ww1.sdsmanga.com Open in urlscan Pro
2606:4700:3036::ac43:9af9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sdsmanga.com/
Effective URL:
https://ww1.sdsmanga.com/
Submission: On August 26 via manual (August 26th 2021, 2:03:34 pm UTC) from NL

Summary HTTP 203 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 49 IPs in 6 countries across 51 domains to perform 203 HTTP transactions. The main IP is 2606:4700:3036::ac43:9af9, located in United States and belongs to CLOUDFLARENET, US. The main domain is ww1.sdsmanga.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 7th 2021. Valid for: a year.

This is the only time ww1.sdsmanga.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 21	2606:4700:303... 2606:4700:3036::ac43:9af9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700:20:... 2606:4700:20::ac43:4597	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:4cc4:5670:35d5:1e00:b394	15133 (EDGECAST) (EDGECAST)
10	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	95.211.229.245 95.211.229.245	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
7	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2607:fad0:380... 2607:fad0:3801:4::1	32244 (LIQUIDWEB) (LIQUIDWEB)
6	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
2 22	2606:4700:20:... 2606:4700:20::ac43:47f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	46.249.52.248 46.249.52.248	50673 (SERVERIUS-AS) (SERVERIUS-AS)
2	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
2	185.33.223.178 185.33.223.178	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700:10:... 2606:4700:10::6816:1758	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700:20:... 2606:4700:20::681a:eee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700:21:... 2606:4700:21::681b:cf5c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3037::ac43:c79d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
13	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1 1	18.195.172.136 18.195.172.136	16509 (AMAZON-02) (AMAZON-02)
8 14	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2606:4700:303... 2606:4700:3032::6815:57ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	216.58.212.134 216.58.212.134	15169 (GOOGLE) (GOOGLE)
1	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a00:7c80:0:1... 2a00:7c80:0:121::2	49981 (WORLDSTREAM) (WORLDSTREAM)
1	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
8 9	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	35.158.223.21 35.158.223.21	16509 (AMAZON-02) (AMAZON-02)
6 7	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 4	51.75.146.200 51.75.146.200	16276 (OVH) (OVH)
4 4	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
4 4	3.120.13.220 3.120.13.220	16509 (AMAZON-02) (AMAZON-02)
4	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
4 15	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	209.54.176.128 209.54.176.128	16509 (AMAZON-02) (AMAZON-02)
2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1 1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	35.171.214.154 35.171.214.154	14618 (AMAZON-AES) (AMAZON-AES)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	72.251.241.206 72.251.241.206	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	54.209.33.59 54.209.33.59	14618 (AMAZON-AES) (AMAZON-AES)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
203	49

21 2606:4700:3036::ac43:9af9 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

sdsmanga.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ww1.sdsmanga.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:20::ac43:4597 (United States)

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:4cc4:5670:35d5:1e00:b394 (United States)

ASN15133 (EDGECAST, US)

a.exdynsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.211.229.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.exdynsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:fad0:3801:4::1 (United States)

ASN32244 (LIQUIDWEB, US)

sender.best	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

u3y8v8u3.ackcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:20::ac43:47f1 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ms.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.249.52.248 (Netherlands) 2 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.178 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1758 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::681a:eee (United States)

ASN13335 (CLOUDFLARENET, US)

assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:21::681b:cf5c (United States)

ASN13335 (CLOUDFLARENET, US)

px.vliplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::ac43:c79d (United States)

ASN13335 (CLOUDFLARENET, US)

worldstatistics.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.172.136 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-172-136.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.194 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:57ae (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.134 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:7c80:0:121::2 (Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)

ufo.approximity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.249.52.249 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

u-ams02.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.33.221.91 (Amsterdam, Netherlands) 8 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.223.21 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-223-21.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.156.0.31 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.75.146.200 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: p11.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.251.249.13 (Amsterdam, Netherlands) 4 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.120.13.220 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-13-220.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.162.133.149 (Madrid, Spain)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2.18.234.21 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.54.176.128 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (United States) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.171.214.154 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-214-154.compute-1.amazonaws.com

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.206 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.209.33.59 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-33-59.compute-1.amazonaws.com

sync.extend.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	doubleclick.net 10 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	171 KB
27	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	369 KB
22	quantumdex.io 2 redirects useast.quantumdex.io sync.quantumdex.io ms.quantumdex.io	9 KB
21	vlitag.com services.vlitag.com tag.vlitag.com assets.vlitag.com stats.vlitag.com	1 MB
21	sdsmanga.com 2 redirects sdsmanga.com ww1.sdsmanga.com	5 MB
15	casalemedia.com 4 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com dsum.casalemedia.com	16 KB
13	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	302 KB
9	adnxs.com 8 redirects ib.adnxs.com secure.adnxs.com	7 KB
7	yahoo.com 6 redirects ups.analytics.yahoo.com	6 KB
7	gstatic.com fonts.gstatic.com	146 KB
6	google-analytics.com www.google-analytics.com	58 KB
6	exdynsrv.com a.exdynsrv.com syndication.exdynsrv.com	56 KB
5	pubmatic.com 2 redirects image6.pubmatic.com ads.pubmatic.com	12 KB
5	e-planning.net 2 redirects ads.us.e-planning.net u-ams02.e-planning.net	3 KB
4	amazon-adsystem.com 2 redirects s.amazon-adsystem.com	3 KB
4	sonobi.com sync.go.sonobi.com	2 KB
4	advertising.com 4 redirects pixel.advertising.com	1 KB
4	lijit.com 4 redirects ap.lijit.com	2 KB
4	id5-sync.com 2 redirects id5-sync.com	6 KB
4	worldstatistics.live worldstatistics.live	108 KB
4	googletagservices.com www.googletagservices.com	127 KB
3	awin1.com 1 redirects www.awin1.com	2 KB
3	google.com 1 redirects adservice.google.com www.google.com	1 KB
3	googletagmanager.com www.googletagmanager.com	121 KB
3	googleapis.com fonts.googleapis.com imasdk.googleapis.com	121 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	645 B
2	adsrvr.org match.adsrvr.org	529 B
2	onetag-sys.com onetag-sys.com	2 KB
2	sharethrough.com 2 redirects match.sharethrough.com	479 B
2	openx.net 2 redirects rtb.openx.net	764 B
2	addthis.com 2 redirects e.dlx.addthis.com	1 KB
2	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	4 KB
2	vliplatform.com px.vliplatform.com	866 B
2	adnxs-simple.com ib.adnxs-simple.com	2 KB
2	a-mo.net prebid.a-mo.net	614 B
1	rfihub.com 1 redirects p.rfihub.com	776 B
1	extend.tv 1 redirects sync.extend.tv	546 B
1	adgrx.com cm.adgrx.com	408 B
1	advangelists.com 1 redirects nep.advangelists.com	233 B
1	dotomi.com 1 redirects casale-match.dotomi.com	187 B
1	approximity.com 1 redirects ufo.approximity.com	280 B
1	congstar.de banner.congstar.de	518 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	459 B
1	agkn.com 1 redirects d.agkn.com	761 B
1	quantserve.com cms.quantserve.com	464 B
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	657 B
1	bilsyndication.com assets.bilsyndication.com	105 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	ackcdn.net u3y8v8u3.ackcdn.net
1	sender.best sender.best
203	51

