Feb 2022 09:27:26 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/98.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
tag
pandg.tapad.com/ Frame 2EA9 		174 B
680 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pandg.tapad.com/tag?gdpr=0&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&owner=P%26G&bp_id=showheroes
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
/
Resource Hash
060767062ad5fa3986f0745cbe80ea466e1851782d36ae595c28ed6f99be35f8
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
strict-transport-security
max-age=31536000
content-security-policy
default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
access-control-max-age
300
access-control-allow-origin
*
content-type
text/html;charset=utf-8
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
174
via
1.1 google
alt-svc
clear
activeview
pagead2.googlesyndication.com/pcs/ Frame 2736 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHDMunm1MSw5SHXwD2XI76mVGCPGEvZo0MAUtp5WxPtyu-iWLoIKoPOS9NtKa6Mse-LYTrfQ3MK9PvaR7uchkJ2s4o7wIU7KpO82SGZeccuHXxyL3oow&sai=AMfl-YQLG5nu5ApKDu9xbx5AUtyo0B_dFYJmpIHS2F025erP6GIGN7_J15f_UFzu7HDvCe7TVNXY9F37_98mX76QzgizAjV-2MSMtZBI7a6D1PgysKgQc5k4_iG_dWcRGlE&sig=Cg0ArKJSzB-Jevc6PS_2EAE&cid=CAASFeRoLupHP0Gns5QQBLZUAlZvkFRr9g&id=lidar2&mcvt=1011&p=1110,436,1200,1164&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=183197058&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644485245026&rpt=711&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame AC92
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by
Host: www8.smartadserver.com
URL: https://www8.smartadserver.com/ac?pgid=1473518&insid=5733718&tmstp=3811550915&out=js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 10 Feb 2022 09:27:26 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
date
Thu, 10 Feb 2022 09:27:26 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
advast
ice.360yield.com/ Frame 5592 		27 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22424687&w=16&h=9&minduration=1&maxduration=60&player_width=679&player_height=382&referrer=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&gdpr=&vast_version=3&vpaid_version=2&video_format_type=instream&schain=1.0,1!viralize.com,4601,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.208.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-208-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
https://iw.omatomeloanhikaku.com
date
Thu, 10 Feb 2022 09:27:27 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
ads.viralize.tv/t-bid-opportunity/ Frame 5592 		0
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADqeagKps_2jM40&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ec8a53a8f07626468717dc5d9eea61&item=YWRuXzU4ODYqg0cNE4xGrA%3D%3D.1.1frhfavtl-vjb64mhe0do-YWRuXzU4ODYqg0cNE4xGrA%3D%3D-wp1sc1
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:26 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
receive
pixel.tapad.com/idsync/ex/ Frame 2EA9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=88e981c3-ac50-4758-bc23-fbf8847877d8&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=88e981c3-ac50-4758-bc23-fbf8847877d8&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1589c039-bcd3-43fa-9686-b1409c835603&ttd_puid=88e981c3-ac50-4758-bc23-fbf8847877d8
95 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1589c039-bcd3-43fa-9686-b1409c835603&ttd_puid=88e981c3-ac50-4758-bc23-fbf8847877d8
Requested by
Host: pandg.tapad.com
URL: https://pandg.tapad.com/tag?gdpr=0&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&owner=P%26G&bp_id=showheroes
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pandg.tapad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:27 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1589c039-bcd3-43fa-9686-b1409c835603&ttd_puid=88e981c3-ac50-4758-bc23-fbf8847877d8
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
347
usync.js
eus.rubiconproject.com/ Frame AC92 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4ae9d979637a1e78d1f68605d1b9f61a0264d31c75a1949d173fd0a396ffeb73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 09:27:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85063
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Fri, 11 Feb 2022 09:05:09 GMT
khaos.jpg
token.rubiconproject.com/ Frame AC92 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
280210
search.spotxchange.com/vast/2.0/ Frame 5592 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/280210?VPAID=JS&content_page_url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&cb=1644485246&player_width=679&player_height=382&gdpr=1&gdpr_consent=&custom[format]=instream&schain=1.0,1!viralize.com,4601,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 09:27:27 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000272
X-SpotX-Timing-SpotMarket
0.005317
X-SpotX-Timing-Page-Mux
0.000309
X-SpotX-Timing-Page-Require
0.000324
X-fe
104
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000033
Content-Length
77
X-SpotX-Timing-Page
0.009323
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000355
Last-Modified
Thu, 10 Feb 2022 09:27:27 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.005317
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://iw.omatomeloanhikaku.com
X-SpotX-Timing-Page-Misc
0.002699
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000014
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame 5592 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADqeagKps_2jM40&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ec8a53a8f07626468717dc5d9eea61&item=YWRuXzQ2MTnoFV5GeobRcA%3D%3D.2.1frhfavtl-vjb64mhe0do-YWRuXzQ2MTnoFV5GeobRcA%3D%3D-wp2sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame AC92 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=smartadserver
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif
ads
pubads.g.doubleclick.net/gampad/ Frame DB8E 		88 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21750935102%2Fmirs_li%2Fwarbletoncouncil.org&description_url=http%3A%2F%2Fwarbletoncouncil.org&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1359253377553039&sdkv=h.3.496.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2001021402&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.496.0&sid=0B2A3447-AE33-4801-9F5A-D38823B7CCEE&nel=0&eid=44750822%2C44752711&url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&dt=1644485247179&cookie=ID%3D2c3f6afc8a382174-228d3f3d3ccd000a%3AT%3D1644485244%3AS%3DALNI_MZq3MqGqBgoYKpZGU2Wf76RgnuQOw&scor=3586494259486623&ged=ve4_td1_tt0_pd1_la1000_er7151.270.7303.570_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
620fdb59ca5ff1b597c57a2c2078ffe79fa3ba0e63cf32b6a817d285fee09ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17413
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 26A3 		156 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21857590943%2Fwarbletoncouncil.org%2Fwarbletoncouncil.org_bid_0.7&description_url=https%3A%2F%2Fwarbletoncouncil.org%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=138164036927259&sdkv=h.3.496.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1551479724&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.496.0&sid=0B2A3447-AE33-4801-9F5A-D38823B7CCEE&nel=0&eid=44750822%2C44752711&url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&dt=1644485247191&cookie=ID%3D2c3f6afc8a382174-228d3f3d3ccd000a%3AT%3D1644485244%3AS%3DALNI_MZq3MqGqBgoYKpZGU2Wf76RgnuQOw&scor=3133306896159729&ged=ve4_td1_tt0_pd1_la1000_er7151.270.7303.570_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 3DC0 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21857590943%2Fwarbletoncouncil.org%2Fwarbletoncouncil.org_bid_1&description_url=https%3A%2F%2Fwarbletoncouncil.org%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1786115598552678&sdkv=h.3.496.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=491033499&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.496.0&sid=0B2A3447-AE33-4801-9F5A-D38823B7CCEE&nel=0&eid=44750822%2C44752711&url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&dt=1644485247198&cookie=ID%3D2c3f6afc8a382174-228d3f3d3ccd000a%3AT%3D1644485244%3AS%3DALNI_MZq3MqGqBgoYKpZGU2Wf76RgnuQOw&scor=4220665581556531&ged=ve4_td1_tt0_pd1_la1000_er7151.270.7303.570_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame A41F 		85 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F43356090%2Fca-video-pub-9597688850300628-tag%2Fmg_warbletoncouncil.org_video2&description_url=https%3A%2F%2Fwarbletoncouncil.org&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=859866340433339&sdkv=h.3.496.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2392096385&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.496.0&sid=0B2A3447-AE33-4801-9F5A-D38823B7CCEE&nel=0&eid=44750822%2C44752711&url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&dt=1644485247209&cookie=ID%3D2c3f6afc8a382174-228d3f3d3ccd000a%3AT%3D1644485244%3AS%3DALNI_MZq3MqGqBgoYKpZGU2Wf76RgnuQOw&scor=3543059736695616&ged=ve4_td1_tt0_pd1_la1000_er7151.270.7303.570_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
1196b27617f354651cb353c909897550e76f614965d88ed3e5b55b6520cc2719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17050
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ads.viralize.tv/track/ Frame 5592 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec8a53a8f07626468717dc5d9eea61%3A0%3A1frhfavtl-vjb64mhe0do-YWRuXzU4ODYqg0cNE4xGrA%3D%3D-wp1sc1%22%2C%22bid_opportunity_id%22%3A%221frhfavtl-vjb64mhe0do-YWRuXzU4ODYqg0cNE4xGrA%3D%3D-wp1sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 5592 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.1&zoneId=11644337&domain=omatomeloanhikaku.com&loc=omatomeloanhikaku.com&_fw_gdpr=1&_fw_gdpr_consent=&schain=1.0,1!viralize.com,4601,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
de8b77e97fd76a9c3ee5cdacb7cc6952ea948a06437315da5acb5ea493e1d64c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://iw.omatomeloanhikaku.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1364
x-sticky-va
1
x-sticky-vk
1644485247166050-391
Expires
Thu, 10 Feb 2022 09:27:27 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame 5592 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADqeagKps_2jM40&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ec8a53a8f07626468717dc5d9eea61&item=YWRuXzUwODRLv_YXhdGGrQ%3D%3D.3.1frhfavtl-vjb64mhe0do-YWRuXzUwODRLv_YXhdGGrQ%3D%3D-wp3sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/t-bid-done/ Frame 5592 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-done/?zid=AADqeagKps_2jM40&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&t=adn&gcid=YWRuXzUwODRLv_YXhdGGrQ%3D%3D&bid_opportunity_id=1frhfavtl-vjb64mhe0do-YWRuXzUwODRLv_YXhdGGrQ%3D%3D-wp3sc1&l=vpaid&as=stickyADStv&ct=application%2Fjavascript&sid=01ec8a53a8f07626468717dc5d9eea61
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame C856 		337 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.bae13cac.js?e=ops
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6f0a26c236d11ec79660cb5546d7377a67bad88d2c9b607d2f4a54e2c8b1f440

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 09:27:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jan 2022 13:58:10 GMT
ETag
"1643119090"
X-HW
1644485247.dop018.am5.t,1644485247.cds134.am5.shn,1644485247.dop018.am5.t,1644485247.cds152.am5.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
116304
/
ads.viralize.tv/track/ Frame 5592 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec8a53a8f07626468717dc5d9eea61%3A0%3A1frhfavtl-vjb64mhe0do-YWRuXzQ2MTnoFV5GeobRcA%3D%3D-wp2sc1%22%2C%22bid_opportunity_id%22%3A%221frhfavtl-vjb64mhe0do-YWRuXzQ2MTnoFV5GeobRcA%3D%3D-wp2sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ec8a53a8f07626468717dc5d9eea61%3A0%3A1frhfavtl-vjb64mhe0do-YWRuXzUwODRLv_YXhdGGrQ%3D%3D-wp3sc1%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fiw.omatomeloanhikaku.com%2F&domain=iw.omatomeloanhikaku.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=DTCeTnx3cXpNQ3Q4T09ka2xTcExQZHM0MFZHVG1tRUptTU5VeGtlQ3JsT1h5VFl5ZjVLUnp6SEVSMm5ncWl5MkNlZTI5MzFGYmdJcFAySXN0NTVGSEg4dUg1TkhWNTZLVEhEcDZMWlpMbXo5dXhoU1pjWjd1ZWRGREtUMz...
363 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=DTCeTnx3cXpNQ3Q4T09ka2xTcExQZHM0MFZHVG1tRUptTU5VeGtlQ3JsT1h5VFl5ZjVLUnp6SEVSMm5ncWl5MkNlZTI5MzFGYmdJcFAySXN0NTVGSEg4dUg1TkhWNTZLVEhEcDZMWlpMbXo5dXhoU1pjWjd1ZWRGREtUMzhtajFCNVNFckt2Yno3M1lqUUl3UzZVYVNuMkJUcFcwU2M0Vnl4Nk5OS0xySzBLNG4yMXhWMnV0VGxRMGFRT05QZlN5RW5yeW5mNUJza0dyUWhrNHVRTWpkbWtKZTdMQzBXb0k3Mmhwc2FzU0JWd0FsY1F5V0t6MHgrcm5NU3VIUzJWcnFGNmxhfA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
16900cde90dd82eae8ac47a8ead13ead0659a2aa800e755f169d83164dfcf49b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:26 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2662
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:26 GMT
location
https://mug.criteo.com/sid?cpp=DTCeTnx3cXpNQ3Q4T09ka2xTcExQZHM0MFZHVG1tRUptTU5VeGtlQ3JsT1h5VFl5ZjVLUnp6SEVSMm5ncWl5MkNlZTI5MzFGYmdJcFAySXN0NTVGSEg4dUg1TkhWNTZLVEhEcDZMWlpMbXo5dXhoU1pjWjd1ZWRGREtUMzhtajFCNVNFckt2Yno3M1lqUUl3UzZVYVNuMkJUcFcwU2M0Vnl4Nk5OS0xySzBLNG4yMXhWMnV0VGxRMGFRT05QZlN5RW5yeW5mNUJza0dyUWhrNHVRTWpkbWtKZTdMQzBXb0k3Mmhwc2FzU0JWd0FsY1F5V0t6MHgrcm5NU3VIUzJWcnFGNmxhfA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://iw.omatomeloanhikaku.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1885
content-length
509
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fiw.omatomeloanhikaku.com%2F&domain=iw.omatomeloanhikaku.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://iw.omatomeloanhikaku.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://iw.omatomeloanhikaku.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1416
date
Thu, 10 Feb 2022 09:27:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
apacdex
sync.quantumdex.io/usersync/ Frame 5833 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bbd93b450d8df37e4931202917952ae76ebad2ccea40865c0992d024dc1ccf3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6db44d3bcc0b5c1a-FRA
content-encoding
gzip
apacdex
sync.quantumdex.io/usersync/ Frame C57E 		4 KB
936 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3598442b070ead236013265ddef871d20fbcff25b6c6680fedc8e9b7d1706ee

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6db44d3bcc105c1a-FRA
content-encoding
gzip
usersync
ssp.wp.pl/bidder/ Frame 43EC 		442 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/

Response headers

server
nginx
date
Thu, 10 Feb 2022 09:27:27 GMT
content-type
text/html; charset=utf-8
content-length
306
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
last-modified
Tue, 08 Feb 2022 11:09:41 GMT
vary
Accept-Encoding
usersync
ssp.wp.pl/bidder/ Frame 77CF 		442 B
436 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/

Response headers

server
nginx
date
Thu, 10 Feb 2022 09:27:27 GMT
content-type
text/html; charset=utf-8
content-length
306
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
last-modified
Tue, 08 Feb 2022 11:09:41 GMT
vary
Accept-Encoding
apacdex
sync.quantumdex.io/usersync/ Frame A1EF 		4 KB
924 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11fac9561c6b37f339cfc254e38322d2913afcb2f7512722352216b865bb9b52