	Domain	Requested by
18	sync.quantumdex.io	assets.vlitag.com sync.quantumdex.io ssum-sec.casalemedia.com
18	ww1.sdsmanga.com	ww1.sdsmanga.com
17	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
14	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
14	assets.vlitag.com	tag.vlitag.com ww1.sdsmanga.com
10	pagead2.googlesyndication.com	ww1.sdsmanga.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ww1.sdsmanga.com www.googletagservices.com
8	dsum-sec.casalemedia.com	2 redirects ssum-sec.casalemedia.com
8	ib.adnxs.com	8 redirects
7	ups.analytics.yahoo.com	6 redirects ssum-sec.casalemedia.com
7	fonts.gstatic.com	fonts.googleapis.com
6	ssum-sec.casalemedia.com	2 redirects sync.quantumdex.io ssum-sec.casalemedia.com
6	assets.ad4m.at	as.ad4m.at
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	ad4m.at	googleads.g.doubleclick.net ad4m.at
4	s.amazon-adsystem.com	2 redirects ssum-sec.casalemedia.com
4	sync.go.sonobi.com	sync.quantumdex.io
4	pixel.advertising.com	4 redirects
4	ap.lijit.com	4 redirects
4	id5-sync.com	2 redirects sync.quantumdex.io
4	worldstatistics.live	tag.vlitag.com worldstatistics.live
4	ads.us.e-planning.net	2 redirects ww1.sdsmanga.com
4	www.googletagservices.com	tag.vlitag.com pagead2.googlesyndication.com googleads.g.doubleclick.net
4	syndication.exdynsrv.com	a.exdynsrv.com ww1.sdsmanga.com
3	www.awin1.com	1 redirects as.ad4m.at
3	image6.pubmatic.com	2 redirects ads.pubmatic.com
3	tag.vlitag.com	services.vlitag.com tag.vlitag.com
3	www.googletagmanager.com	ww1.sdsmanga.com tag.vlitag.com
3	sdsmanga.com	2 redirects ww1.sdsmanga.com
2	sync-tm.everesttech.net	2 redirects
2	match.adsrvr.org	ssum-sec.casalemedia.com
2	ads.pubmatic.com	sync.quantumdex.io
2	onetag-sys.com	sync.quantumdex.io
2	ms.quantumdex.io	2 redirects
2	match.sharethrough.com	2 redirects
2	ad.doubleclick.net	2 redirects
2	as.ad4m.at	ad4m.at as.ad4m.at
2	rtb.openx.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	px.vliplatform.com
2	stats.vlitag.com	tag.vlitag.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	ib.adnxs-simple.com	assets.vlitag.com
2	prebid.a-mo.net	assets.vlitag.com
2	useast.quantumdex.io	assets.vlitag.com
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	a.exdynsrv.com	ww1.sdsmanga.com
2	fonts.googleapis.com	ww1.sdsmanga.com tpc.googlesyndication.com
2	services.vlitag.com	ww1.sdsmanga.com services.vlitag.com
1	p.rfihub.com	1 redirects
1	sync.extend.tv	1 redirects
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	secure.adnxs.com	ssum-sec.casalemedia.com
1	nep.advangelists.com	1 redirects
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	u-ams02.e-planning.net
1	ufo.approximity.com	1 redirects
1	banner.congstar.de	as.ad4m.at
1	static-de.ad4mat.net	ad4m.at
1	pixel.rubiconproject.com	1 redirects
1	d.agkn.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	ww1.sdsmanga.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	assets.bilsyndication.com	ww1.sdsmanga.com
1	cdn.jsdelivr.net	assets.vlitag.com
1	u3y8v8u3.ackcdn.net	ww1.sdsmanga.com
1	imasdk.googleapis.com	tag.vlitag.com
1	sender.best	ww1.sdsmanga.com
203	72

This site contains links to these domains. Also see Links.

Domain
sdsmanga.com
valueimpression.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-01-07` - `2022-01-06`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.ackcdn.net GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-06-03` - `2022-07-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
exdynsrv.com R3	`2021-08-05` - `2021-11-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
centos7.template.liquidweb.com centos7.template.liquidweb.com	`2017-03-02` - `2018-03-02`	a year	crt.sh
ackcdn.net R3	`2021-08-05` - `2021-11-03`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
ads.us.e-planning.net R3	`2021-08-01` - `2021-10-30`	3 months	crt.sh
*.a-mo.net R3	`2021-07-16` - `2021-10-14`	3 months	crt.sh
*.adnxs-simple.com GeoTrust ECC CA 2018	`2021-03-17` - `2022-03-15`	a year	crt.sh
bilsyndication.com Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2021-08-24` - `2021-11-22`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.congstar.de TeleSec ServerPass Class 2 CA	`2021-05-18` - `2022-05-23`	a year	crt.sh
*.e-planning.net R3	`2021-08-13` - `2021-11-11`	3 months	crt.sh
*.id5-sync.com R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
onetag-sys.com R3	`2021-07-26` - `2021-10-24`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-17` - `2022-02-09`	6 months	crt.sh

This page contains 30 frames:

Primary Page: https://ww1.sdsmanga.com/
Frame ID: 6BE4E4270E0568C49AFD1CC9CBCB9D72
Requests: 82 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210823/r20190131/zrt_lookup.html
Frame ID: 77F155115BBE681307FBF6460DF21635
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&adk=1812271804&adf=3025194257&lmt=1629986595&plat=1%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fww1.sdsmanga.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=3&bdt=431&idt=313&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1103991354717&frm=20&pv=2&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=840
Frame ID: 94C1EDBA9F7FAA12505EF52108514FF3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&h=280&slotname=3242898716&adk=670283550&adf=1359369005&pi=t.ma~as.3242898716&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.khlifat-info.xyz%2F2021%2F02%2Fpaypal.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=2&bdt=430&idt=331&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1103991354717&frm=20&pv=1&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&loc=https%3A%2F%2Fww1.sdsmanga.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oCIK0i7QnQ&p=https%3A//ww1.sdsmanga.com&dtd=851
Frame ID: 29F9386461C814990554E655FE4D95FF
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&h=280&slotname=3242898716&adk=670283550&adf=2051377974&pi=t.ma~as.3242898716&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.khlifat-info.xyz%2F2021%2F02%2Fpaypal.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=2&bdt=431&idt=510&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1103991354717&frm=20&pv=1&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=24969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&loc=https%3A%2F%2Fww1.sdsmanga.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=4GVNNm5dQD&p=https%3A//ww1.sdsmanga.com&dtd=1032
Frame ID: 2CB0799C43C64E7F27E2491140B6259C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: CA47A5C044DBDE5ACE38DA615F6F16D2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7F0EB3BC074F1CEFF08455184E2B6F0E
Requests: 1 HTTP requests in this frame

Frame: https://tag.vlitag.com/passbacktarget/1629973848/?t=iframe&pbID=7&d=16615&z=70499&divID=vi_1661570499_208&w=300&h=250
Frame ID: D6115501196BAE03CBB7B56E82E4FEC3
Requests: 2 HTTP requests in this frame

Frame: https://tag.vlitag.com/passbacktarget/1629973848/?t=iframe&pbID=7&d=16615&z=70499&divID=vi_1661570499_309&w=300&h=250
Frame ID: 636BE358948134A219040457B96ABAAB
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-31
Frame ID: 09A4815B322CF00999D0BD8103969DC5
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-31
Frame ID: C9C7D7166B2F51A34557126F2A4D819E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/index.html
Frame ID: 64E1B3EE44ADC4C4FCA8E85D20E1B299
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C5392C6AE6FAD44F491DF151EBB2D854
Requests: 2 HTTP requests in this frame

Frame: https://worldstatistics.live/bn.php?size=300x250
Frame ID: C9EC02F0D5E810CF26548871794B1950
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C4bhkJJ8nYcyKCof57gPt97BIkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNDYyNzE5ODY2NjczMDExoAHCrujdA8gBCakCFAPOzLa7sz6oAwGqBOYBT9AKNZWUaIK1IJKDEWI2qaa4Yxpg2tscYnapDVpkTlF4r-oeV2ZByAqEDACDpAH5xw6uq2sKaJyTS_FEuKV7na5Xlz8BW8IM60edor6QB6dpGi11hiTXtGnLTbHdeGd-ObY0fZ_wqxoi34uYYjB9R6wBY8ANOu30ItKKZuVU6pgEoyqWGt49U2-3dTjU8m3Lxuow2Y3AsQf_7-8Tgk-H5tTBbxbww3jS3-iWySSWU1Y04TTvlPua-_VvDrRxj15S32XFTd99pd_sEfdpHyy5pjK3I9seaMrFP1M0Kh_NkYjMWGdjEtmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yNDYyNzE5ODY2NjczMDExGAA&sigh=HQiT5H965S0
Frame ID: D0F702CCE1CF1B4F517B4459D73BB229
Requests: 6 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1gapevzq5mseczk0sd5y4b999jdcjtnf3qh3agpxw1qqms6a7ac6jqg004cwxtskhnsq9bddd4rhp21ypaxvwse87az5kyqspgx4ym824rv4tcqd4bh6egjc82z5e8zymdvmxjvessksrs3h4chtjkq3gmcnndqfwjhc58zb9a8kkmrnf5pqxcc2jyrc54bv95mzxff8f0qe02ze1de2dezstfk4gea0rbx1j2whxj9a4fsyhg0j23s5w6j83p0vzevbj2rq54sv0t340hqgmmw29tx014v2xar8y64zr018xh19tekkb8qpwcgp0h04y46y4vbxckxja56vj06wbk9antpxhy20tgeny6txbg36gvd739x8a98w3gnqefr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiT64JJ8nYcyKCof57gPt97BIkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNDYyNzE5ODY2NjczMDExoAHCrujdA8gBCakCFAPOzLa7sz6oAwGqBOkBT9AKNZWUaIK1IJKDEWI2qaa4Yxpg2tscYnapDVpkTlF4r-oeV2ZByAqEDACDpAH5xw6uq2sKaJyTS_FEuKV7na5Xlz8BW8IM60edor6QB6dpGi11hiTXtGnLTbHdeGd-ObY0fZ_wqxoi34uYYjB9R6wBY8ANOu30ItKKZuVU6pgEoyqWGt49U2-3dTjU8m3Lxuow2Y3AsQf_7-8Tgk-H5tTBbxbww3jS3-iWySSWU1Y04TTvlPua-_VvDrRxj15S32XFTd99pd_sEfdpHyy5pjK3I9tcasdX6IazatdK2R4WEfWRK80T7SmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3MgjdMEa06PQXwrVaumR_WGtOBzQ%26client%3Dca-pub-2462719866673011%26adurl%3D
Frame ID: 16DF193ACF62EBD4435BBF47DA798F26
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 47522B343F30AF5240A92338A50AF2F9
Requests: 9 HTTP requests in this frame

Frame: https://worldstatistics.live/bn.php?size=300x250
Frame ID: 7CDDC0E3F487A75B0267FB87BA22F53E
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: E14DA76AD6C2350077F0A1BE515AB888
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=6ae8c214838a04448fa2dee79a03abfd%2F4585127077303086760&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629986596730&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20ttd458mvz1m13f0c6gcg96fn8wfabnen0cgyc04c3qm65rr47rfp8n7bgp39ea9ntngmczgrtdqmxy7msh6tahjztw60abp0dp2jffdq70sk4t7q1690x81076kq4s9jfbfkz7acezpt137eaybmc07tc455b4pnrmrvsr73tnnqka49gy6474ckhge2kfpegkwq0200s2g5f7e15c9kzkw956zncdha4qvp1p5ysqwbvk93ck120anz0peyg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT64JJ8nYcyKCof57gPt97BIkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNDYyNzE5ODY2NjczMDExoAHCrujdA8gBCakCFAPOzLa7sz6oAwGqBOkBT9AKNZWUaIK1IJKDEWI2qaa4Yxpg2tscYnapDVpkTlF4r-oeV2ZByAqEDACDpAH5xw6uq2sKaJyTS_FEuKV7na5Xlz8BW8IM60edor6QB6dpGi11hiTXtGnLTbHdeGd-ObY0fZ_wqxoi34uYYjB9R6wBY8ANOu30ItKKZuVU6pgEoyqWGt49U2-3dTjU8m3Lxuow2Y3AsQf_7-8Tgk-H5tTBbxbww3jS3-iWySSWU1Y04TTvlPua-_VvDrRxj15S32XFTd99pd_sEfdpHyy5pjK3I9tcasdX6IazatdK2R4WEfWRK80T7SmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MgjdMEa06PQXwrVaumR_WGtOBzQ%2526client%253Dca-pub-2462719866673011%2526adurl%253D&y=0&z=0
Frame ID: A62D34D84587F81D6192F9413FDC93DB
Requests: 11 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: B9848514DD0FB65CBA119E506F6E3012
Requests: 10 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 259B5B045898C1AA939F69F8242D61BF
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 5F5EC2BF5EB9D238C1AB10FBD65188F4
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 7E8B570CDAC6E3E21A5FAA042A6CDF0F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 33F4B7BB273F8454F9F6C3444EAF63FE
Requests: 2 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 72E080F960D47E02E13996B39F5DC395
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: E14B978CEF90FFFBC9CB80BE73378823
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: CBBCD631EBAB4A259EEB55BB59787604
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: FB769829DF61B6EDE995A6F1914FAB14
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: DBD999476A0907D718D811C5C5A666BF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Read Seven Deadly Sins | Nanatsu no Taizai Manga Online In High-Quality

Page URL History Show full URLs

http://sdsmanga.com/ HTTP 301
https://sdsmanga.com/ HTTP 301
https://ww1.sdsmanga.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

203
Requests

99 %
HTTPS

47 %
IPv6

51
Domains

72
Subdomains

49
IPs

6
Countries

8493 kB
Transfer

15967 kB
Size

2
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://sdsmanga.com/manga/seven-deadly-sins-chapter-1/
Title: SEVEN DEADLY SINS, CHAPTER 1

Search URL Search Domain Scan URL

URL: https://sdsmanga.com/manga/seven-deadly-sins-chapter-347/
Title: SEVEN DEADLY SINS, CHAPTER 347

Search URL Search Domain Scan URL

URL: https://valueimpression.com/?ref=ww1.sdsmanga.com
Title:

Search URL Search Domain Scan URL

URL: https://sdsmanga.com/
Title: © 2021 sdsmanga.com. All rights reserved.