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6db44d3bcc135c1a-FRA
content-encoding
gzip
apacdex
sync.quantumdex.io/usersync/ Frame 7E24 		4 KB
928 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4405c6c0ca03f8c68da38374caeb5f02e746e05512ab291a05535a517ec8c24a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6db44d3bcc0e5c1a-FRA
content-encoding
gzip
usersync
ssp.wp.pl/bidder/ Frame ED85 		442 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/

Response headers

server
nginx
date
Thu, 10 Feb 2022 09:27:27 GMT
content-type
text/html; charset=utf-8
content-length
306
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
last-modified
Tue, 08 Feb 2022 11:09:41 GMT
vary
Accept-Encoding
usersync
ssp.wp.pl/bidder/ Frame 2DA6 		442 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/

Response headers

server
nginx
date
Thu, 10 Feb 2022 09:27:27 GMT
content-type
text/html; charset=utf-8
content-length
306
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
last-modified
Tue, 08 Feb 2022 11:09:41 GMT
vary
Accept-Encoding
viewtraff.js
serving.viewtraff.com/player/ Frame E1AE 		310 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serving.viewtraff.com/player/viewtraff.js?adapter1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.128.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap16.adplayer.pro
Software
nginx /
Resource Hash
462cacf634bf4c5e2517e90e16d09ed7f0a7962ee023323598cb16f3a6a883cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
content-encoding
gzip
last-modified
Wed, 26 Jan 2022 09:48:30 GMT
server
nginx
etag
W/"61f118ee-4d7e0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
bridge3.496.0_en.html
imasdk.googleapis.com/js/core/ Frame 4C36 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199641
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 09 Feb 2022 11:12:25 GMT
expires
Thu, 09 Feb 2023 11:12:25 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 28 Jan 2022 21:03:56 GMT
content-type
text/html
age
80102
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ Frame 2C71 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=iw.omatomeloanhikaku.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Feb 2022 09:27:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=DTCeTnx3cXpNQ3Q4T09ka2xTcExQZHM0MFZHVG1tRUptTU5VeGtlQ3JsT1h5VFl5ZjVLUnp6SEVSMm5ncWl5MkNlZTI5MzFGYmdJcFAySXN0NTVGSEg4dUg1TkhWNTZLVEhEcDZMWlpMbXo5dXhoU1pjWjd1ZWRGREtUMzhtajFCNVNFckt2Yno3M1lqUUl3UzZVYVNuMkJUcFcwU2M0Vnl4Nk5OS0xySzBLNG4yMXhWMnV0VGxRMGFRT05QZlN5RW5yeW5mNUJza0dyUWhrNHVRTWpkbWtKZTdMQzBXb0k3Mmhwc2FzU0JWd0FsY1F5V0t6MHgrcm5NU3VIUzJWcnFGNmxhfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1194
date
Thu, 10 Feb 2022 09:27:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D712 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 08:41:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 10 Feb 2022 09:41:31 GMT
wpjslib-sync.js
std.wpcdn.pl/wpjslib/ Frame 77CF 		132 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
75d2911abe6e2bbdb07ce86a90ada9062b8a7fef977ca1b448e08de34780ec0f

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
content-encoding
br
last-modified
Thu, 10 Feb 2022 09:14:15 GMT
server
nginx
etag
W/"7f61cd9c91c2e6bc0448457cfc2c54dd"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib/ Frame ED85 		132 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
75d2911abe6e2bbdb07ce86a90ada9062b8a7fef977ca1b448e08de34780ec0f

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
content-encoding
br
last-modified
Thu, 10 Feb 2022 09:14:15 GMT
server
nginx
etag
W/"7f61cd9c91c2e6bc0448457cfc2c54dd"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib/ Frame 43EC 		132 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
75d2911abe6e2bbdb07ce86a90ada9062b8a7fef977ca1b448e08de34780ec0f

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
content-encoding
br
last-modified
Thu, 10 Feb 2022 09:14:15 GMT
server
nginx
etag
W/"7f61cd9c91c2e6bc0448457cfc2c54dd"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib/ Frame 2DA6 		132 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
75d2911abe6e2bbdb07ce86a90ada9062b8a7fef977ca1b448e08de34780ec0f

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
content-encoding
br
last-modified
Thu, 10 Feb 2022 09:14:15 GMT
server
nginx
etag
W/"7f61cd9c91c2e6bc0448457cfc2c54dd"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
truncated
/ 		630 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
1
serving.stat-rock.com/v1/log/js/ Frame E1AE 		35 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1644485247454.7485&type=INIT&placementId=J2op30f7Jk5B&tagId=&message=&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&t=70&v=102.1&w=ZGpL2Fo3ZQok&width=679&z=p%3Avp%3Bv%3AinBanner%3B&r=0.9179379411038378
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.231.160 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap11.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
https://iw.omatomeloanhikaku.com
date
Thu, 10 Feb 2022 09:27:27 GMT
srvf
95.217.231.160
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
t.mp4
serving.stat-rock.com/player/video/ Frame E1AE 		3 KB
3 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://serving.stat-rock.com/player/video/t.mp4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.231.160 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap11.adplayer.pro
Software
nginx /
Resource Hash
e80d56ecb1bf6466f69023c1aeda99091de79f7e74b2dba9737c46e7ae9dc900

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
last-modified
Thu, 20 Sep 2018 14:11:16 GMT
server
nginx
etag
"5ba3aa84-afd"
content-type
video/mp4
Content-Range
bytes 0-2812/2813
cache-control
public, max-age=31536000
Content-Length
2813
/
s.ad.smaato.net/c/ Frame 5833 		0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4e00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
O2fliHffUmFIufgMPHLdyKoFx-pZ9IuWsQwbIRM5Iwn6YGxkpYqfKA==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame 5833
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPa9bbd2fa-8a53-11ec-b624-022bbe974822
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa9bbd2fa-8a53-11ec-b624-022bbe974822
43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa9bbd2fa-8a53-11ec-b624-022bbe974822
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3e8a185c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa9bbd2fa-8a53-11ec-b624-022bbe974822
date
Thu, 10 Feb 2022 09:27:27 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 5833
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=9028095814554707635
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=9028095814554707635
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3d8f625c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7c4580ca-5a2d-4139-a92c-a8025c5125f9
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=9028095814554707635
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 5833
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=0640f26f-910a-42ba-ad36-94f726990e40
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=0640f26f-910a-42ba-ad36-94f726990e40
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3de8515c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=0640f26f-910a-42ba-ad36-94f726990e40
date
Thu, 10 Feb 2022 09:27:27 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 5833
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=9028095814554707635
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=9028095814554707635
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3e28e15c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4d0dd447-da9f-40ab-8033-52fd1815036f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=9028095814554707635
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 5833
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=2803d9fe-6136-794e-f6f6-1d11054da515
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=2803d9fe-6136-794e-f6f6-1d11054da515
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3f6bf85c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=2803d9fe-6136-794e-f6f6-1d11054da515
pragma
no-cache
date
Thu, 10 Feb 2022 09:27:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame 5833
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9a0d8f06-4278-5329-8b91-083ce995d243
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=9a0d8f06-4278-5329-8b91-083ce995d243
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3fed275c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=9a0d8f06-4278-5329-8b91-083ce995d243
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
us
sync.go.sonobi.com/ Frame 5833 		0
0
setuid
sync.quantumdex.io/ Frame 5833
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OlI4gmRE2uFhNxKDeipR8XuJ.qNYEAWS4AMBNxM-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OlI4gmRE2uFhNxKDeipR8XuJ.qNYEAWS4AMBNxM-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3e69af5c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OlI4gmRE2uFhNxKDeipR8XuJ.qNYEAWS4AMBNxM-~A
date
Thu, 10 Feb 2022 09:27:27 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
0.gif
id5-sync.com/i/495/ Frame 5833 		43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.202 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p37.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 09:27:27 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
pixel
ap.lijit.com/ Frame 5833 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 10 Feb 2022 09:27:27 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
pixel
ap.lijit.com/ Frame 7E24 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 10 Feb 2022 09:27:27 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
setuid
sync.quantumdex.io/ Frame 7E24
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OlI4gmRE2uFhNxKDeipR8XuJ.qNYEAWS4AMBNxM-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OlI4gmRE2uFhNxKDeipR8XuJ.qNYEAWS4AMBNxM-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3e69b05c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OlI4gmRE2uFhNxKDeipR8XuJ.qNYEAWS4AMBNxM-~A
date
Thu, 10 Feb 2022 09:27:27 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
s.ad.smaato.net/c/ Frame 7E24 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4e00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
pgC31rJsu6kqKWUUZDjFZuzM1rQNnMTa4JWu0OvUlVkMMjixf0itng==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame 7E24
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPa9bbd2fa-8a53-11ec-b624-022bbe974822
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa9bbd2fa-8a53-11ec-b624-022bbe974822
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa9bbd2fa-8a53-11ec-b624-022bbe974822
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3e8a205c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa9bbd2fa-8a53-11ec-b624-022bbe974822
date
Thu, 10 Feb 2022 09:27:27 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 7E24
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=9028095814554707635
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=9028095814554707635
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3e597f5c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
58f96751-ca3c-4eb8-ab8d-bf60d7497198
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=9028095814554707635
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 7E24
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c929dc51-4195-4f53-9dc6-263ae2c2ac66
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c929dc51-4195-4f53-9dc6-263ae2c2ac66
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3de8545c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c929dc51-4195-4f53-9dc6-263ae2c2ac66
date
Thu, 10 Feb 2022 09:27:27 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 7E24
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=9028095814554707635
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=9028095814554707635
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3de84f5c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
6c9fdbe4-d6d5-4171-8f05-9c2ae9b5b7c7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=9028095814554707635
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 7E24
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=4900d01a-01ce-bf36-59b4-f9b4156468cb
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=4900d01a-01ce-bf36-59b4-f9b4156468cb
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3f6bfa5c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=4900d01a-01ce-bf36-59b4-f9b4156468cb
pragma
no-cache
date
Thu, 10 Feb 2022 09:27:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame 7E24
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9a0d8f06-4278-5329-8b91-083ce995d243
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=9a0d8f06-4278-5329-8b91-083ce995d243
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3fed1c5c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=9a0d8f06-4278-5329-8b91-083ce995d243
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
us
sync.go.sonobi.com/ Frame 7E24 		0
0
0.gif
id5-sync.com/i/495/ Frame 7E24 		43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.202 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p37.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 09:27:27 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame C57E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=9028095814554707635
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=9028095814554707635
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3e69ab5c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d3d63b5e-3e07-4dc2-ad7d-73b55ee412f4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=9028095814554707635
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame C57E 		0
0
setuid
sync.quantumdex.io/ Frame C57E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OlI4gmRE2uFhNxKDeipR8XuJ.qNYEAWS4AMBNxM-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OlI4gmRE2uFhNxKDeipR8XuJ.qNYEAWS4AMBNxM-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3e69b55c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OlI4gmRE2uFhNxKDeipR8XuJ.qNYEAWS4AMBNxM-~A
date
Thu, 10 Feb 2022 09:27:27 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
0.gif
id5-sync.com/i/495/ Frame C57E 		43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.202 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p37.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 09:27:27 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
pixel
ap.lijit.com/ Frame C57E 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 10 Feb 2022 09:27:27 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
setuid
sync.quantumdex.io/ Frame C57E
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPa9bbd2fa-8a53-11ec-b624-022bbe974822
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa9bbd2fa-8a53-11ec-b624-022bbe974822
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa9bbd2fa-8a53-11ec-b624-022bbe974822
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3e8a1f5c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa9bbd2fa-8a53-11ec-b624-022bbe974822
date
Thu, 10 Feb 2022 09:27:27 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
s.ad.smaato.net/c/ Frame C57E 		0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4e00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
JDHarZeEMk155tSTlrDdYBEoh5ZKMtzPd58lKSaw8L4JPIrLwIfUWQ==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame C57E
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2b7014c7-41bf-4311-a412-973613a78deb
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2b7014c7-41bf-4311-a412-973613a78deb
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3de8555c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2b7014c7-41bf-4311-a412-973613a78deb
date
Thu, 10 Feb 2022 09:27:27 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame C57E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=9028095814554707635
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=9028095814554707635
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3e699d5c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
06286c3a-9aa9-4771-b65e-8ec50346b8f3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=9028095814554707635
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame C57E
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9a0d8f06-4278-5329-8b91-083ce995d243
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=9a0d8f06-4278-5329-8b91-083ce995d243
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3fed1f5c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=9a0d8f06-4278-5329-8b91-083ce995d243
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame C57E
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=75fb33a3-2b6b-e5b7-432c-d72bf9818913
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=75fb33a3-2b6b-e5b7-432c-d72bf9818913
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3f6bfb5c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=75fb33a3-2b6b-e5b7-432c-d72bf9818913
pragma
no-cache
date
Thu, 10 Feb 2022 09:27:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
origin
expires
0
/
s.ad.smaato.net/c/ Frame A1EF 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4e00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
VMXeq5eeRC7lGz5dmND_3le1MamnYJ2YJ4lW2DuuW2MRoLL03-ZNxA==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame A1EF
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPa9bbd2fa-8a53-11ec-b624-022bbe974822
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa9bbd2fa-8a53-11ec-b624-022bbe974822
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa9bbd2fa-8a53-11ec-b624-022bbe974822
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3e8a1e5c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa9bbd2fa-8a53-11ec-b624-022bbe974822
date
Thu, 10 Feb 2022 09:27:27 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame A1EF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=9028095814554707635
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=9028095814554707635
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3e08a75c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
98c2f1b4-9d0c-4231-b318-9ce85d4b920a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=9028095814554707635
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame A1EF
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=80717840-8dae-4661-9854-5dc6cd4eb7bc
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=80717840-8dae-4661-9854-5dc6cd4eb7bc
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3df8695c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=80717840-8dae-4661-9854-5dc6cd4eb7bc
date
Thu, 10 Feb 2022 09:27:27 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame A1EF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=9028095814554707635
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=9028095814554707635
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3e8a005c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7a256843-8c40-4454-b01c-37043c020b83
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=9028095814554707635
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame A1EF
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=5f40923c-e161-34b9-98d0-6ec184985b58
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=5f40923c-e161-34b9-98d0-6ec184985b58
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3f6bf95c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=5f40923c-e161-34b9-98d0-6ec184985b58
pragma
no-cache
date
Thu, 10 Feb 2022 09:27:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame A1EF
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=7b0a1856-21d4-5329-84c8-3ccfe6cce6b0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=7b0a1856-21d4-5329-84c8-3ccfe6cce6b0
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d400d5f5c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=7b0a1856-21d4-5329-84c8-3ccfe6cce6b0
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
us
sync.go.sonobi.com/ Frame A1EF 		0
0
setuid
sync.quantumdex.io/ Frame A1EF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OlI4gmRE2uFhNxKDeipR8XuJ.qNYEAWS4AMBNxM-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OlI4gmRE2uFhNxKDeipR8XuJ.qNYEAWS4AMBNxM-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3e69b95c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OlI4gmRE2uFhNxKDeipR8XuJ.qNYEAWS4AMBNxM-~A
date
Thu, 10 Feb 2022 09:27:27 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
0.gif
id5-sync.com/i/495/ Frame A1EF 		43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.202 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p37.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 09:27:27 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
pixel
ap.lijit.com/ Frame A1EF 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 10 Feb 2022 09:27:27 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
usermatch
ssum-sec.casalemedia.com/ Frame DD5C 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b652b1f80f7e54602c307a0131e1372d5a309720ed738446e0615a0d22013c44

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|241|73|176|4|105|47
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Thu, 10 Feb 2022 09:27:27 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
Content-Length
1489
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FAF7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=164116
expires
Sat, 12 Feb 2022 07:02:43 GMT
date
Thu, 10 Feb 2022 09:27:27 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame F3CD 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
pbsync
usermatch.targeting.unrulymedia.com/ Frame 3B2E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

server
Tengine
date
Thu, 10 Feb 2022 09:27:27 GMT
uc.html
sync.go.sonobi.com/ Frame D95C 		0
0
usermatch
ssum-sec.casalemedia.com/ Frame A742 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3d55f387a3d0bb31902057bd830c0c9007f071d0929bd4a1072b4554e6e26abc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|39|230|46|81|188|90|3
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Thu, 10 Feb 2022 09:27:27 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
Content-Length
1609
Connection
keep-alive
pbsync
usermatch.targeting.unrulymedia.com/ Frame 4A29 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

server
Tengine
date
Thu, 10 Feb 2022 09:27:27 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0BE5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=164116
expires
Sat, 12 Feb 2022 07:02:43 GMT
date
Thu, 10 Feb 2022 09:27:27 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame BCAB 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
uc.html
sync.go.sonobi.com/ Frame 91E2 		0
0
uc.html
sync.go.sonobi.com/ Frame 88E5 		0
0
usermatch
ssum-sec.casalemedia.com/ Frame E160 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d9678ed47e0fa9b82c9f4fd0e090ab6ca94eb2bb6827879b85bf2312f87a9c6a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|39|230|46|65|5|206|190
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Thu, 10 Feb 2022 09:27:27 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
Content-Length
1598
Connection
keep-alive
pbsync
usermatch.targeting.unrulymedia.com/ Frame 4A3C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

server
Tengine
date
Thu, 10 Feb 2022 09:27:27 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A31F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=164116
expires
Sat, 12 Feb 2022 07:02:43 GMT
date
Thu, 10 Feb 2022 09:27:27 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 3961 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
usermatch
ssum-sec.casalemedia.com/ Frame 1D8A 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf06e894abaa41a0be5d5d900fcef7b683a08479042c07a18305d119576438f5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|241|46|31|90|13|64
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Thu, 10 Feb 2022 09:27:27 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
Content-Length
1730
Connection
keep-alive
pbsync
usermatch.targeting.unrulymedia.com/ Frame BC09 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

server
Tengine
date
Thu, 10 Feb 2022 09:27:27 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9414 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=164116
expires
Sat, 12 Feb 2022 07:02:43 GMT
date
Thu, 10 Feb 2022 09:27:27 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 8385 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
uc.html
sync.go.sonobi.com/ Frame 39CD 		0
0
truncated
/ 		581 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27610c6febde0eab59f77460be3751d60ba33b1d7c4be656b8150a0320a6c818

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
c.mgid.com/vs/ 		43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?tid=601&iid=1101801&e=load&o=%7B%22timeOffset%22%3A0%2C%22adPlayer%22%3Anull%2C%22uuid%22%3A%22%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%2C%22tt%22%3A%22Direct%22%7D&t=0&c=27035&h=fv7N9V1QI5A_wyi9Ke8AfW_MHmXami5An1IhDh5Ltfzw7epFz9InYqa6zAHWsa7C
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6db44d3e3b8a6921-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pixel
cm.g.doubleclick.net/ Frame DD5C 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame DD5C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame DD5C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:28 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
EPYK7819MNQ8BFWG1ZB8
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:28 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
PAAN2B983XGFJGB9MK5N
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
YgTafWC6bcDOVUcfuefP4AAABLgAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame DD5C 		43 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YgTafWC6bcDOVUcfuefP4AAABLgAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:e7f2:7d0e:d8ab:42c4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
113
match.deepintent.com/usersync/ Frame DD5C 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
content-length
0
server
c
rum
dsum-sec.casalemedia.com/ Frame DD5C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4499828146938309866
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4499828146938309866
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Feb 2022 09:27:27 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4499828146938309866
pragma
no-cache
date
Thu, 10 Feb 2022 09:27:27 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame DD5C
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Feb 2022 09:27:27 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Thu, 10 Feb 2022 09:27:27 GMT
server
nginx/1.20.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame DD5C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=netShYYa1Ni5JB5&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=netShYYa1Ni5JB5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Feb 2022 09:27:27 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
Server
PingMatch/v2.0.30-702-g2925257#rel-ec2-master i-0a9739bdde9ce53f1@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=netShYYa1Ni5JB5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame DD5C 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3e9a325c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame A742
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:28 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
HH4V1PK341HYGTNT4ZJT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:28 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
H6BJXFK1ZGHX43DJ1B3Z
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A742 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame A742 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
secure.adnxs.com/ Frame A742 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame A742
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=NnlT52QqVLUtL1LhNHJO4jdyVOotKgLjMHsw5YN_
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=NnlT52QqVLUtL1LhNHJO4jdyVOotKgLjMHsw5YN_
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Feb 2022 09:27:27 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=NnlT52QqVLUtL1LhNHJO4jdyVOotKgLjMHsw5YN_
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
CookieIndex
rtb.adentifi.com/ Frame A742 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.103.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-103-226.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
no_match_opted_out
um.simpli.fi/ Frame A742
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 10 Feb 2022 09:27:27 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Thu, 10 Feb 2022 09:27:27 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Wed, 09 Feb 2022 09:27:27 GMT
crum
dsum-sec.casalemedia.com/ Frame A742
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=15416204-da7f-4e00-82f4-e5d7d6e42bef&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=15416204-da7f-4e00-82f4-e5d7d6e42bef&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Feb 2022 09:27:27 GMT

Redirect headers

Date
Thu, 10 Feb 2022 09:27:27 GMT
Server
MT3 4133 baa842e master cdg-pixel-x31 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=15416204-da7f-4e00-82f4-e5d7d6e42bef&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Feb 2022 09:27:26 GMT
setuid
sync.quantumdex.io/ Frame A742 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3edac15c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 1D8A 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 1D8A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 1D8A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:28 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
QF5R9X2JHVFZA3DX2RS1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:28 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
SWPYKDD7H7CKBWHZ4J89
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame 1D8A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
noop
px.owneriq.net/ Frame 1D8A
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6977716471259884758&uid=Q6977716471259884758&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 09:27:27 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Thu, 10 Feb 2022 09:27:27 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
no_match_opted_out
um.simpli.fi/ Frame 1D8A
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 10 Feb 2022 09:27:27 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Thu, 10 Feb 2022 09:27:27 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Wed, 09 Feb 2022 09:27:27 GMT
crum
dsum-sec.casalemedia.com/ Frame 1D8A
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Feb 2022 09:27:27 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date
Thu, 10 Feb 2022 09:27:27 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
rum
dsum-sec.casalemedia.com/ Frame 1D8A
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1647077247
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1647077247
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Feb 2022 09:27:27 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:27 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1647077247
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
setuid
sync.quantumdex.io/ Frame 1D8A 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3edad45c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame E160
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:28 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
79WBYWANZNB25Z7YHPPH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:28 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
8E8QFP80WPCACBE899J8
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame E160 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame E160 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
secure.adnxs.com/ Frame E160 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
rum
dsum.casalemedia.com/ Frame E160
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1644571647&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1644571647&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 10 Feb 2022 09:27:27 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1644571647&gdpr=1
pragma
no-cache
date
Thu, 10 Feb 2022 09:27:27 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
ix
ad4m.at/ad/sim/ Frame E160 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
sync
ups.analytics.yahoo.com/ups/55940/ Frame E160 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
getuid
ib.adnxs.com/ Frame E160 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
setuid
sync.quantumdex.io/ Frame E160 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YgTafWC6bcDOVUcfuefP4AAABLgAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db44d3eeaea5c1a-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=iw.omatomeloanhikaku.com&rs=iw.omatomeloanhikaku.com&sid=81348&t=1644485246&cip=185.213.155.163&sn=&tgt=0&osv=10&bv=98.0&brn=Chrome&wi=679&he=382&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1644485246168-950310148444-006317-015-001355&cha=0.7&stagid=&stplid=&d35=&d36=6.1.4&cb=83768727350&cd1=desktop&cd2=0&cd3=native&cd4=1101801&cd6=11&d9=1000&d37=realtime&AV_WIDTH=679&AV_HEIGHT=382
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.48.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-48-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 10 Feb 2022 09:27:28 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame FAF7 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69988463&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:27 GMT
content-length
0
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame C856 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1644485247847
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 09:27:27 GMT
Last-Modified
Tue, 25 Jan 2022 13:58:10 GMT
ETag
"1643119090"
X-HW
1644485247.dop126.am5.t,1644485247.cds152.am5.shn,1644485247.cds152.am5.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://iw.omatomeloanhikaku.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=57b5dcbf70304a121181dd202cce869d&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=pc02b_7063010354620447351
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NTdiNWRjYmY3MDMwNGExMjExODFkZDIwMmNjZTg2OWQ=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEGnPqZ4aIljgAPJLXhHHWxE&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=1589c039-bcd3-43fa-9686-b1409c835603
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=9028095814554707635
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/57b5dcbf70304a121181dd202cce869d?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Qj4NtX9E2oNWQydrRScZOH0HAqmOp4WFZC_5rawU~A
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=15416204-da7f-4e00-82f4-e5d7d6e42bef&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=netShYYa1Ni5JB5&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAEJCE7ECbUAAHMm7y_wrA&gdpr=0
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0
  • https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&_tes...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YgTagAAFIKBP5wBB&gdpr=0&_test=YgTagAAFIKBP5wBB
0
0
vast.php
spylees.com/ Frame E1AE 		2 KB
913 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spylees.com/vast.php?hash=2a5mfwDOczxlSv3y
Requested by
Host: serving.viewtraff.com
URL: https://serving.viewtraff.com/player/viewtraff.js?adapter1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.21.54.62 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.62.54.21.65.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
d3688869f9bb4dc29de7a8303c2148afefe6c745933f08697c5f77c61b476496

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
https://iw.omatomeloanhikaku.com
date
Thu, 10 Feb 2022 09:27:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.2
content-type
text/xml;charset=UTF-8
vast
ads.adlook.me/ Frame E1AE 		993 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adlook.me/vast?id=3895
Requested by
Host: serving.viewtraff.com
URL: https://serving.viewtraff.com/player/viewtraff.js?adapter1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.101.76.186 , Russian Federation, ASN48096 (ITGRAD, RU),
Reverse DNS
Software
Kestrel /
Resource Hash
3736f99a9483e4268510477ec659d5ffefdec496f4b52286c4e3f2cc14ebc931

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
https://iw.omatomeloanhikaku.com
date
Thu, 10 Feb 2022 09:27:27 GMT
access-control-allow-credentials
true
server
Kestrel
content-length
993
vary
Origin
content-type
text/xml
dav.xml
vast.mrpartner.net/ Frame E1AE 		0
0
1
cdn.laim.tv/v1/placements/zDMFhtuzzfw0/code/vpaid/ Frame E1AE 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.laim.tv/v1/placements/zDMFhtuzzfw0/code/vpaid/1?w=640&h=480
Requested by
Host: serving.viewtraff.com
URL: https://serving.viewtraff.com/player/viewtraff.js?adapter1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.128.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap16.adplayer.pro
Software
nginx /
Resource Hash
d943b3cf7508be07b88c773ef2dd1be29124b15e13a505bcfc4cc18af1e1c257