Search URL Search Domain Scan URL

URL: https://sdsmanga.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://sdsmanga.com/terms-and-conditions/
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://sdsmanga.com/return-policy/
Title: Return Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sdsmanga.com/ HTTP 301
https://sdsmanga.com/ HTTP 301
https://ww1.sdsmanga.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://ads.us.e-planning.net/pbjs/1/2c995/1/ww1.sdsmanga.com/ROS?rnd=0.7359052453319093&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fww1.sdsmanga.com%2F&pbv=5.8.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fww1.sdsmanga.com%2F&gdpr=1&gdprcs= HTTP 302
https://ads.us.e-planning.net/hb/1/2c995/1/ww1.sdsmanga.com/ROS?ct=1&r=pbjs&rnd=0.7359052453319093&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fww1.sdsmanga.com%2F&pbv=5.8.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fww1.sdsmanga.com%2F&gdpr=1&gdprcs=

Request Chain 54

https://ads.us.e-planning.net/pbjs/1/2c995/1/ww1.sdsmanga.com/ROS?rnd=0.7359052453319093&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fww1.sdsmanga.com%2F&pbv=5.8.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fww1.sdsmanga.com%2F&gdpr=1&gdprcs= HTTP 302
https://ads.us.e-planning.net/hb/1/2c995/1/ww1.sdsmanga.com/ROS?ct=1&r=pbjs&rnd=0.7359052453319093&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fww1.sdsmanga.com%2F&pbv=5.8.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fww1.sdsmanga.com%2F&gdpr=1&gdprcs=

Request Chain 108

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 119

https://d.agkn.com/pixel/2175/?google_gid=CAESEDLFxRTrvj1ZHkrXkERg_KQ&google_cver=1&google_push=AYg5qPJ_Guu7cdycfWUa_k5jtT-oICyDqdIaTGPMh4iUQ3izkaD71ff6NQv2fR33XN5a3davIGCuWD_Hv3Av6gplnZVwOSbOheSNvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJ_Guu7cdycfWUa_k5jtT-oICyDqdIaTGPMh4iUQ3izkaD71ff6NQv2fR33XN5a3davIGCuWD_Hv3Av6gplnZVwOSbOheSNvQ&google_hm=Q0FFU0VETEZ4UlRydmoxWkhrclhrRVJnX0tR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJ_Guu7cdycfWUa_k5jtT-oICyDqdIaTGPMh4iUQ3izkaD71ff6NQv2fR33XN5a3davIGCuWD_Hv3Av6gplnZVwOSbOheSNvQ&google_hm=Q0FFU0VETEZ4UlRydmoxWkhrclhrRVJnX0tR&google_tc=

Request Chain 120

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJDOIaap6cp6VFePHXlKC0Q_DnMOc3eX8A394mM5vy2M7MUspHCwoGhMMxJHsRsUHz0ErcsAyFLDNmFveNGOjL__-9o6t7_DQ&google_gid=CAESEH_LerDEr5Dm69-0J9MpAec&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJDOIaap6cp6VFePHXlKC0Q_DnMOc3eX8A394mM5vy2M7MUspHCwoGhMMxJHsRsUHz0ErcsAyFLDNmFveNGOjL__-9o6t7_DQ&google_gid=CAESEH_LerDEr5Dm69-0J9MpAec&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MjYxNDAzMTcwMDAxNTM1NDE3OTA2MQ%3D%3D&google_push=AYg5qPJDOIaap6cp6VFePHXlKC0Q_DnMOc3eX8A394mM5vy2M7MUspHCwoGhMMxJHsRsUHz0ErcsAyFLDNmFveNGOjL__-9o6t7_DQ

Request Chain 121

https://rtb.openx.net/sync/dds?google_gid=CAESEEi2SSuBJyb7ZgxrUxJ8sZk&google_cver=1&google_push=AYg5qPKq1Ibh37bDXaEHE8MrK-PbC2kSu74HQ_xOEi1fGLEPsSh-RDFccC9Zl0X2VkSyOSnM_qRpgKlgqNfhGg40G8DRLmvZYOSB HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEEi2SSuBJyb7ZgxrUxJ8sZk&google_cver=1&google_push=AYg5qPKq1Ibh37bDXaEHE8MrK-PbC2kSu74HQ_xOEi1fGLEPsSh-RDFccC9Zl0X2VkSyOSnM_qRpgKlgqNfhGg40G8DRLmvZYOSB&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKq1Ibh37bDXaEHE8MrK-PbC2kSu74HQ_xOEi1fGLEPsSh-RDFccC9Zl0X2VkSyOSnM_qRpgKlgqNfhGg40G8DRLmvZYOSB&google_hm=ymbccMzuxU4EXAvd069-2Q== HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKq1Ibh37bDXaEHE8MrK-PbC2kSu74HQ_xOEi1fGLEPsSh-RDFccC9Zl0X2VkSyOSnM_qRpgKlgqNfhGg40G8DRLmvZYOSB&google_hm=ymbccMzuxU4EXAvd069-2Q==&google_tc=

Request Chain 122

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELml_vktspk0L8IGE3lBpOA&google_cver=1&google_push=AYg5qPLI5K-CgcPdtUw7raq-vFOlgCPPY1V11RVRzgwR7cAaUxmVvg3QpejJnHPgihXFvAThA6Fg1caq0ObhatewNg5uDnGLuYIN3A HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELml_vktspk0L8IGE3lBpOA&google_cver=1&google_push=AYg5qPLI5K-CgcPdtUw7raq-vFOlgCPPY1V11RVRzgwR7cAaUxmVvg3QpejJnHPgihXFvAThA6Fg1caq0ObhatewNg5uDnGLuYIN3A&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cdbMIJI8T3ekytfPG9OAQQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLI5K-CgcPdtUw7raq-vFOlgCPPY1V11RVRzgwR7cAaUxmVvg3QpejJnHPgihXFvAThA6Fg1caq0ObhatewNg5uDnGLuYIN3A

Request Chain 123

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEM_aUQhVT7cbK0qfZUrwK4o&google_cver=1&google_push=AYg5qPIxK8WhyNP1tlXI7iSS7TqmzcUC2JP21tC4nNc8zQkOMWjKts1BXJoB1AD6a8MSLMfen48WThUXslbA6v1dICDnZyvPnYFlCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NTWlhORjItOS0xSFpY&google_push=AYg5qPIxK8WhyNP1tlXI7iSS7TqmzcUC2JP21tC4nNc8zQkOMWjKts1BXJoB1AD6a8MSLMfen48WThUXslbA6v1dICDnZyvPnYFlCg