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:29 GMT
content-encoding
gzip
server
nginx
srvb
127.0.0.1:8082
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET
content-type
application/xml;charset=UTF-8
access-control-allow-origin
https://iw.omatomeloanhikaku.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
srvf
144.76.128.227
1
serving.stat-rock.com/v1/log/js/ Frame E1AE 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1644485247454.7485&type=REQUEST&placementId=J2op30f7Jk5B&tagId=-2_U23Ov-pa4&vtId=FyvCmNnMFjnt&message=&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&t=422&v=102.1&w=ZGpL2Fo3ZQok&width=679&z=p%3Avp%3Bv%3AinBanner%3Bc%3Avast%3Bt%3Aurl%3B&r=0.7281461553715145
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.231.160 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap11.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
https://iw.omatomeloanhikaku.com
date
Thu, 10 Feb 2022 09:27:27 GMT
srvf
95.217.231.160
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
1
serving.stat-rock.com/v1/log/js/ Frame E1AE 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?d=1&id=1644485247454.7485&type=REQUEST&placementId=J2op30f7Jk5B&tagId=mTpcjsxHmKFl&vtId=q4t9OHrjqiXy&message=&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&t=424&v=102.1&w=ZGpL2Fo3ZQok&width=679&z=p%3Avp%3Bv%3AinBanner%3Bc%3Avast%3Bt%3Aurl%3B&r=0.8474503479536051
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.231.160 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap11.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
https://iw.omatomeloanhikaku.com
date
Thu, 10 Feb 2022 09:27:27 GMT
srvf
95.217.231.160
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
1
serving.stat-rock.com/v1/log/js/ Frame E1AE 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?d=1&id=1644485247454.7485&type=REQUEST&placementId=J2op30f7Jk5B&tagId=0G602jni0bzZ&vtId=tCxVn-vRtZ19&message=&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&t=425&v=102.1&w=ZGpL2Fo3ZQok&width=679&z=p%3Avp%3Bv%3AinBanner%3Bc%3Avast%3Bt%3Aurl%3B&r=0.7134592670071
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.231.160 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap11.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
https://iw.omatomeloanhikaku.com
date
Thu, 10 Feb 2022 09:27:27 GMT
srvf
95.217.231.160
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
1
serving.stat-rock.com/v1/log/js/ Frame E1AE 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?d=1&id=1644485247454.7485&type=REQUEST&placementId=J2op30f7Jk5B&tagId=G-x3WLPmGvWY&vtId=ihZhpdwLi5lz&message=&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&t=425&v=102.1&w=ZGpL2Fo3ZQok&width=679&z=p%3Avp%3Bv%3AinBanner%3Bc%3Avast%3Bt%3Aurl%3B&r=0.958861966765725
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.231.160 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap11.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Origin
https://iw.omatomeloanhikaku.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
https://iw.omatomeloanhikaku.com
date
Thu, 10 Feb 2022 09:27:27 GMT
srvf
95.217.231.160
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
ads
pubads.g.doubleclick.net/gampad/ Frame 4C36 		85 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F43356090%2Fca-video-pub-9597688850300628-tag%2Fmg_warbletoncouncil.org_video&description_url=https%3A%2F%2Fwarbletoncouncil.org&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=297781276192217&sdkv=h.3.496.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2857042341&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.496.0&sid=0B2A3447-AE33-4801-9F5A-D38823B7CCEE&nel=0&eid=44750822%2C44752711&url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&dt=1644485247892&cookie=ID%3D2c3f6afc8a382174-228d3f3d3ccd000a%3AT%3D1644485244%3AS%3DALNI_MZq3MqGqBgoYKpZGU2Wf76RgnuQOw&scor=2744424838586326&ged=ve4_td2_tt1_pd2_la2000_er7151.270.7303.570_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
4c6a30fa3696284523f6e8ce354df59616782c648a70954d5175a279182ca2c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17028
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame C856 		301 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=11644337&loc=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
Server
nginx
Access-Control-Allow-Origin
https://iw.omatomeloanhikaku.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1644485247924000-349
Expires
Thu, 10 Feb 2022 09:27:27 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame C856 		67 B
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=11644337&loc=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&domain=omatomeloanhikaku.com&reqType=AdsSetup&_fw_gdpr=1&protocolVersion=2.0&_fw_gdpr_consent=&schain=1.0%2C1!viralize.com%2C4601%2C1%2C%2C%2C&auction=1&vav=4e1e4f4011c332764fcf37a0d9f3bddd&vaviv=da5c1214df20d42a8abae2a7e0a5b657&mustangVersion=1.12.3.1&focus=true&percentViewable=100&componentId=vpaid-adapter&playerSize=679x382&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:28 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://iw.omatomeloanhikaku.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1644485247889028-419
Expires
Thu, 10 Feb 2022 09:27:28 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTdiNWRjYmY3MDMwNGExMjExODFkZDIwMmNjZTg2OWQ=&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTdiNWRjYmY3MDMwNGExMjExODFkZDIwMmNjZTg2OWQ=&gdpr=0&gdpr_consent=
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTdiNWRjYmY3MDMwNGExMjExODFkZDIwMmNjZTg2OWQ=&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1644485247806090-431
Expires
Thu, 10 Feb 2022 09:27:27 GMT
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=57b5dcbf70304a121181dd202cce869d&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=57b5dcbf70304a121181dd202cce869d&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:28 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
H1AW4W2XJJAYEJ2MR0V0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:27 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=57b5dcbf70304a121181dd202cce869d&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1644485247940010-364
Expires
Thu, 10 Feb 2022 09:27:27 GMT
dav.xml
vast.mrpartner.net/ Frame E1AE 		195 B
754 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.mrpartner.net/dav.xml?block=4c0104fdb5f84bcf17c7b18e80a8aa4838
Requested by
Host: serving.viewtraff.com
URL: https://serving.viewtraff.com/player/viewtraff.js?adapter1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:cd38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32534e5d98aa0b5ce228cd01341b026e71dcd22a2e1a135b5627894b42c1e37a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
177
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vpzt3%2Fk7b%2F4lqyXGfLLERFYNKL722BdCybS0YVw3WWOYtqjjZZvowERbyZ4jCoZ7%2Bi5PNOFGNrlDz0mPvlIU2Rr%2BYKY9pvJ3BYnD2KwBevihPa4QHGElc03h1SYKTAQdtZxVjnKzSLOWcP1N8MQXVI8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/xml
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6db44d3fd95b9043-FRA
ac
www8.smartadserver.com/ Frame 5592
Redirect Chain
  • https://www8.smartadserver.com/ac?siteid=115779&pgid=1188694&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1644485246&vpw=679&vph=382&pgDomain=omatomeloanhikaku.com&gdpr_consen...
  • https://www8.smartadserver.com/ac?siteid=115779&pgid=1188694&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1644485246&vpw=679&vph=382&pgDomain=omatomeloanhikaku.com&gdpr_consen...
129 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=115779&pgid=1188694&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1644485246&vpw=679&vph=382&pgDomain=omatomeloanhikaku.com&gdpr_consent=&gdpr=1&schain=1.0%2C1!viralize.com%2C4601%2C1%2C%2C%2C&cklb=1
Protocol
HTTP/1.1
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:27 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://iw.omatomeloanhikaku.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:27 GMT
access-control-allow-origin
https://iw.omatomeloanhikaku.com
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://www8.smartadserver.com/ac?siteid=115779&pgid=1188694&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1644485246&vpw=679&vph=382&pgDomain=omatomeloanhikaku.com&gdpr_consent=&gdpr=1&schain=1.0%2C1!viralize.com%2C4601%2C1%2C%2C%2C&cklb=1
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
/
ads.viralize.tv/t-bid-opportunity/ Frame 5592 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADqeagKps_2jM40&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ec8a53a8f07626468717dc5d9eea61&item=YWRuXzQ0Mzkws_GtCGvh0A%3D%3D.4.1frhfavtl-vjb64mhe0do-YWRuXzQ0Mzkws_GtCGvh0A%3D%3D-wp4sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
shim.gif
creatives.sascdn.com/ Frame 5592 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/shim.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 09:27:28 GMT
Last-Modified
Fri, 17 Aug 2018 12:23:00 GMT
Server
Apache
ETag
"221d8352905f2c38b3cb2bd191d630b0:1534508580"
Content-Type
image/gif
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Fri, 10 Feb 2023 09:27:28 GMT
/
ads.viralize.tv/d-vast/ Frame 5592 		67 B
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/d-vast/?zid=AADqeagKps_2jM40&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&gdpr=1&cbb=4485246239&sid=01ec8a53a8f07626468717dc5d9eea61&experiment=ops.&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%22017ee2f57eb9410cc5b48632c9d4da90%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A9453%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A679%2C%22height%22%3A382%7D%7D&dd=iw.omatomeloanhikaku.com&sc=1&cmp=unavailable&wfp=5&rcx=460.3ce9104d.1.14
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
2c32c331c6e8de3b9aa3cfaec1cd5c295e848484d7925832a6aae6c2e0c3ea14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://iw.omatomeloanhikaku.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 5592 		1 KB
927 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156962&siteId=795658&adId=3435600&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=382&vw=679&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&cachebuster=1644485246
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
381fa821b9888f41540d9e146ed2579fe21e6282521c9cc8be5741afe5dece0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:28 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23df-5d77a515ac2dc"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://iw.omatomeloanhikaku.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
663
expires
Thu, 10 Feb 2022 09:27:28 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame 5592 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADqeagKps_2jM40&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ec8a53a8f07626468717dc5d9eea61&item=YWRuXzYwMzfISeiekxCBSA%3D%3D.6.1frhfavtl-vjb64mhe0do-YWRuXzYwMzfISeiekxCBSA%3D%3D-wp6sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame 5592 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec8a53a8f07626468717dc5d9eea61%3A0%3A1frhfavtl-vjb64mhe0do-YWRuXzQ0Mzkws_GtCGvh0A%3D%3D-wp4sc1%22%2C%22bid_opportunity_id%22%3A%221frhfavtl-vjb64mhe0do-YWRuXzQ0Mzkws_GtCGvh0A%3D%3D-wp4sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
/
ads.viralize.tv/t-bid-done/ Frame 5592 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-done/?zid=AADqeagKps_2jM40&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&t=adn&gcid=YWRuXzYwMzfISeiekxCBSA%3D%3D&bid_opportunity_id=1frhfavtl-vjb64mhe0do-YWRuXzYwMzfISeiekxCBSA%3D%3D-wp6sc1&l=vpaid&as=PubMatic&ct=application%2Fjavascript&sid=01ec8a53a8f07626468717dc5d9eea61
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 061B 		154 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795658&adId=3435600&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=382&vw=679&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&cachebuster=1644485246
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.bae13cac.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ce083536384cb4f54dcf9282db820a5d7efc360517e17812c2302b4f6b1d229b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
content-encoding
gzip
last-modified
Tue, 08 Feb 2022 04:40:34 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-2660e-5d77a51598671"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36683
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1D84 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795658&adId=3435600&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=382&vw=679&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&cachebuster=1644485246
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/

Response headers

last-modified
Tue, 11 Jan 2022 05:13:08 GMT
etag
"1302647-9687-5d547824a78f1"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13928
content-type
text/html; charset=UTF-8
cache-control
public, max-age=54110
expires
Fri, 11 Feb 2022 00:29:18 GMT
date
Thu, 10 Feb 2022 09:27:28 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 061B 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795658&adId=3435600&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=382&vw=679&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&cachebuster=1644485246
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
content-encoding
gzip
last-modified
Tue, 11 Jan 2022 05:13:08 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-9687-5d547824a78f1"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=54110
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13928
expires
Fri, 11 Feb 2022 00:29:18 GMT
/
ads.viralize.tv/track/ Frame 5592 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ec8a53a8f07626468717dc5d9eea61%3A0%3A1frhfavtl-vjb64mhe0do-YWRuXzYwMzfISeiekxCBSA%3D%3D-wp6sc1%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 061B 		27 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156962&siteId=795658&adId=3435600&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=382&vw=679&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+7+9+1+0+1+1+1+6&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&cachebuster=1644485246&us_privacy=&cb=1644485248286&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fiw.omatomeloanhikaku.com%252Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fiw.omatomeloanhikaku.com%252Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-2-10%209:27:28&ranreq=0.6935346866044223&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795658&adId=3435600&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=382&vw=679&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&cachebuster=1644485246
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://iw.omatomeloanhikaku.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
content-type
application/xml; charset=utf-8
track
aktrack.pubmatic.com/ Frame 061B 		0
0
track
aktrack.pubmatic.com/ Frame 5592 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156962&s=795658&a=3435600&ts=1644485248&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
content-length
0
content-type
text/html
/
adx.adform.net/adx/ Frame 5592 		0
0
/
ads.viralize.tv/t-bid-opportunity/ Frame 5592 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADqeagKps_2jM40&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ec8a53a8f07626468717dc5d9eea61&item=YWRuXzQzOTBg2Ns-vl2lxQ%3D%3D.7.1frhfavtl-vjb64mhe0do-YWRuXzQzOTBg2Ns-vl2lxQ%3D%3D-wp7sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:28 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
adx.adform.net/adx/ Frame 5592 		65 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=759669&t=2&url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&gdpr=1&gdpr_consent=&w=679&h=382&t=1&random=1644485246
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:29 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://iw.omatomeloanhikaku.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/xml
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/ Frame 5592 		65 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=759669&t=2&url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&gdpr=1&gdpr_consent=&w=679&h=382&t=1&random=1644485246
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:29 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://iw.omatomeloanhikaku.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/xml
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
vast.xml
video-ads.rubiconproject.com/video/16568/331896/1738248/201/ Frame 5592 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/16568/331896/1738248/201/vast.xml?gdpr=1&gdpr_consent=&width=679&height=382&rp_schain=1.0,1!viralize.com,4601,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash
8efa92da867097469de376ed85f7cbfc7498913043898c147cafa461f87be8d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:29 GMT
Content-Encoding
gzip
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/xml
Access-Control-Allow-Origin
https://iw.omatomeloanhikaku.com
Cache-Control
public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
931
Expires
Thu, 10 Feb 2022 09:27:29 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame 5592 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADqeagKps_2jM40&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ec8a53a8f07626468717dc5d9eea61&item=YWRuXzQ1NDg56JWPaXY19g%3D%3D.8.1frhfavtl-vjb64mhe0do-YWRuXzQ1NDg56JWPaXY19g%3D%3D-wp8sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:29 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/t-bid-done/ Frame 5592 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-done/?zid=AADqeagKps_2jM40&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&t=adn&gcid=YWRuXzQ1NDg56JWPaXY19g%3D%3D&bid_opportunity_id=1frhfavtl-vjb64mhe0do-YWRuXzQ1NDg56JWPaXY19g%3D%3D-wp8sc1&l=vpaid&as=Rubicon&ct=application%2Fjavascript&sid=01ec8a53a8f07626468717dc5d9eea61
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:29 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bridge-31042.js
video-ads.rubiconproject.com/video/ Frame 5659 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/bridge-31042.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.bae13cac.js?e=ops
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
441190ba2b13013b7493f024e780f07c29817bbc83f6b81d507c406605718711

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 09:27:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Nov 2021 09:48:04 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
ETag
"103d9-5d185c1183d00-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
20289
/
ads.viralize.tv/track/ Frame 5592 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec8a53a8f07626468717dc5d9eea61%3A0%3A1frhfavtl-vjb64mhe0do-YWRuXzQzOTBg2Ns-vl2lxQ%3D%3D-wp7sc1%22%2C%22bid_opportunity_id%22%3A%221frhfavtl-vjb64mhe0do-YWRuXzQzOTBg2Ns-vl2lxQ%3D%3D-wp7sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ec8a53a8f07626468717dc5d9eea61%3A0%3A1frhfavtl-vjb64mhe0do-YWRuXzQ1NDg56JWPaXY19g%3D%3D-wp8sc1%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:29 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 5659 		28 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?gdpr=0&gdpr_consent=&account_id=16568&site_id=331896&zone_id=1738248&size_id=201&width=432&height=243&rp_schain=1.0,1!viralize.com,4704,1,,,&p_window.depth=0&rf=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&p_window.url=&p_window.w=679&p_window.h=382&p_aso.video.ext.ad.w=679&p_aso.video.ext.ad.h=382&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=7024597597898015&rp_secure=1
Requested by
Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-31042.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.65.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-65-254.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:29 GMT
server
nginx/1.16.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://iw.omatomeloanhikaku.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/xml
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
ads.viralize.tv/player/ Frame E60F 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/player/?zid=AADqeagKps_2jM40&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&gdpr=1&cbb=4485246239&sid=01ec8a53a8f07626468717dc5d9eea61&experiment=ops.&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%22017ee2f57eb9410cc5b48632c9d4da90%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A9474%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A679%2C%22height%22%3A382%7D%7D&pub_platform=&dd=iw.omatomeloanhikaku.com&sc=2&gdpr=1&cs=&cmp=unavailable
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.093edae1.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
c9dd7840076c3cc0349fdf2afa4e9a7811e39070b94d8c54384cb9e6c35a1069