Request Chain 124

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_cver=1&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHLJsOzf46SKzfQMH9HRr7QYsPETovjCYSDFsoIDE96IV_4UPkI1dA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHLJsOzf46SKzfQMH9HRr7QYsPETovjCYSDFsoIDE96IV_4UPkI1dA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHLJsOzf46SKzfQMH9HRr7QYsPETovjCYSDFsoIDE96IV_4UPkI1dA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHLJsOzf46SKzfQMH9HRr7QYsPETovjCYSDFsoIDE96IV_4UPkI1dA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHLJsOzf46SKzfQMH9HRr7QYsPETovjCYSDFsoIDE96IV_4UPkI1dA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHLJsOzf46SKzfQMH9HRr7QYsPETovjCYSDFsoIDE96IV_4UPkI1dA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHLJsOzf46SKzfQMH9HRr7QYsPETovjCYSDFsoIDE96IV_4UPkI1dA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHLJsOzf46SKzfQMH9HRr7QYsPETovjCYSDFsoIDE96IV_4UPkI1dA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHLJsOzf46SKzfQMH9HRr7QYsPETovjCYSDFsoIDE96IV_4UPkI1dA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHLJsOzf46SKzfQMH9HRr7QYsPETovjCYSDFsoIDE96IV_4UPkI1dA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHLJsOzf46SKzfQMH9HRr7QYsPETovjCYSDFsoIDE96IV_4UPkI1dA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHLJsOzf46SKzfQMH9HRr7QYsPETovjCYSDFsoIDE96IV_4UPkI1dA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHLJsOzf46SKzfQMH9HRr7QYsPETovjCYSDFsoIDE96IV_4UPkI1dA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHLJsOzf46SKzfQMH9HRr7QYsPETovjCYSDFsoIDE96IV_4UPkI1dA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHLJsOzf46SKzfQMH9HRr7QYsPETovjCYSDFsoIDE96IV_4UPkI1dA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHLJsOzf46SKzfQMH9HRr7QYsPETovjCYSDFsoIDE96IV_4UPkI1dA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHLJsOzf46SKzfQMH9HRr7QYsPETovjCYSDFsoIDE96IV_4UPkI1dA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHLJsOzf46SKzfQMH9HRr7QYsPETovjCYSDFsoIDE96IV_4UPkI1dA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHLJsOzf46SKzfQMH9HRr7QYsPETovjCYSDFsoIDE96IV_4UPkI1dA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHLJsOzf46SKzfQMH9HRr7QYsPETovjCYSDFsoIDE96IV_4UPkI1dA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHLJsOzf46SKzfQMH9HRr7QYsPETovjCYSDFsoIDE96IV_4UPkI1dA&google_cver=1

Request Chain 152

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CLbF56DtzvICFfXLuwgdxBUIHw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629986597_5ca7ef60-0676-11ec-bfe3-692d0dec5663

Request Chain 155

https://ufo.approximity.com/mu?td=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Daa770806b4a66cf5%26fi%3D33a2156c6da5736a HTTP 302
https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=33a2156c6da5736a&uid=02000000B79E27615C6E31BA02181E7B

Request Chain 156

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=9108288298279714048

Request Chain 157

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=1b266ec9-4a7f-4c0d-b9bb-c7215c591b50

Request Chain 158

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-m7Bn02hE2uG9mS8J.X7ky_w9FOhKkwpNkcVYC98-~A

Request Chain 159

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4583330466077400509

Request Chain 160

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Request Chain 161

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=22ff3b79-f675-4cd4-a3f3-b9fbdeb8fab1

Request Chain 162

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=497165d96412fbf1699cc70f

Request Chain 163

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP5e1450c4-0676-11ec-9adf-02334b7a4382 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP5e1450c4-0676-11ec-9adf-02334b7a4382

Request Chain 165

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 169

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=03ffea73-b9b9-4646-bbf4-ef6d241ca76d

Request Chain 170

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-0woI8IZE2uEcyUXkOPH4qk9C4Xc7IDmB06s7koM-~A

Request Chain 171

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3372475440555118583

Request Chain 172

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Request Chain 173

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3372475440555118583

Request Chain 174

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=11458e9a-b4ac-4a9a-a70f-e297166eca87

Request Chain 175

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=adb172d21b2d048e0ffc350d

Request Chain 176

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP5e0fbd5e-0676-11ec-9e68-02a0e91c9544 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP5e0fbd5e-0676-11ec-9e68-02a0e91c9544

Request Chain 178

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 183

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSefJ0uDFztaUIh4Jv1L9wAAAUsAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YSefJ0uDFztaUIh4Jv1L9wAAAUsAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENwnfFUs_RUXfMVpcyQBQao&google_cver=1

Request Chain 184

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSefJ0uDFztaUIh4Jv1L9wAAAUsAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSefJ0uDFztaUIh4Jv1L9wAAAUsAAAAB&dcc=t

Request Chain 186

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSefJ0uDFztaUIh4Jv1L9wAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN8Z7YVukiQe34IghuJ4cUM&google_cver=1&gdpr=1

Request Chain 187

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1630072999&gdpr=1

Request Chain 188

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-584f0dfb-8f7e-4f2e-bc55-abf8f576b21d

Request Chain 189

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YSefJwAD7FOBrwAC HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YSefJwAD7FOBrwAC&gdpr=1&_test=YSefJwAD7FOBrwAC

Request Chain 192

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSefJ26jud2rJfIL_AM5zAAAATgAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSefJ26jud2rJfIL_AM5zAAAATgAAAAB&dcc=t

Request Chain 193

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSefJ26jud2rJfIL_AM5zAAAATgAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YSefJ26jud2rJfIL_AM5zAAAATgAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG_26Sc2ojukMnCjPzdTj0g&google_cver=1

Request Chain 194

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSefJ26jud2rJfIL-AM5zAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN8Z7YVukiQe34IghuJ4cUM&google_cver=1&gdpr=1

Request Chain 197

https://sync.extend.tv/r.gif?exchange=index HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=d425bb47-11b0-4d34-8aa0-3eb10052c8d2

Request Chain 199

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739029348022967

203 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ww1.sdsmanga.com/
Redirect Chain

http://sdsmanga.com/
https://sdsmanga.com/
https://ww1.sdsmanga.com/

181 KB
19 KB

743ms
741ms

Document
text/html

2606:4700:3036::ac43:9af9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1.sdsmanga.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: a2e9cc6fb50b7227bfb03cce27a74458b0dda724d7e2b6d32831f46430342eed

Request headers

:method: GET
:authority: ww1.sdsmanga.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:14 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34
link: <https://ww1.sdsmanga.com/wp-json/>; rel="https://api.w.org/" <https://ww1.sdsmanga.com/>; rel=shortlink
x-litespeed-cache: hit
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMabXYRDjPVap3WvW0mZK1bGVyJWyEybKs%2Fn658B3uZYl9MwJrQ97nf4%2B2meW27DyT6%2Bmj%2B74NQA83T2RzGCxoBbcoT%2Buky5FqZgeePeD2ol3WGvgjQ0ouqJQlhzOMl1pSbvgPBq2Z%2BGBtO%2FbhR2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 684d9a340f764dee-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date: Thu, 26 Aug 2021 14:03:13 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34
expires: Mon, 23 Aug 2021 01:02:26 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
location: https://ww1.sdsmanga.com/
x-litespeed-cache: hit
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=douIsn5Cve6%2F4gFgmJkW6vO0Qx17qLAkOv1ur06lFpEmj0%2B08ahGagJbbr0Jc%2BFTHYvaLTkFzzdb4O7Pj0jee5cD61aCHC%2B1j6fTvHjkknFtoa1uJDbHz7L9hECJvaplPhIeDgsy2ujloec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 684d9a3088dd4dee-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 / Show response
services.vlitag.com/adv1/ 933 B
1 KB 151ms
135ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/adv1/?q=87436f72739d6fee74ffc3de10ceeb56

Requested by

Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9de626a464b668bcafcd10dc2619ce1c039e35525c16f1ecbad67f20664088a5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 14:03:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 26 Aug 2021 14:03:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wH7MtzzALy%2FTwheZvjPzhohQCQWJUxXWfpNXqvxC6KHtqlY6mv0179pMeEQESC6WMzM1qSuurNDxjBxij4pm%2Fr3f%2BblMOlAPGAjNcas9QOuMhZQnZ4KU5jb5a8XuxfEEFdDd1DTO0FYTYYSojAFYe8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 684d9a38dc98d6e5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 style.min.css
ww1.sdsmanga.com/wp-includes/css/dist/block-library/ 29 KB
5 KB 32ms
20ms Stylesheet
text/css 2606:4700:3036::ac43:9af9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1.sdsmanga.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.11
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 857c89b90bea6b75f04b6cc7b659594ea58b72724f1c6dde3955c958d4627245

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.2.11
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ww1.sdsmanga.com
referer: https://ww1.sdsmanga.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 393565
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 15 Apr 2021 11:08:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=haI5ey8cA3ZT2nBz%2F1Ncjf%2BRrGCFnG%2FAYmaKuqo6jnl7jxNbO4L5l4pldzPWpldPtyZoxK%2FJ9ICyTXYqKy72cywCYBZQZhLN0ktd%2FES6xEPfalN%2F7lrRqwI9fP7HSjouUyCd%2FjHmzRTwF7ATTVX7"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 684d9a38cae04ec7-FRA
expires: Sun, 29 Aug 2021 00:43:48 GMT

GET
H3-29 200 front.css
ww1.sdsmanga.com/wp-content/plugins/simple-social-buttons/assets/css/ 96 KB
11 KB 26ms
14ms Stylesheet
text/css 2606:4700:3036::ac43:9af9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1.sdsmanga.com/wp-content/plugins/simple-social-buttons/assets/css/front.css?ver=3.2.3
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 737dadb23f48c0823c3d5f597c2f9d34d81a8e964f013109fb366d7d84dffdc1

Request headers

:path: /wp-content/plugins/simple-social-buttons/assets/css/front.css?ver=3.2.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ww1.sdsmanga.com
referer: https://ww1.sdsmanga.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 393565
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 23 Jul 2021 21:59:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHfp3EKrg49lJlRRyHm3b67WYamTuK1neCauqGCIFfbOFGSABHzu9%2BSFyRhRzeAWYZwfxFCgyAX1N%2F3F%2FBHJ9tB%2B7zjfKiQqiSjIYMmIVHKAmGsF%2FZLxhnxpi8%2FGPwzBfv9d1hKB1vVTZmMwPVPx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 684d9a38cadf4ec7-FRA
expires: Sun, 29 Aug 2021 00:43:48 GMT

GET
H3-29 200 widgets-on-pages-public.css
ww1.sdsmanga.com/wp-content/plugins/widgets-on-pages/public/css/ 83 B
689 B 34ms
22ms Stylesheet
text/css 2606:4700:3036::ac43:9af9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1.sdsmanga.com/wp-content/plugins/widgets-on-pages/public/css/widgets-on-pages-public.css?ver=1.4.0
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4331958938b7c1c57a67d7b16bf9f90b27b99842f80517b27d99def1f643a73

Request headers

:path: /wp-content/plugins/widgets-on-pages/public/css/widgets-on-pages-public.css?ver=1.4.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ww1.sdsmanga.com
referer: https://ww1.sdsmanga.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 389748
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 18 Feb 2021 22:38:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kktw3BsgnDFjsZedb3AB7oluyyN4UrphWPFn0v14BUT4rdUOqN94m%2FprZfQfm6UletHSbt5RJ4lmPXIcYG7e7OS4w6G7CHVsA53b4yw4QhM47bcZMd0EohZ0npj4PHJH5f8bWd6DQvslbXDwM9hn"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 684d9a38cae34ec7-FRA
expires: Sun, 29 Aug 2021 01:47:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
894 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CRaleway%3A400%2C600%2C500%2C700%2C800&subset=latin%2Clatin-ext

Requested by

Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b18681a82ac52105a909d98563860994fa9002da2b3d44b2ed98640e49dbfd73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 13:58:59 GMT
server: ESF
date: Thu, 26 Aug 2021 14:03:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 Aug 2021 14:03:14 GMT

GET
H3-29 200 genericons.css
ww1.sdsmanga.com/wp-content/themes/toivo-lite/fonts/genericons/genericons/ 27 KB
17 KB 33ms
21ms Stylesheet
text/css 2606:4700:3036::ac43:9af9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1.sdsmanga.com/wp-content/themes/toivo-lite/fonts/genericons/genericons/genericons.css?ver=3.3
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98726f9632fa3f6359c2d118f2061241729bcfc9a98563ccb6cf87444d32bd88

Request headers

:path: /wp-content/themes/toivo-lite/fonts/genericons/genericons/genericons.css?ver=3.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ww1.sdsmanga.com
referer: https://ww1.sdsmanga.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20968
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 18 Oct 2019 17:20:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P0wmF0leRNX7GU%2FvHY0WpMFpjJMALd9jQRzB531rlvaDujLgiP5LT6ZSEM2L5XVtDDR3Us5HDeRWBWqP2JlPoaW0CKy7Sqtp2yo84Cb2wvEgeesoMHIQm%2BeI7e2V2oNqs7kDKSMKhE3pdcKWZ%2FQe"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 684d9a38cae64ec7-FRA
expires: Thu, 02 Sep 2021 08:13:46 GMT

GET
H3-29 200 style.css
ww1.sdsmanga.com/wp-content/themes/toivo-lite/ 69 KB
15 KB 45ms
34ms Stylesheet
text/css 2606:4700:3036::ac43:9af9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1.sdsmanga.com/wp-content/themes/toivo-lite/style.css?ver=5.2.11
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c8082a361e5d63cdd8add7cae6871b93d3119c0a7f1aabaf877415731996334

Request headers

:path: /wp-content/themes/toivo-lite/style.css?ver=5.2.11
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ww1.sdsmanga.com
referer: https://ww1.sdsmanga.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 393565
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 18 Oct 2019 17:20:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBc1qcTWH%2B6nm6t%2BVEhNcoMdGfPxzZpMo2EnTswO7Y%2FdcCFUZjHV4vv4mNoneFCh5mHdH80h8eqn6BSAwYfbwvG%2FEa5F2nveYLSvcO2LxqDNnkpOGqbSLGy9R2eG%2FSSKy8F0s9JX1WFA9d5WepTy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 684d9a38caee4ec7-FRA
expires: Sun, 29 Aug 2021 00:43:48 GMT