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:30 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://iw.omatomeloanhikaku.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
raven.min.js
cdn.ravenjs.com/3.17.0/ Frame 5C5C 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.093edae1.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:30 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2017 16:58:06 GMT
server
Fastly
age
20240
etag
"51d6eff0ea5151f41fa0e2f3310fc7c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9634
polyfill.min.js
polyfill.io/v3/ Frame 5C5C 		101 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.093edae1.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b4c9b940ff725bf2c2c73932c44d43b5ca6aa4302cd2e0ee6648d80ffa52c3ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1440664
detected-user-agent
Chrome Mobile/98.0.4758
server-timing
MISS-CLUSTER, fastly;desc="Edge time";dur=23, HIT, fastly;desc="Edge time";dur=1
content-length
94
referrer-policy
origin-when-cross-origin
last-modified
Mon, 24 Jan 2022 14:41:42 GMT
date
Thu, 10 Feb 2022 09:27:30 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/98.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 5C5C 		376 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.093edae1.js?e=ops
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127061
x-xss-protection
0
expires
Thu, 10 Feb 2022 09:27:30 GMT
viralize_player.min.bae13cac.js
static.viralize.tv/ Frame 5C5C 		764 KB
224 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.viralize.tv/viralize_player.min.bae13cac.js?e=ops
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.093edae1.js?e=ops
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:9ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df15e4261812909e01681768fd203100a1cced276c27455e38bb04d7e993e2c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:30 GMT
content-encoding
br
cf-cache-status
HIT
age
502596
x-guploader-uploadid
ADPycduWoKAvDIwkU6A6PuXAuGwyk5cQW8lPhe9MYg29UVF2qQ8c7lU2k375DVB4Yfymrkymlt9D6vimRoZqQwjj7MV_SOgaSg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 04 Feb 2022 13:47:09 GMT
server
cloudflare
etag
W/"bae13cac007bb39fc5fc71aabeeb7987"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=kHKNJw==, md5=uuE8rAB7s5/F/HGqvut5hw==
x-goog-generation
1643982429257857
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=2592000
x-goog-stored-content-length
782712
cf-ray
6db44d4e7dd4914c-FRA
expires
Sat, 12 Mar 2022 09:27:30 GMT
polyfill.min.js
polyfill.io/v3/ Frame 5C5C 		101 B
136 B 		Other
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b4c9b940ff725bf2c2c73932c44d43b5ca6aa4302cd2e0ee6648d80ffa52c3ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1440664
detected-user-agent
Chrome Mobile/98.0.4758
server-timing
MISS-CLUSTER, fastly;desc="Edge time";dur=23, HIT, fastly;desc="Edge time";dur=1
content-length
94
referrer-policy
origin-when-cross-origin
last-modified
Mon, 24 Jan 2022 14:41:42 GMT
date
Thu, 10 Feb 2022 09:27:30 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/98.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
advast
ice.360yield.com/ Frame 5C5C 		27 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22297300&w=16&h=9&minduration=1&maxduration=60&player_width=679&player_height=382&referrer=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&gdpr=&vast_version=3&vpaid_version=2&video_format_type=instream&schain=1.0,1!viralize.com,4601,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.208.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-208-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
https://iw.omatomeloanhikaku.com
date
Thu, 10 Feb 2022 09:27:30 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
ads.viralize.tv/t-bid-opportunity/ Frame 5C5C 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADqeagKps_2jM40&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ec8a53a8f07626468717dc5d9eea61&item=YWRuXzUyMDGo-dfKnHnbfw%3D%3D.1.1frhfb3bd-ubn39herad8-YWRuXzUyMDGo-dfKnHnbfw%3D%3D-wp1sc2
Requested by
Host: iw.omatomeloanhikaku.com
URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:30 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
307367
search.spotxchange.com/vast/2.0/ Frame 5C5C 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/307367?VPAID=JS&content_page_url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&cb=1644485250&player_width=679&player_height=382&gdpr=1&gdpr_consent=&custom[format]=instream&schain=1.0,1!viralize.com,4601,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 09:27:30 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000347
X-SpotX-Timing-SpotMarket
0.008597
X-SpotX-Timing-Page-Mux
0.000409
X-SpotX-Timing-Page-Require
0.000616
X-fe
045
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000042
Content-Length
77
X-SpotX-Timing-Page
0.014463
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000529
Last-Modified
Thu, 10 Feb 2022 09:27:30 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.008597
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://iw.omatomeloanhikaku.com
X-SpotX-Timing-Page-Misc
0.003908
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame 5C5C 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADqeagKps_2jM40&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ec8a53a8f07626468717dc5d9eea61&item=YWRuXzU5NDHJ0eC78wxsUg%3D%3D.2.1frhfb3bd-ubn39herad8-YWRuXzU5NDHJ0eC78wxsUg%3D%3D-wp2sc2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:30 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 5C5C 		67 B
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.1&zoneId=12944625&domain=omatomeloanhikaku.com&loc=omatomeloanhikaku.com&_fw_gdpr=1&_fw_gdpr_consent=&schain=1.0,1!viralize.com,4601,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6be7c5a9d78839e90e7eee8151b59cf69c80cb88724169f1fb3d760769e662f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:30 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://iw.omatomeloanhikaku.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1644485250547007-415
Expires
Thu, 10 Feb 2022 09:27:30 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame 5C5C 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADqeagKps_2jM40&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ec8a53a8f07626468717dc5d9eea61&item=YWRuXzU5OTFLbsN7sM8Taw%3D%3D.3.1frhfb3bd-ubn39herad8-YWRuXzU5OTFLbsN7sM8Taw%3D%3D-wp3sc2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:30 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame 5C5C 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec8a53a8f07626468717dc5d9eea61%3A0%3A1frhfb3bd-ubn39herad8-YWRuXzUyMDGo-dfKnHnbfw%3D%3D-wp1sc2%22%2C%22bid_opportunity_id%22%3A%221frhfb3bd-ubn39herad8-YWRuXzUyMDGo-dfKnHnbfw%3D%3D-wp1sc2%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec8a53a8f07626468717dc5d9eea61%3A0%3A1frhfb3bd-ubn39herad8-YWRuXzU5NDHJ0eC78wxsUg%3D%3D-wp2sc2%22%2C%22bid_opportunity_id%22%3A%221frhfb3bd-ubn39herad8-YWRuXzU5NDHJ0eC78wxsUg%3D%3D-wp2sc2%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:30 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
ac
www8.smartadserver.com/ Frame 5C5C
Redirect Chain
  • https://www8.smartadserver.com/ac?siteid=115779&pgid=1188693&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1644485250&vpw=679&vph=382&pgDomain=omatomeloanhikaku.com&gdpr_consen...
  • https://www8.smartadserver.com/ac?siteid=115779&pgid=1188693&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1644485250&vpw=679&vph=382&pgDomain=omatomeloanhikaku.com&gdpr_consen...
129 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=115779&pgid=1188693&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1644485250&vpw=679&vph=382&pgDomain=omatomeloanhikaku.com&gdpr_consent=&gdpr=1&schain=1.0%2C1!viralize.com%2C4601%2C1%2C%2C%2C&cklb=1
Protocol
HTTP/1.1
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:29 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://iw.omatomeloanhikaku.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:29 GMT
access-control-allow-origin
https://iw.omatomeloanhikaku.com
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://www8.smartadserver.com/ac?siteid=115779&pgid=1188693&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1644485250&vpw=679&vph=382&pgDomain=omatomeloanhikaku.com&gdpr_consent=&gdpr=1&schain=1.0%2C1!viralize.com%2C4601%2C1%2C%2C%2C&cklb=1
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
/
ads.viralize.tv/t-bid-opportunity/ Frame 5C5C 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADqeagKps_2jM40&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ec8a53a8f07626468717dc5d9eea61&item=YWRuXzQ0NDA9zIYWqj4PYw%3D%3D.4.1frhfb3bd-ubn39herad8-YWRuXzQ0NDA9zIYWqj4PYw%3D%3D-wp4sc2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:30 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
shim.gif
creatives.sascdn.com/ Frame 5C5C 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/shim.gif
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.bae13cac.js?e=ops
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 09:27:30 GMT
Last-Modified
Fri, 17 Aug 2018 12:23:00 GMT
Server
Apache
ETag
"221d8352905f2c38b3cb2bd191d630b0:1534508580"
Content-Type
image/gif
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Fri, 10 Feb 2023 09:27:30 GMT
/
ads.viralize.tv/d-vast/ Frame 5C5C 		67 B
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/d-vast/?zid=AADqeagKps_2jM40&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&gdpr=1&cbb=4485246239&sid=01ec8a53a8f07626468717dc5d9eea61&experiment=ops.&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%22017ee2f57eb9410cc5b48632c9d4da90%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A9474%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A679%2C%22height%22%3A382%7D%7D&dd=iw.omatomeloanhikaku.com&sc=2&cmp=unavailable&wfp=5&rcx=460.3ce9104d.1.14
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
2c32c331c6e8de3b9aa3cfaec1cd5c295e848484d7925832a6aae6c2e0c3ea14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:30 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://iw.omatomeloanhikaku.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame 5C5C 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec8a53a8f07626468717dc5d9eea61%3A0%3A1frhfb3bd-ubn39herad8-YWRuXzU5OTFLbsN7sM8Taw%3D%3D-wp3sc2%22%2C%22bid_opportunity_id%22%3A%221frhfb3bd-ubn39herad8-YWRuXzU5OTFLbsN7sM8Taw%3D%3D-wp3sc2%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec8a53a8f07626468717dc5d9eea61%3A0%3A1frhfb3bd-ubn39herad8-YWRuXzQ0NDA9zIYWqj4PYw%3D%3D-wp4sc2%22%2C%22bid_opportunity_id%22%3A%221frhfb3bd-ubn39herad8-YWRuXzQ0NDA9zIYWqj4PYw%3D%3D-wp4sc2%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:30 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 5C5C 		1 KB
927 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=382&vw=679&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&cachebuster=1644485250
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
51071c0535fe1774afb9c583b9a3fa9a445e1859d0c6d43d0119cfa625156246

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:30 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23df-5d77a515ac2dc"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://iw.omatomeloanhikaku.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
663
expires
Thu, 10 Feb 2022 09:27:30 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame 5C5C 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADqeagKps_2jM40&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ec8a53a8f07626468717dc5d9eea61&item=YWRuXzUyNzebfS6-gSdVtw%3D%3D.6.1frhfb3bd-ubn39herad8-YWRuXzUyNzebfS6-gSdVtw%3D%3D-wp6sc2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:30 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/t-bid-done/ Frame 5C5C 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-done/?zid=AADqeagKps_2jM40&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&t=adn&gcid=YWRuXzUyNzebfS6-gSdVtw%3D%3D&bid_opportunity_id=1frhfb3bd-ubn39herad8-YWRuXzUyNzebfS6-gSdVtw%3D%3D-wp6sc2&l=vpaid&as=PubMatic&ct=application%2Fjavascript&sid=01ec8a53a8f07626468717dc5d9eea61
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:30 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 4781 		154 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=382&vw=679&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&cachebuster=1644485250
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.bae13cac.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ce083536384cb4f54dcf9282db820a5d7efc360517e17812c2302b4f6b1d229b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:30 GMT
content-encoding
gzip
last-modified
Tue, 08 Feb 2022 04:40:34 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-2660e-5d77a51598671"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36683
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8E51 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=382&vw=679&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&cachebuster=1644485250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/

Response headers

last-modified
Tue, 11 Jan 2022 05:13:08 GMT
etag
"1302647-9687-5d547824a78f1"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13928
content-type
text/html; charset=UTF-8
cache-control
public, max-age=54108
expires
Fri, 11 Feb 2022 00:29:18 GMT
date
Thu, 10 Feb 2022 09:27:30 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 4781 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=382&vw=679&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&cachebuster=1644485250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:30 GMT
content-encoding
gzip
last-modified
Tue, 11 Jan 2022 05:13:08 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-9687-5d547824a78f1"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=54108
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13928
expires
Fri, 11 Feb 2022 00:29:18 GMT
/
ads.viralize.tv/track/ Frame 5C5C 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ec8a53a8f07626468717dc5d9eea61%3A0%3A1frhfb3bd-ubn39herad8-YWRuXzUyNzebfS6-gSdVtw%3D%3D-wp6sc2%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:30 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
PugMaster
image6.pubmatic.com/AdServer/ Frame 8E51 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=79589537&p=156962&s=718977&a=2944653&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e0025885b4b04c8f132c7e2ee659ebbde9a8944cf48b44ba826030d042c4a2a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:30 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 9414 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45835690&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:29 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame A31F 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=92605123&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:29 GMT
content-length
0
match
c1.adform.net/serving/cookie/ Frame BA30
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=A17AF311-4935-4F28-947E-ACF051C4A222
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A17AF311-4935-4F28-947E-ACF051C4A222
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A17AF311-4935-4F28-947E-ACF051C4A222
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 10 Feb 2022 09:27:30 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Thu, 10 Feb 2022 09:27:30 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A17AF311-4935-4F28-947E-ACF051C4A222
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 01B1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:15416204-da7f-4e00-82f4-e5d7d6e42bef&gdpr=0&gdpr_consent=
42 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:15416204-da7f-4e00-82f4-e5d7d6e42bef&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 10 Feb 2022 09:27:30 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug004:0:381
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Thu, 10 Feb 2022 09:27:30 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master cdg-pixel-x27 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:15416204-da7f-4e00-82f4-e5d7d6e42bef&gdpr=0&gdpr_consent=
Expires
Thu, 10 Feb 2022 09:27:29 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 4552
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5667020498877932406
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5667020498877932406
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 10 Feb 2022 09:27:30 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug016:0:400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5667020498877932406
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 454A 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 10 Feb 2022 09:27:30 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Thu, 10 Feb 2022 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
522969
strict-transport-security
max-age=31536000; preload;
Pug
simage2.pubmatic.com/AdServer/ Frame 6548
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7063010367520241818
42 B
520 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7063010367520241818
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 10 Feb 2022 09:27:30 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug006:0:455
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Thu, 10 Feb 2022 09:27:30 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7063010367520241818
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8E51
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oXrzEUk1TyiUfqzwUcSiIg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:30 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=164113
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Sat, 12 Feb 2022 07:02:43 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 8E51
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=15416204-da7f-4e00-82f4-e5d7d6e42bef
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=15416204-da7f-4e00-82f4-e5d7d6e42bef
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 10 Feb 2022 09:27:30 GMT
Server
MT3 4133 baa842e master cdg-pixel-x25 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=15416204-da7f-4e00-82f4-e5d7d6e42bef
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Feb 2022 09:27:29 GMT
mw
mwzeom.zeotap.com/ Frame 8E51
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=A17AF311-4935-4F28-947E-ACF051C4A222
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=1589c039-bcd3-43fa-9686-b1409c835603&icm
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=11e67964824f883c8e24a928826cbb04
  • https://spl.zeotap.com/?zdid=1332&zcluid=be0956d0ac036261
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=df5dad70-5ace-4b7d-4358-b337b421e289&reqId=df12d757-a616-4056-687d-f4da5942ffde&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEAJm3Xabgl83KX2pRAT4G9Q&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=df5dad70-5ace-4b7d-4358-b337b421e289&reqId=df12d757-a616-4056-687d-f4d...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEAJm3Xabgl83KX2pRAT4G9Q&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=df5dad70-5ace-4b7d-4358-b337b421e289&reqId=df12d757-a616-4056-687d-f4da5942ffde&zcluid=be0956d0ac036261&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6db44d544b4f922b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEAJm3Xabgl83KX2pRAT4G9Q&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=df5dad70-5ace-4b7d-4358-b337b421e289&reqId=df12d757-a616-4056-687d-f4da5942ffde&zcluid=be0956d0ac036261&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8E51
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTE3QUYzMTEtNDkzNS00RjI4LTk0N0UtQUNGMDUxQzRBMjIy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:29 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:306
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8E51
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJQ3oG0l5lRYxlLkLo7_ovE&google_cver=1
42 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJQ3oG0l5lRYxlLkLo7_ovE&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 07:13:29 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0025:0:556
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJQ3oG0l5lRYxlLkLo7_ovE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 8E51 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:30 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 09 Feb 2022 09:27:30 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8E51
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3240898880148195667
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3240898880148195667
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:30 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:481
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:30 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3240898880148195667
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 8E51
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1589c039-bcd3-43fa-9686-b1409c835603
42 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1589c039-bcd3-43fa-9686-b1409c835603
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:30 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:370
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1589c039-bcd3-43fa-9686-b1409c835603
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 8E51
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9028095814554707635&gdpr=0&gdpr_consent=
42 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9028095814554707635&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:30 GMT
cache-control
no-store, no-cache, private
x-lat
amspug009:0:373
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:30 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9414a45c-194f-4ae6-a67f-1ef76e3a770f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9028095814554707635&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 4781 		27 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=382&vw=679&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+7+9+1+0+1+1+1+6&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&cachebuster=1644485250&us_privacy=&cb=1644485250783&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fiw.omatomeloanhikaku.com%252Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fiw.omatomeloanhikaku.com%252Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-2-10%209:27:31&ranreq=0.5926244274688244&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=382&vw=679&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4601,1,,,&kadpageurl=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&cachebuster=1644485250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:31 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://iw.omatomeloanhikaku.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
content-type
application/xml; charset=utf-8
track
aktrack.pubmatic.com/ Frame 4781 		0
0
track
aktrack.pubmatic.com/ Frame 5C5C 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156962&s=718977&a=2944653&ts=1644485250&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:31 GMT
content-length
0
content-type
text/html
/
adx.adform.net/adx/ Frame 5C5C 		65 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=952584&t=2&url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&gdpr=1&gdpr_consent=&w=679&h=382&t=1&random=1644485250
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:32 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://iw.omatomeloanhikaku.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/xml
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
ads.viralize.tv/t-bid-opportunity/ Frame 5C5C 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADqeagKps_2jM40&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ec8a53a8f07626468717dc5d9eea61&item=YWRuXzU5MDWV50jyfwo5FQ%3D%3D.7.1frhfb3bd-ubn39herad8-YWRuXzU5MDWV50jyfwo5FQ%3D%3D-wp7sc2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:31 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
vast.xml
video-ads.rubiconproject.com/video/16568/331896/1738250/201/ Frame 5C5C 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/16568/331896/1738250/201/vast.xml?gdpr=1&gdpr_consent=&width=679&height=382&rp_schain=1.0,1!viralize.com,4601,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash
7b4b2a561bb74e447764aac0cde29e517c34fbbf48baece4efbc0438fafdc784