GET
H3-29 200 comiceasel.css
ww1.sdsmanga.com/wp-content/plugins/comic-easel/css/ 5 KB
2 KB 46ms
35ms Stylesheet
text/css 2606:4700:3036::ac43:9af9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1.sdsmanga.com/wp-content/plugins/comic-easel/css/comiceasel.css?ver=5.2.11
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c67538660c5b2504ce618da37968a380b1dcb06b38189d9fad5d4a6571c624a

Request headers

:path: /wp-content/plugins/comic-easel/css/comiceasel.css?ver=5.2.11
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ww1.sdsmanga.com
referer: https://ww1.sdsmanga.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 393565
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 18 Oct 2019 17:20:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9W1neXvVLZrqRvfB8PFXMdqx4OgZqFFbr5bw84FJtWcbLI7dkT5SpiN68VRfnFOumoe%2FFwG0pQpXwSqpRdXJJT8hADiDOTwKTySbmUtEehwMbfk22d224iOgWokFFoP%2FHKdB%2B0WATWPvYW2t4SS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 684d9a38caf24ec7-FRA
expires: Sun, 29 Aug 2021 00:43:48 GMT

GET
H3-29 200 jquery.js Show response
ww1.sdsmanga.com/wp-includes/js/jquery/ 95 KB
35 KB 38ms
27ms Script
application/javascript 2606:4700:3036::ac43:9af9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1.sdsmanga.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

:path: /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ww1.sdsmanga.com
referer: https://ww1.sdsmanga.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 393565
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 18 Oct 2019 17:20:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8h7BLlYl2HAw2F%2FR8bi2ynV6%2FKja9iSn%2BjRn6wGZxv3oMao4VJdmqDK52wiGZsD0wlCmLr7MsIzj0BBx4JlVjpo9Fq1kxWnP3Dxgj3oJ2ieDisQzcgJlt3ZExbUc42zhDyn5UurogS%2B%2F7DyFgtl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 684d9a38caeb4ec7-FRA
expires: Sun, 29 Aug 2021 00:43:48 GMT

GET
H3-29 200 jquery-migrate.min.js Show response
ww1.sdsmanga.com/wp-includes/js/jquery/ 10 KB
5 KB 33ms
22ms Script
application/javascript 2606:4700:3036::ac43:9af9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1.sdsmanga.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ww1.sdsmanga.com
referer: https://ww1.sdsmanga.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 393565
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 18 Oct 2019 17:20:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BsXZ0UZF4qpwbCb9oyi%2BhzkVbf8zci%2FZxC%2BrIYM06%2BSSpxDTLTD38ndjO%2BsPISAE1zvdv%2B9I%2FvUDEyrKUKfbPZGYz5RdpMzYcAxxD9wWh158yOM%2BqbSztQvy0Eve6swZrBxTHp5Hs8Zl8MssfX1f"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 684d9a38cae54ec7-FRA
expires: Sun, 29 Aug 2021 00:43:48 GMT

GET
H3-29 200 front.js Show response
ww1.sdsmanga.com/wp-content/plugins/simple-social-buttons/assets/js/ 7 KB
3 KB 31ms
21ms Script
application/javascript 2606:4700:3036::ac43:9af9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1.sdsmanga.com/wp-content/plugins/simple-social-buttons/assets/js/front.js?ver=3.2.3
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0447c33437b68ce8263e7ce898c532cb1676e1dfc94662aea3300263e425265

Request headers

:path: /wp-content/plugins/simple-social-buttons/assets/js/front.js?ver=3.2.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ww1.sdsmanga.com
referer: https://ww1.sdsmanga.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 393565
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 23 Jul 2021 21:59:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ng2%2FDhDUj%2B0ScRLrrFnTMHcRm86ZS2KkbbBYs0JhN3RL8n5pT8PHjAsPsgM6hItD5qxFciAzkZVShtJEFzSw6RFlfF7wDKBNiKWQpI6zyzE68E4IT86m99eEvwPueGpTanHRUAjYXcjIuN%2BMdpXy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 684d9a38cae44ec7-FRA
expires: Sun, 29 Aug 2021 00:43:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-129378113-16

Requested by

Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4650401a4f688dd1be61819d98f76ddb4051b52f45c61b18d13cba7492dcf033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41133
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 26 Aug 2021 14:03:14 GMT

GET
H2 200 video-slider.js Show response
a.exdynsrv.com/ 35 KB
9 KB 28ms
9ms Script
application/javascript 2606:2800:234:4cc4:5670:35d5:1e00:b394
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://a.exdynsrv.com/video-slider.js
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:4cc4:5670:35d5:1e00:b394 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67DF) /
Resource Hash: 54027a92a68deb2438218170df0f8733ca15dc7955fe69abd7c6214dd8adfa3a

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:14 GMT
content-encoding: gzip
last-modified: Thu, 26 Aug 2021 13:40:53 GMT
server: ECS (frb/67DF)
age: 1341
etag: W/"03b3a6212cb4fbe535baf9e5004"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=10800
accept-ranges: bytes
content-length: 9473
expires: Thu, 26 Aug 2021 17:03:14 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 46ms
25ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2462719866673011

Requested by

Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db0036b2374adbe7d918022156b9ce51374aaa2741d9aa43062eb395cfeb2928

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ww1.sdsmanga.com
Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49969
x-xss-protection: 0
server: cafe
etag: 16663589297142999461
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 26 Aug 2021 14:03:14 GMT

GET
H3-29 200 Couverture_du_Chapitre_2-1-719x1024.png
ww1.sdsmanga.com/wp-content/uploads/2020/12/ 1 MB
1 MB 26ms
25ms Image
image/png 2606:4700:3036::ac43:9af9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww1.sdsmanga.com/wp-content/uploads/2020/12/Couverture_du_Chapitre_2-1-719x1024.png
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0e17dc7fbb41dd035a4b0bb0f3f3623ef3e234b993a212f6d1f92873aa221a8

Request headers

:path: /wp-content/uploads/2020/12/Couverture_du_Chapitre_2-1-719x1024.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ww1.sdsmanga.com
referer: https://ww1.sdsmanga.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 279663
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1416815
last-modified: Fri, 25 Dec 2020 20:03:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOmFYGngGrCNjLqD6WkIOwnYXWeu2C%2BuovCUCwvmYN5SU54YetEHb8A3O74048SXZz2SG5B4rsukMBx0Zfk7xb%2FRjCp5qyZToF%2Fli3dLqQDcGZvSCzqAEj20GAzVPowPnPna6HPu01ayxbIb%2FMFa"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 684d9a39fd1f4ec7-FRA
expires: Mon, 30 Aug 2021 08:22:11 GMT

GET
H3-29 200 Couverture_du_Chapitre_1-1-631x1024.png
ww1.sdsmanga.com/wp-content/uploads/2020/12/ 1 MB
1 MB 14ms
13ms Image
image/png 2606:4700:3036::ac43:9af9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww1.sdsmanga.com/wp-content/uploads/2020/12/Couverture_du_Chapitre_1-1-631x1024.png
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50ca6ed9f1be92b3ada7c2b0597866fb8a53090a4eb95fa6b17f332943e48e1b