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 09:27:32 GMT
Content-Encoding
gzip
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/xml
Access-Control-Allow-Origin
https://iw.omatomeloanhikaku.com
Cache-Control
public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
1414
Expires
Thu, 10 Feb 2022 09:27:32 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame 5C5C 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADqeagKps_2jM40&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ec8a53a8f07626468717dc5d9eea61&item=YWRuXzUxNTK-nSwjew-uCA%3D%3D.8.1frhfb3bd-ubn39herad8-YWRuXzUxNTK-nSwjew-uCA%3D%3D-wp8sc2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:32 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame 5C5C 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec8a53a8f07626468717dc5d9eea61%3A0%3A1frhfb3bd-ubn39herad8-YWRuXzU5MDWV50jyfwo5FQ%3D%3D-wp7sc2%22%2C%22bid_opportunity_id%22%3A%221frhfb3bd-ubn39herad8-YWRuXzU5MDWV50jyfwo5FQ%3D%3D-wp7sc2%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:32 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
/
ads.viralize.tv/t-bid-done/ Frame 5C5C 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-done/?zid=AADqeagKps_2jM40&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&t=adn&gcid=YWRuXzUxNTK-nSwjew-uCA%3D%3D&bid_opportunity_id=1frhfb3bd-ubn39herad8-YWRuXzUxNTK-nSwjew-uCA%3D%3D-wp8sc2&l=vpaid&as=Rubicon&ct=application%2Fjavascript&sid=01ec8a53a8f07626468717dc5d9eea61
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:32 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bridge-31042.js
video-ads.rubiconproject.com/video/ Frame 474C 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/bridge-31042.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.bae13cac.js?e=ops
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
441190ba2b13013b7493f024e780f07c29817bbc83f6b81d507c406605718711

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 09:27:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Nov 2021 09:48:04 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
ETag
"103d9-5d185c1183d00-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
20289
/
ads.viralize.tv/track/ Frame 5C5C 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ec8a53a8f07626468717dc5d9eea61%3A0%3A1frhfb3bd-ubn39herad8-YWRuXzUxNTK-nSwjew-uCA%3D%3D-wp8sc2%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:27:32 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 474C 		28 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?gdpr=1&gdpr_consent=CPT4j2dPT4j2dAGABCENCBCgAP_AAAAAAAYgHsgZBCoETWFAEXB4QsNAGYASAEAVIGACCBCAACABAAAEICAAkkAAoAQAAAACAQQAIBIBAAAAAAAEAAAAAAAEAAEgAAAAgAAIIAJAAAEAAAAAAAoAAAAAAAAIAAARAAAAiQCAA0KFAEAAAAAQAAAAgAAAAAAAAAEAAAAAAIIAAAEQkBwACoAGQAQAAyABpAEQARQAmABPADeAHMAPwAlgBNAClAFuAMMAaoA-AB-gEcAMUAbgA9ACGwEiAKHAXmA04IABABIOgUAAVAAyACAAGQANAAfQBEAEUAJgATwAuABiADeAHMAPwAlgBMACaAFKALEAW4AwwB-gEWAI4AWIAtABdQDFAG4APQAhsBF4CQQEiAKHAXmAvoBiQDLAGnDgAwAFwASABkAIKAYEA14aAIAFwAgoBaAEiCIAICRBAAEAEgyAGAEwAjgC8xgAEAsQqAMAEwALgBHAC0AJBAXmKAAgEFIQDgAMgBMAC4AGIAN4AsQCOAFoAMUAegBIICRAFtAMSIAAgCCgFiJQEQAMgBEACYAFwAMQApQBbgDVAI4AWgAuoBigDcAIvASIAvMBlhIAGABcAMgBrykBsACoAGQAQAAyABpAEQARQAmABPADEAHMAPwApQBYgC3AGqAP0AiwBHADFAG4APQAi8BIgChwF5gL6AZYUADAAXABIAGQAsQBdQDXgAAA.YAAAAAAAAAAA&account_id=16568&site_id=331896&zone_id=1738250&size_id=201&width=624&height=350&rp_schain=1.0,1!viralize.com,3828,1,,,&p_window.depth=0&rf=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&p_window.url=&p_window.w=679&p_window.h=382&p_aso.video.ext.ad.w=679&p_aso.video.ext.ad.h=382&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=1629864015040274.2&rp_secure=1
Requested by
Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-31042.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.65.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-65-254.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iw.omatomeloanhikaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 09:27:32 GMT
server
nginx/1.16.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://iw.omatomeloanhikaku.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/xml
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=iw.omatomeloanhikaku.com&rs=iw.omatomeloanhikaku.com&sid=81348&t=1644485246&cip=185.213.155.163&sn=&tgt=0&osv=10&bv=98.0&brn=Chrome&wi=679&he=382&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1644485246168-950310148444-006317-015-001355&cha=0.7&stagid=&stplid=&d35=&d36=6.1.4&cb=83768727350&cd1=desktop&cd2=0&cd3=native&cd4=1101801&cd6=11&d9=1000&d37=realtime&AV_WIDTH=679&AV_HEIGHT=382
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.48.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-48-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.omatomeloanhikaku.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 10 Feb 2022 09:27:33 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YgTagAAFIKBP5wBB&gdpr=0&_test=YgTagAAFIKBP5wBB
Domain
vast.mrpartner.net
URL
https://vast.mrpartner.net/dav.xml?block=4c0104fdb5f84bcf17c7b18e80a8aa4838
Domain
aktrack.pubmatic.com
URL
https://aktrack.pubmatic.com/track?operId=7&p=156962&s=795658&a=3435600&ts=1644485249&wa=0&vadsId=-1&e=95&vc=2
Domain
adx.adform.net
URL
https://adx.adform.net/adx/?mid=759669&t=2&url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&gdpr=1&gdpr_consent=&w=679&h=382&t=1&random=1644485246
Domain
aktrack.pubmatic.com
URL
https://aktrack.pubmatic.com/track?operId=7&p=156962&s=718977&a=2944653&ts=1644485251&wa=0&vadsId=-1&e=95&vc=2

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 function| structuredClone object| __cfQR object| zxConsentParams object| t object| e object| rbConfig string| token object| rsdfhse function| ym boolean| __cfRLUnblockHandlers object| Sk function| setCookie function| getCookie function| createGeoRestrictionCookie object| AdSlotCollection object| WebComponents function| __CE_installPolyfill object| ShadyCSS object| regeneratorRuntime function| _mgLib1_11_81 function| _mgwqp object| _mgIntExchangeNews object| MarketGidInfC1102315 function| MarketGidCContextBlock1102315 function| MarketGidCMainBlock1102315 function| MarketGidCInternalExchangeBlock1102315 function| MarketGidCRejectBlock1102315 function| MarketGidCInternalExchangeLoggerBlock1102315 function| MarketGidCObserverBlock1102315 function| MarketGidCSendDimensionsBlock1102315 function| MarketGidCRtbBlock1102315 function| MarketGidCContentPreviewBlock1102315 function| MarketGidCResponsiveBlock1102315 boolean| mg_loaded_692293_1102315 object| _mgq object| MarketGidInfC1101801 function| MarketGidCContextBlock1101801 function| MarketGidCMainBlock1101801 function| MarketGidCInternalExchangeBlock1101801 function| MarketGidCRejectBlock1101801 function| MarketGidCInternalExchangeLoggerBlock1101801 function| MarketGidCObserverBlock1101801 function| MarketGidCSendDimensionsBlock1101801 function| MarketGidCRtbBlock1101801 function| MarketGidCDiscountBlock1101801 function| MarketGidCContentPreviewBlock1101801 boolean| mg_loaded_692293_1101801 boolean| __isGoogleAllowed object| googletag object| pbjs325474 object| veedmoLoad object| _0xe9ce object| $jscomp function| $jscomp$lookupPolyfilledValue function| ZxStartMainModule21 object| __ZXCONSENT21 number| zxConsentEnabled number| ZxConsentFlg number| OaCmpEnabledflg object| Ya object| yaCounter68209819 number| SesEOa2m2OKxd56JECgK string| rulvW5gntb function| updateRbDisplays function| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO object| ggeac object| google_js_reporting_queue object| sas object| apntag object| _ADAGIO function| a0v function| a0B function| a0N function| a0J object| vttjs function| WebVTT function| Class object| veedmoScript function| videojs number| veLoca function| veedmo boolean| veedmoDebug undefined| veedmoImaLoad undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_477188 object| onClickExcludes object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms function| mgReject1101801 function| mgLoadAds1101801_0922a function| MarketGidCReject1101801 function| MarketGidLoadGoods1101801_0922a function| mgReject1102315 function| mgLoadAds1102315_142b7 function| MarketGidCReject1102315 function| MarketGidLoadGoods1102315_142b7 function| mgLoadAds1102315_10413 function| MarketGidLoadGoods1102315_10413 function| _mgqp number| _mgqt number| _mgqi boolean| MarketGidCSvsdsFlag string| _mgCanonicalUri boolean| _mgPageViewEndPoint692293 string| _mgPvid boolean| _mgPageView692293 object| closure_lm_267088 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| mgadSrcNoUi_0 object| _mgAdSrcNoUi object| _mgAdTrSrc boolean| i.js.loaded boolean| i-noref.js.loaded function| avPlayer function| av_sciv_hndlr1644485245885 object| storageAni object| google_image_requests object| __VR object| __vrInjectorPlugins object| s object| c object| h object| sl function| loadCMP function| Tapad object| closure_lm_793013 object| sas_snippets

113 Cookies

Domain/Path Name / Value
.mgid.com/ Name: __cf_bm
Value: H39ub3Gptb19vg198jG0BtHH6dOpy1dvoN0FHMyGBoA-1644485243-0-ARurybGlS3b0uW6aLEXybgJGyT1BRU141zRi55D5vqtjYm9RmDMRbxv9XFXmSzNf+VVmVaPYl46VIrseoS7R0GM=
.go4s.biz/ Name: uuid
Value: d49d13aa-464b-4102-8a6d-d468ad4d6016
iw.omatomeloanhikaku.com/ Name: __oagr
Value: true
.omatomeloanhikaku.com/ Name: _ym_uid
Value: 1644485244248186551
.omatomeloanhikaku.com/ Name: _ym_d
Value: 1644485244
iw.omatomeloanhikaku.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 772386063fake
.omatomeloanhikaku.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3687447799fake
.yandex.com/ Name: yandexuid
Value: 5711699781644485244
.yandex.com/ Name: yuidss
Value: 5711699781644485244
mc.yandex.com/ Name: yabs-sid
Value: 877859601644485244
.yandex.com/ Name: i
Value: +WJpoFtcgUac48IZYLqKLSc3tkA4B6w+6ABGwpfpfZAol/QUegMTA3vTJT4RSGMQOX2/RNMv9xoOPccUCTkI/PKKwsM=
.yandex.com/ Name: ymex
Value: 1676021244.yrts.1644485244#1676021244.yrtsi.1644485244
.quantumdex.io/ Name: uid
Value: ae1a57a2-40e6-48cb-ac47-2c9f1038a83a
prebid.a-mo.net/ Name: __amc
Value: 1_1644485244_1644485244
.doubleclick.net/ Name: IDE
Value: AHWqTUmFksqIvqoixHL_jlamArvbwsunEzKNnIfHDlpc4CqnK_G1yWtQV4fEEMV3E7k
servicer.mgid.com/ Name: __mglb
Value: ed02bb11b748a9279413c1eb8e47c448
.mgid.com/ Name: muidn
Value: m1ap7yITchr1
iw.omatomeloanhikaku.com/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1101801%22%3A%7B%22page%22%3A1%2C%22time%22%3A1644485245492%7D%2C%22C1102315%22%3A%7B%22page%22%3A1%2C%22time%22%3A1644485245482%7D%7D
.adnxs.com/ Name: uuid2
Value: 9028095814554707635
.casalemedia.com/ Name: CMID
Value: YgTafWC6bcDOVUcfuefP4AAA
.casalemedia.com/ Name: CMPS
Value: 3268
.casalemedia.com/ Name: CMPRO
Value: 1208
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In=ol$'T!]tbPl1M>e)ZlrFUfJ+tGXxoXarN)PashBTZkyJCT_RG'TLNT+[81>FT>-W.3If)y3KL9D3I?+^IBK5M
.aniview.com/ Name: aniC
Value: 1644485246168-950310148444-006317-015-001355
ads.stickyadstv.com/ Name: UID
Value: 57b5dcbf70304a121181dd202cce869d
ads.stickyadstv.com/ Name: sessionId
Value: 583f7959b8da7db0cf68acbbb2322be2
.tapad.com/ Name: TapAd_TS
Value: 1644485246831
.tapad.com/ Name: TapAd_DID
Value: 88e981c3-ac50-4758-bc23-fbf8847877d8
.adsrvr.org/ Name: TDID
Value: 1589c039-bcd3-43fa-9686-b1409c835603
.360yield.com/ Name: tuuid
Value: cda03c01-34c6-46d2-9a9f-3a6f6c1e5600
.360yield.com/ Name: tuuid_lu
Value: 1644485246
.spotxchange.com/ Name: audience
Value: a97e7a15-8a53-11ec-9a15-1e1d47870006
ads.stickyadstv.com/ Name: pxId
Value: 9777
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!993
iw.omatomeloanhikaku.com/ Name: cto_bundle
Value: ly1qHV96dzQ4YlBtdm5xZ1pHZDlMcCUyRjVudGJFbkRHbThDdjE0Z3R2dldxNTR6R0NIekVwWEpaOWluVzkxWlRqNEtFeVRNYm5ySlNCSktETFp4VHFUSUdvV1VYRTJGSUZqbUV2UmRzR1BVejh2QjI5aXBHSzZmNTdSWjZmeEpLOGZ0OEY0
iw.omatomeloanhikaku.com/ Name: cto_bidid
Value: Xv4EBl8xbFFDa2xhNHhaT0JvbjFRc29QUHhvNm44VXdFWE1SRzdpOWx2emhWRUhjdHdKRDg0dHhRbVJMZzNQV0laWnBzJTJCSFdoY0NmJTJGZkxTWUs5UE1nU1dNV0Z4Tk1YUDVlTU0wQlRLa0lVbVpUdlklM0Q
.casalemedia.com/ Name: CMST
Value: YgTafWIE2n8A
.advertising.com/ Name: APID
Value: UPa9bbd2fa-8a53-11ec-b624-022bbe974822
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.sharethrough.com/ Name: stx_user_id
Value: 80717840-8dae-4661-9854-5dc6cd4eb7bc
.yahoo.com/ Name: A3
Value: d=AQABBH_aBGICEP-X5kheH1nms1SqzLsD6gQFEgEBAQErBmIOYgAAAAAA_eMAAA&S=AQAAAgD19f_o_3niAcqmKgR8b9Q
.omatomeloanhikaku.com/ Name: __gads
Value: ID=2c3f6afc8a382174:T=1644485244:S=ALNI_MaSV3HUEVrvuKlQqMEJigH65Il88g
.analytics.yahoo.com/ Name: IDSYNC
Value: "192w~235l:192x~235l"
.w55c.net/ Name: wfivefivec
Value: netShYYa1Ni5JB5
.w55c.net/ Name: matchcasale
Value: 5
.quantserve.com/ Name: d
Value: EGoBDQG0JbjvsQA
.quantserve.com/ Name: mc
Value: 6204da7f-d1249-17979-aa000
.owneriq.net/ Name: si
Value: Q6977716471259884758
.owneriq.net/ Name: p2
Value: cc
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: ss
Value: 1
.simpli.fi/ Name: suid
Value: D89E80F78F5247C3A068E3D15CF57E4C
.turn.com/ Name: uid
Value: 4499828146938309866
.mathtag.com/ Name: uuid
Value: 15416204-da7f-4e00-82f4-e5d7d6e42bef
.disqus.com/ Name: zeta-ssp-user-id
Value: 75fb33a3-2b6b-e5b7-432c-d72bf9818913
.casalemedia.com/ Name: CMRUM3
Value: 2e6204da7f05a0&2d6204da7d2760CAESENxOExHgGmoFCE8vMqEMS3Q&e66204da7f2760&be6204da7f05a0&056204da7f05a0&ce6204da7f05a0&406204da7f2760no-consent&416204da7f05a0&276204da7f0b40&f16204da7f05a0
.fwmrm.net/ Name: _uid
Value: "pc02b_7063010354620447351"
ads.stickyadstv.com/ Name: uid-bp-30833
Value: 1
ads.stickyadstv.com/ Name: uid-bp-36033
Value: pc02b_7063010354620447351
ads.stickyadstv.com/ Name: MRM_UID
Value: pc02b_7063010354620447351
.betweendigital.com/ Name: tuuid
Value: 7b0a1856-21d4-5329-84c8-3ccfe6cce6b0
.betweendigital.com/ Name: ut
Value: YgTafwAOgtgRYI7BngxOpzeW2swJZOzYXoXbZw==
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEGnPqZ4aIljgAPJLXhHHWxE
ads.stickyadstv.com/ Name: uid-bp-892
Value: 1589c039-bcd3-43fa-9686-b1409c835603
ads.stickyadstv.com/ Name: uid-bp-951
Value: 9028095814554707635
ads.stickyadstv.com/ Name: uid-bp-717
Value: y-Qj4NtX9E2oNWQydrRScZOH0HAqmOp4WFZC_5rawU~A
ads.stickyadstv.com/ Name: uid-bp-529
Value: 15416204-da7f-4e00-82f4-e5d7d6e42bef
.w55c.net/ Name: matchfreewheel
Value: 5
ads.stickyadstv.com/ Name: uid-bp-23329
Value: netShYYa1Ni5JB5
.bidr.io/ Name: bito
Value: AAEJCE7ECbUAAHMm7y_wrA
.bidr.io/ Name: bitoIsSecure
Value: ok
ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAEJCE7ECbUAAHMm7y_wrA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YgTagAAFIKBP5wBB
ads.stickyadstv.com/ Name: uid-bp-45
Value: YgTagAAFIKBP5wBB
.rubiconproject.com/ Name: khaos
Value: KZGS23P1-1H-J92M
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB2ynn2MvHa+YIflLXuMZULZPwtw5UUkhWn2jcPl2gmJbH0CxOWgo/cH9IyLIebqetQHmTdgPp4lEcxuhZpbWKLtITYMQfgpOyg=
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A17AF311-4935-4F28-947E-ACF051C4A222
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: DPSync3
Value: 1645660800%3A201_197_219%7C1644537600%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1647043200%3A203%7C1645660800%3A56_161_220_21_13_7_54_3%7C1645747200%3A35
.adfarm1.adition.com/ Name: UserID1
Value: 7063010367520241818
.onaudience.com/ Name: cookie
Value: be0956d0ac036261
.onaudience.com/ Name: done_redirects147
Value: 1
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-9028095814554707635&KRTB&23339-9028095814554707635
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEJQ3oG0l5lRYxlLkLo7_ovE&KRTB&16514-CAESEJQ3oG0l5lRYxlLkLo7_ovE&KRTB&23025-CAESEJQ3oG0l5lRYxlLkLo7_ovE
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7063010367520241818
.pubmatic.com/ Name: PugT
Value: 1644485250
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:15416204-da7f-4e00-82f4-e5d7d6e42bef&KRTB&16736-uid:15416204-da7f-4e00-82f4-e5d7d6e42bef&KRTB&23019-uid:15416204-da7f-4e00-82f4-e5d7d6e42bef&KRTB&23208-uid:15416204-da7f-4e00-82f4-e5d7d6e42bef
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-1589c039-bcd3-43fa-9686-b1409c835603&KRTB&22918-1589c039-bcd3-43fa-9686-b1409c835603&KRTB&23031-1589c039-bcd3-43fa-9686-b1409c835603
.adform.net/ Name: uid
Value: 3240898880148195667
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwjq5_jfsqC2OhAFEhcKCHB1Ym1hdGljEgsI1LXHgrOgtjoQBRgBIAEoAjILCKrG4LDJoLY6EAU4AVoHeGtzdzlsYWAC
.pubmatic.com/ Name: SPugT
Value: 1644485250
.de17a.com/ Name: guid2
Value: 1.5667020498877932406
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3240898880148195667&KRTB&23263-3240898880148195667
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5667020498877932406
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 11e67964824f883c8e24a928826cbb04
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDRMNTO3NDOxMDJJs7AwTrZINTJJtDSysDAyS05KMjBhAIIkllvNIBoKADiBCfc%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIYrnVDKSgAAAVewHE"
.onaudience.com/ Name: done_redirects219
Value: 1
.zeotap.com/ Name: zc
Value: df5dad70-5ace-4b7d-4358-b337b421e289
.zeotap.com/ Name: zsc
Value: %D29%C8%FE%10%F6e%EFL%24%A2%03%F7%01Y%5E%29%ED%2B%0A%40%D9Ys%C6%CE%E5f%B9%A6%00%98%EE%AF%93%95~%A6l4RM%B0%9B%9D%7F%ABkP%C5%E6L44%99%83O%21%3E3%86%83%04T.%F0f%F1%D2_%DA%19pA%2F%82%5D%C4%3B%95%3A%EE%E4

13 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9545.wNEv9T7sFD8XCnQ6ipNJFv7t8U8CdU8gbA0Wey8ZfSrlhsytJ0vt1983maeGaE4v6ZSlEwQgkCPK63EaKRCgNQ%2C%2C.JZq8856RGYftD8S3Bfc1nS72l8w%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://static.viralize.tv/viralize_vpaid.min.093edae1.js?e=ops
Message:
Allow attribute will take precedence over 'allowfullscreen'.
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
javascript error URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Message:
Access to XMLHttpRequest at 'https://vast.mrpartner.net/dav.xml?block=4c0104fdb5f84bcf17c7b18e80a8aa4838' from origin 'https://iw.omatomeloanhikaku.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://vast.mrpartner.net/dav.xml?block=4c0104fdb5f84bcf17c7b18e80a8aa4838
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YgTagAAFIKBP5wBB&gdpr=0&_test=YgTagAAFIKBP5wBB
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript error URL: https://iw.omatomeloanhikaku.com/what-is-an-mpeg-file-and-how-do-i-open-one-9074
Message:
Access to XMLHttpRequest at 'https://adx.adform.net/adx/?mid=759669&t=2&url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&gdpr=1&gdpr_consent=&w=679&h=382&t=1&random=1644485246' from origin 'https://iw.omatomeloanhikaku.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adx.adform.net/adx/?mid=759669&t=2&url=https%3A%2F%2Fiw.omatomeloanhikaku.com%2Fwhat-is-an-mpeg-file-and-how-do-i-open-one-9074&gdpr=1&gdpr_consent=&w=679&h=382&t=1&random=1644485246
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

309034bd6e19cd3e5c71372fc6d105cc.safeframe.googlesyndication.com
a.omatomeloanhikaku.com
ad.turn.com
ad4m.at
ads.adlook.me
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
ads.viralize.tv
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
aktrack.pubmatic.com
ap.lijit.com
ares.veedmo.com
c.mgid.com
c1.adform.net
casale-match.dotomi.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.laim.tv
cdn.mgid.com
cdn.ravenjs.com
cdn.stickyadstv.com
cdn.veedmo-static.com
cdn.veedmo-storage-2.com
cdn.zx-adnet.com
cm.g.doubleclick.net
cm.mgid.com
cmp.optad360.io
creatives.sascdn.com
d.adroll.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
encrypted-tbn3.gstatic.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
go1.aniview.com
go4s.biz
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
iw.omatomeloanhikaku.com
jsc.mgid.com
m.exactag.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
mc.yandex.com
mc.yandex.ru
mug.criteo.com
mwzeom.zeotap.com
omatomeloanhikaku.com
onetag-sys.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
pandg.tapad.com
pghub.io
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.tapad.com
player.aniview.com
pm.w55c.net
polyfill.io
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
pubads.g.doubleclick.net
px.owneriq.net
rtb.adentifi.com
s-img.mgid.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
script.4dex.io
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.mgid.com
serving.stat-rock.com
serving.viewtraff.com
simage2.pubmatic.com
spl.zeotap.com
spylees.com
ssp.disqus.com
ssp.wp.pl
ssum-sec.casalemedia.com
static.viralize.tv
std.wpcdn.pl
sync.adotmob.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.richaudience.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
usermatch.targeting.unrulymedia.com
vast.mrpartner.net
vid.pubmatic.com
video-ads.rubiconproject.com
video-native.mgid.com
vpaid.pubmatic.com
www.bigmp3db.com
www.google.com
www.googletagservices.com
www8.smartadserver.com
ads.stickyadstv.com
adx.adform.net
aktrack.pubmatic.com
sync.go.sonobi.com
vast.mrpartner.net
104.111.230.142
104.111.242.53
104.19.132.78
104.19.134.78
108.128.225.181
137.74.127.184
141.94.170.77
142.250.185.194
142.250.186.162
142.250.186.98
144.76.128.227
147.75.38.124
151.101.1.195
159.122.14.34
162.55.233.29
169.197.150.7
172.217.23.98
178.250.0.157
178.250.0.163
18.156.0.31
18.157.231.140
185.183.112.148
185.184.8.65
185.29.134.244
185.33.220.145
185.33.221.88
185.64.189.110
185.64.190.75
185.86.137.32
185.94.180.123
188.166.135.13
198.47.127.19
198.47.127.20
2.18.233.180
2.18.234.21
2.18.234.233
2.19.35.65
2001:4de0:ac19::1:b:2b
2001:678:cb4:bbbb::11
209.54.176.128
212.77.98.32
212.77.99.29
213.155.156.184
213.19.147.45
213.202.235.10
23.79.143.124
2600:9000:223c:3e00:6:b871:4f00:93a1
2600:9000:223f:4e00:1b:5138:8a40:93a1
2600:9000:225e:d000:11:a4de:2580:93a1
2606:4700:10::6816:2460
2606:4700:10::ac43:db6
2606:4700:20::ac43:4a81
2606:4700:20::ac43:4bf1
2606:4700:3030::ac43:cd38
2606:4700:3032::6815:3812
2606:4700:3035::ac43:ce26
2606:4700::6810:5814
2606:4700::6812:9ca
2620:116:800d:21:3175:5196:e3fd:8c1d
2a00:1450:4001:801::2001
2a00:1450:4001:801::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2001
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::200a
2a00:1450:4001:831::2004
2a02:2638:1::13
2a02:26f0:6c00:28a::2c79
2a02:26f0:6c00::210:ba12
2a02:6b8::1:119
2a02:6ea0:c700::10
2a02:fa8:8806:12::1400
2a03:90c0:41:2801::254
2a04:4e42:600::729
2a04:4e42:a00::282
2a05:d018:d29:3605:e7f2:7d0e:d8ab:42c4
3.124.112.1
3.33.220.150
3.67.65.254
34.102.243.38
34.203.157.179
34.226.70.99
35.186.238.232
35.227.248.159
35.241.45.217
37.157.4.29
37.157.6.251
5.101.76.186
51.89.7.202
51.89.9.254
52.59.131.166
52.6.103.226
54.146.48.179
54.246.208.198
63.35.242.195
65.21.54.62
66.155.71.150
69.173.144.138
72.251.249.14
85.114.159.93
95.216.65.102
95.217.231.160
96.46.186.59
01bb3fe27a750e994f702952de2250539e12a2c5092c3e2c65130c3c0fe5a0e3
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
05ed7424c6f3c3d2aec5dfe7fa92e5f617afe58a01666c1c584d342a8b57a0e7
060767062ad5fa3986f0745cbe80ea466e1851782d36ae595c28ed6f99be35f8
085f8bdcc85e4eb1af657321f31f3c27ae41ff6ff16e2fa4694a10de6fc7c8ba
0866609eccae538f95bb592b446bf6f50abfa6468eb49fb5d0f019336100d75e
09529316c4f55a31f86ebcddd685f068affa4c1b865b700b6096b9019b2de855
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
0a0f9ca81a64d1a595b0aa04ef03b6b677048990f753717e0d9a46de3db8cfae
0afcb6112a6d30cc9b084d7342fd755f00f92424e2d46e142d75837860e7fe91
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bfdee6a158723ce7213d8c5402e0ffa8cc9453e207dcd8f7c89a60c888e3c15
0d73c75a799d604aa8cee7c0ba0208becf18543517537e642aa11b9641606fa5
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76
0db75643a6c905d8d9d813015b6ce4b2dfb2b9631d61cbc9ab2e61f6c0380b1b
0eecea606bd1353c10e972adb50b62abc0242988562e990cb4d565bf85f2ea4d
0ff538091b471bf8008583b9d394c466a60f6b4fcf01c2808acc4e5a268a54b5
1081918bb45192c7512509c2349ebee409b4049bf71c15b2a6673037d0600570
1196b27617f354651cb353c909897550e76f614965d88ed3e5b55b6520cc2719
11fac9561c6b37f339cfc254e38322d2913afcb2f7512722352216b865bb9b52
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c
16900cde90dd82eae8ac47a8ead13ead0659a2aa800e755f169d83164dfcf49b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c
22dc09e053641dbee00b20cf2894802b3a119e99d568ff099e7c6b413a85ba38
22deb78cc95398cb12ee7f01ca44a0a4fe3ed298ab1b30053be45355f46ce10d
239a5bd35b80826b21f9de4020f9d1d3bea240067927bbe08619279eb81f02ac
23f66936773cf6edddcdc7b474a536146779ca32fca06d731861ff069544b93e
27610c6febde0eab59f77460be3751d60ba33b1d7c4be656b8150a0320a6c818
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2a039c5691258eec501ce610b6c60d5448e93548b1010c9b3e1ac7fd1384b288
2a99be886ba034a77b8017cf97e038b031f9cb7c1b2a856accd5bb6a865fe035
2c32c331c6e8de3b9aa3cfaec1cd5c295e848484d7925832a6aae6c2e0c3ea14
2d6a5f1fd30398a93b2248cf48c62a16f2b6c396c09aec5061d3c0f1d9399e95
32534e5d98aa0b5ce228cd01341b026e71dcd22a2e1a135b5627894b42c1e37a
33a322dc145771c1af35e78e3adeff24519be649d8e54313d02ec74e7d92bd95
3427b69a7a53aaaa1b70f0bfd45fd171c0b73d5cdaa8200696bf5d1d1b3a9626
3736f99a9483e4268510477ec659d5ffefdec496f4b52286c4e3f2cc14ebc931
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37bbba8ffbd30285300e9571b23cb5c32edfc7740811f95ca28a258112fa9400
381fa821b9888f41540d9e146ed2579fe21e6282521c9cc8be5741afe5dece0e
387ac466ed330c6c9a1386746c1ac1af47911b2bf7578e35fd3dc4ef0cb21b13
3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826
3c63a206e5442d431f258392c1634a0f76521d8c887fb35cbc22ad30534a4082
3d23f1be52de0a58b44cdfafbf10e84ac4917e1b137b1c530feac51f91cb13d7
3d55f387a3d0bb31902057bd830c0c9007f071d0929bd4a1072b4554e6e26abc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
402a1c95cf577f9967b8ded6eab9a5e3c2b975f9956f1d8f3b5afbeb503ea0fb
406dae81a8e95037a3bca53ca771f446df097cf86084d76de62fd308e2bf32a5
415d43d954c9bed785625b5b484eed06dd3b552b68a76fb426315ad7371e39d9
4180aec0b64dbf313f0666d408be706a1882d3e45d27668ed95d114100e78921
4405c6c0ca03f8c68da38374caeb5f02e746e05512ab291a05535a517ec8c24a
441190ba2b13013b7493f024e780f07c29817bbc83f6b81d507c406605718711
4575507a0d276e57457ae5b87a3e22c525e635674729f9af524bc0241b24c7e5
462cacf634bf4c5e2517e90e16d09ed7f0a7962ee023323598cb16f3a6a883cc
46b8c54b65b5fd3bbe9242cee35773736c5997c027128c7b852df478c6398b4b
46eae9ed23dfba726f9954898b6874564e9070e2785de701fb0e3146d93fc6df
4807a6369eb785c61dc62752412d0b5f58e16601fb3c0d3b4c919d52a0cf8988
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4ae9d979637a1e78d1f68605d1b9f61a0264d31c75a1949d173fd0a396ffeb73
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6a30fa3696284523f6e8ce354df59616782c648a70954d5175a279182ca2c7
4d6e6bb2053fb97d5a021ab4855c6762a9f263e05edb099419b546b488c31b07
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5049956f393ca7e8ec02a85d189653330a75ecd27153d79e0ba9ff0f4dd3ae46
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51071c0535fe1774afb9c583b9a3fa9a445e1859d0c6d43d0119cfa625156246
527897ef3072133347a5b376d87bb22512ec34b6c24de5f00fa921b681dd1dd8
533b48c9c5147142d3a07394f46778b9173527108aa60db85378b6c10177261d
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
543f6e29b5f4a45f1ed7228430078964330382a976587704e40887e24c7f39ba
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54beae4e35e4882799778a41c51f55469c4dcab790240252f9ead3ba7f95dc79
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b78d5d6a8f8dc918e152b4b18efa92137e8391358727fca57dde5b989269d9
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74
5ad8839b0b8f2e961293a559ef5411d3e37d598ecc687c2a0e2c36bd2f101ac6
5bd435f619651ad053c844ce82689f84c8f5f432e6c411fe00f395315f8f45c8
5bf7378bca4930ee4e9fb8ab093c16ab60489c74376390de855b71d0c706ea57
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
603c9b7f5674dcc498ef3c6bddf672a912aff520290062561f1908876f123635
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620fdb59ca5ff1b597c57a2c2078ffe79fa3ba0e63cf32b6a817d285fee09ba8
627a31c788bd09510307b71861641e8c2309ea094ee5980825fe6e99d99d81c0
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
65772f5d2029b3f616d43c8beedcdb2d4add3cda1d1068e761dfbf966fd4d6af
6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a
67faa0264275e2020fed25c1aaf427b43782d2bf826272fc83daa54e44e31f5f
68c63a264982bd4095ae4cfb659a8f7c15f5199a82b604290265faa8f2a28ec0
693c1fc05326e4380777179beeb3c1487c75efb8c83fc995a3a8d8c7c756885f
6bb57686c77bc147d93f5012eee030116ae9d282651b872e477ab01108a87744
6bbd93b450d8df37e4931202917952ae76ebad2ccea40865c0992d024dc1ccf3
6be7c5a9d78839e90e7eee8151b59cf69c80cb88724169f1fb3d760769e662f8
6c88540ecee687ff6bac38fa3e38cbf2abbf63c73cf7ecce02d54e8cff46c490
6f0a26c236d11ec79660cb5546d7377a67bad88d2c9b607d2f4a54e2c8b1f440
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc
72fd1fa5c56689ff1fc4d3d60c6065f7f99fe6953a3c54ed3ad0c82aa9a34fa2
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
7447c1664f6a06328cd895a4914acad40ad47827ebe00becbd570138ff7e785c
75d2911abe6e2bbdb07ce86a90ada9062b8a7fef977ca1b448e08de34780ec0f
7742b7f5c1b61988dec17599f94e260fdaf23252c898c710367479a4fb1b3410
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7b4b2a561bb74e447764aac0cde29e517c34fbbf48baece4efbc0438fafdc784
824bd0fb03e3a7dda60da229c28e12ad4aba3ea3e88bec1759f32687565e7b97
827d8eb3eb149555ede81026ead6b67fe055393ad4de57ab2feedaedb25223f4
82c2d8dc583506050c45289b85c71ad5320420d2062a9c07322b40ac900c3da8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
847d2854bb34bc89ab8514267909dbec0fe245278448227d23714781f9dfab71
84a1f9a5cc9a5e87aaff0563d1f50bf9c96e72e6d3fc348929273abb05c94cfa
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a7dc53c5010a0b91b70acc6856f13abedb0937749643c3a1f996c723512e1fd
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8efa92da867097469de376ed85f7cbfc7498913043898c147cafa461f87be8d0
90dd60ca14caa7eda327d78f9ad109b06feb5b69f3664b8a28519d2383adb689
926b9f8f35cf8fc3daadc4415aaa890adea52ccb58f60c990c55020018a057d4
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
933f5b71c74d5e895a880e4ff9619ad62e09c54c53b1f86f659ace4dcac9c5af
95ecf84569d27ebc65210d50e0909e4ae8074fb4f6f43cc6dc3cd67fcb05dea1
9b605d2f41ade51c3da43217e21cab87f6cf2a6fad18cda5d28ef58bd403f930
9cd1b5630bcc34ecc71dbcbdfe45ddb9ed3cb4c0464a2abeb76bcc490635e376
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a07c49b31c6f7aa41a45f4118a02210f0e748ae87695d2bdb452ffadff7d50db
a0b9f4766c764286fc31c8bf1158cc5f2cbdb3d02ee8c24a258fd151c8c63495
a215dfc619c9f8aa50e5aab45d1ee793c44ffe2a6dcd0bc1ba27dbb3f1cdcff6
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a44400fb88aaf018fb0e9aff450c4b708da545d38ab0317d6bc599f093e20030
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a568eccbb3e854c85c3bfc718a38326c43fc8260b0fbc3f324b711cddfa76684
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
a951356f93f3cbf49bf5f70e17705826acf63ec55fb9bae245b2191c10d0f854
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab772ffed7945bc1a1160274561ed4f8a22df6e6d826a9cc0865f0c00843c854
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27e2c968e69b60c024d3a63baed051ce98d980fad517597e1a720f6676a60b9
b3598442b070ead236013265ddef871d20fbcff25b6c6680fedc8e9b7d1706ee
b398a7cf792120913a10d2186e57d28e4be2d280832067d3086cf185869a29bb
b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b
b4c9b940ff725bf2c2c73932c44d43b5ca6aa4302cd2e0ee6648d80ffa52c3ea
b5166bb282f20509cb3980dc5140a237203b4aea8aa365fd3ec901cf0427276f
b652b1f80f7e54602c307a0131e1372d5a309720ed738446e0615a0d22013c44
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
b716981df17d43bef46a03ca1ea6a53c737b208f872498bea8a0fceaed077a2f
b8a9b82b6f802a3b7f2c31c8d05a224268c0e12fbfed9dc79e76eba186e2fe15
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bb8529edc34ff55b7b85731e442f3d5b5d3d941eb3cbe43a88d7b46568486739
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
be2d88c4e8c1c25fd8d9415cb1bdc04612ab464378898cd5b3e4edc81c59cb51
c1547a6f623d4d38158668e66bf805c9ce9e6956c3ab50ec65d49b083ab7350b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0
c44df5362a765db376968858f998c96288aafdbc46c98151e19d062f4dcf2e58
c4ebe3ebe71bf4025ecbc6a82a8c886917377bec419dcd886978dfdb5db2377e
c81d385094258a16ed73e19cfef6b5ddd91ffcd692474281cc7b73b95f71a545
c90df7a92cdf079fc95cf3d239b3227bf46fdc0ac241f673ffd10d881cb23b13
c9dd7840076c3cc0349fdf2afa4e9a7811e39070b94d8c54384cb9e6c35a1069
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
cc14aa257fb4c3dd3d8e3b9b99362712187684b51395b44362dbe69c7a7d8c5b
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
ce083536384cb4f54dcf9282db820a5d7efc360517e17812c2302b4f6b1d229b
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
cf06e894abaa41a0be5d5d900fcef7b683a08479042c07a18305d119576438f5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d3688869f9bb4dc29de7a8303c2148afefe6c745933f08697c5f77c61b476496
d44a3249e2be052d683c7b58d03890937199b056a6313bd7ae0834281a70a2d6
d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740
d943b3cf7508be07b88c773ef2dd1be29124b15e13a505bcfc4cc18af1e1c257
d9678ed47e0fa9b82c9f4fd0e090ab6ca94eb2bb6827879b85bf2312f87a9c6a
d98da1540993d215b6f4e184906020e8ce32286b315a4261127d26bf79146bb0
d9a5757457f5d0a6c5b8baaa68f08cc569f3c4f265a8f3005c127c7167f8a516
de8b77e97fd76a9c3ee5cdacb7cc6952ea948a06437315da5acb5ea493e1d64c
df15e4261812909e01681768fd203100a1cced276c27455e38bb04d7e993e2c7
dfa72b963ab90c281374a4ebacf04c6da8271613936e37622263bafa2256eaa8
e0025885b4b04c8f132c7e2ee659ebbde9a8944cf48b44ba826030d042c4a2a9
e0a4f428e1492da2aeba5b402613e0641caddd6561da9fd4ad01bea041ac02d6
e119e5cbbb30933756b85e38b3826ddc8f4fb2cc63874d7390fb423be14b14a5
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c00d56665ffb06ce8bfd7cc417119955988b8c2595124d19d1d9ef1340a3bc
e4c62966b16197d8a85d91bbbb7ec339a6d744764e6ba4c86d3f42b93c1101db
e59c0f735471d90ea02234c6d94ee8fb9033ddd50f3f6b50ecf238dba336b842
e745925dd2871ad9fbbfd067272b53a05747872be0f6d1f5a11cf73d6d5a37c5
e751e56a80eafc3eae652801cd95947a621fa19d13b51e8ae2ba8ca92809b824
e80d56ecb1bf6466f69023c1aeda99091de79f7e74b2dba9737c46e7ae9dc900
e84a25c477e8e023d8fb0d0351dc484393303cd7c64525d42f599c80513acb47
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e958acd33f23ea0b43f6ce74fc0854f016522eff111bd46b3b7d4543a83f5eb9
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f026ded3d8bbdac78b0875ed587a00c29a73974de78c6f7465d8502d65492daa
f756f1c2a850c459e4e909c16423d7267c7d8be7bad9edf57421aa9213a5b8ad
f770b9f59710aaa80c7eed3c905ebb311e646bfab03b13b7edc2317266652dac
f86d5798814cbee32d210b324fcd9fc285a90a97a966cc706cb225d7e01b411a
f86de435aaca56dd7e506148f423ad070df94e970de7ef16f94a93fef39fbb4c
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e