Request headers

:path: /wp-content/uploads/2020/12/Couverture_du_Chapitre_1-1-631x1024.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ww1.sdsmanga.com
referer: https://ww1.sdsmanga.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 95963
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1065228
last-modified: Fri, 25 Dec 2020 20:03:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HG%2B8wr8BeSs0OFUJG31XSoBOlBhMlzbJbP%2BZDBxAmWLvPlIvl5p4ZhcBuujQEMHzJAUMiCiJ5%2FP9xvXb3bdrumDqFXywx4nXkXXLPdaLfBTL9DGBqpeOxOvQJMVAQ2qRmeRAR8k4mf2QIFRySTM2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 684d9a39fd204ec7-FRA
expires: Wed, 01 Sep 2021 11:23:51 GMT

GET
H3-29 200 keynav.js Show response
ww1.sdsmanga.com/wp-content/plugins/comic-easel/js/ 933 B
966 B 12ms
12ms Script
application/javascript 2606:4700:3036::ac43:9af9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1.sdsmanga.com/wp-content/plugins/comic-easel/js/keynav.js
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fbb60324ba018c58305566d35e4f580630b41aeb9bb737daef3314a6b100121

Request headers

:path: /wp-content/plugins/comic-easel/js/keynav.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ww1.sdsmanga.com
referer: https://ww1.sdsmanga.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 393555
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 18 Oct 2019 17:20:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pR4pPsHHzWY1Z5Ul6H5%2FfN%2Fg0uGTJzuHloYz1cSHZk1ZfQQf%2Bmi6QNudvwec1aJ9LrybuDWotjI1L3J625xVtB0d3mrZ%2Fo8%2BzvF7eClzi6xa97rxwts5IivC6ESLBKBX5T%2BkQ0cNJzRj4YXNTWOC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 684d9a390b514ec7-FRA
expires: Sun, 29 Aug 2021 00:43:58 GMT

GET
H3-29 200 responsive-nav.js Show response
ww1.sdsmanga.com/wp-content/themes/toivo-lite/js/ 19 KB
5 KB 12ms
12ms Script
application/javascript 2606:4700:3036::ac43:9af9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1.sdsmanga.com/wp-content/themes/toivo-lite/js/responsive-nav.js?ver=1.0.4
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4830ea2f15f8329f64ed5b8ee0f4d162ff9ba060f29b3700e863e30eeb3ddc3

Request headers

:path: /wp-content/themes/toivo-lite/js/responsive-nav.js?ver=1.0.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ww1.sdsmanga.com
referer: https://ww1.sdsmanga.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 393555
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 18 Oct 2019 17:20:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dj9jqW%2FiNkPOPFEhjCWkQ92su8pOWXSnlTajbwbD9BoMAlbncbbpwFJHYrRvvItJ8rBLDagOcmhYc8wca5OhjOEzmo7wORidtm7sdBd73hRDc93MDDfjA2q%2B836oPbAyZxF4O5xXEwWT9LWmgoBW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 684d9a391b754ec7-FRA
expires: Sun, 29 Aug 2021 00:43:59 GMT

GET
H3-29 200 settings.js Show response
ww1.sdsmanga.com/wp-content/themes/toivo-lite/js/ 3 KB
1 KB 13ms
13ms Script
application/javascript 2606:4700:3036::ac43:9af9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1.sdsmanga.com/wp-content/themes/toivo-lite/js/settings.js?ver=1.0.4
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48989643c50365f61cd0a19032957eb70490a3ce314d6c8be3d146c0ba3aac76

Request headers

:path: /wp-content/themes/toivo-lite/js/settings.js?ver=1.0.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ww1.sdsmanga.com
referer: https://ww1.sdsmanga.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 194525
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 18 Oct 2019 17:20:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3173%2F5cfhEaZjwWJ22WFFI0ry6rG0txrFDsdci%2BC3JU8O4j5QANKB55FbcKR2gSKL5%2Bt35m8Jk33RbLDm9MGnxvBlPdClrsfZ9HN8GyJY%2FOt8Qfp4F0RPCQLJV0%2BHCWlk2Wa0Na0StlTxEkNlqxW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 684d9a393b964ec7-FRA
expires: Tue, 31 Aug 2021 08:01:09 GMT

GET
H3-29 200 functions.js Show response
ww1.sdsmanga.com/wp-content/themes/toivo-lite/js/ 3 KB
2 KB 12ms
12ms Script
application/javascript 2606:4700:3036::ac43:9af9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1.sdsmanga.com/wp-content/themes/toivo-lite/js/functions.js?ver=1.0.4
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c33de5a9a75aa952fbca26788f0be0c39e855f078fb2350685c7329b2c6a1ac8

Request headers

:path: /wp-content/themes/toivo-lite/js/functions.js?ver=1.0.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ww1.sdsmanga.com
referer: https://ww1.sdsmanga.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 393555
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 18 Oct 2019 17:20:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LC42PO3ATBHsJmUBp6ggkroHYPT9cv54QBGqzh9IJM4IkiJKzXwUZFhqsohqDjtJILArlUUE2%2BzYNLa947FH5BQMeKpTeLAEQzqa5RaCfjGDI816TyxF5XpilfC9HmfTrdVcKQ%2BvjFXTPNos7WK%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 684d9a394bc24ec7-FRA
expires: Sun, 29 Aug 2021 00:43:59 GMT

GET
H3-29 200 wp-embed.min.js Show response
ww1.sdsmanga.com/wp-includes/js/ 1 KB
1 KB 12ms
12ms Script
application/javascript 2606:4700:3036::ac43:9af9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1.sdsmanga.com/wp-includes/js/wp-embed.min.js?ver=5.2.11
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.2.11
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ww1.sdsmanga.com
referer: https://ww1.sdsmanga.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 198307
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 15 Apr 2021 11:08:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsrdU680JctjIAttIx%2Bk7TsWJYJtpJNXW2BhP4vKagqt1ArvZ3Ji%2BwvHX7mqyYi2MTS%2BdHAy1I4dZkGuPo6S9a%2F1Dm6Hm0nX5zuubQz6wMGVO7Ym3bbpG3hbkQmyIisQrH1O3sMqBPYD9hUFtP8y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 684d9a395be74ec7-FRA
expires: Tue, 31 Aug 2021 06:58:06 GMT

GET
H3-29 200 / Show response
services.vlitag.com/uv/ 13 B
714 B 145ms
134ms XHR
application/json 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/uv/?page_url=https%3A%2F%2Fww1.sdsmanga.com%2F&mtk=16615

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=87436f72739d6fee74ffc3de10ceeb56

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 26 Aug 2021 14:03:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8lfNWr5VsT%2BBzGhFBp9FzjekwAIDZ%2Fiu8uRAmu%2FtjY7t8lLrzF5YHBEYmIbJDPl4py%2FUjykWl%2BTWeTmMTslkA625BIAk%2FxNf33S17yUoU8KcKeG%2FHv5Q%2BTxQfmg27%2B7PMiRNFTOAwTQ4h538k5sjWg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://ww1.sdsmanga.com
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 684d9a39cd514303-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 87436f72739d6fee74ffc3de10ceeb56.js Show response
tag.vlitag.com/v1/1629980993/ 505 KB
126 KB 37ms
36ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/v1/1629980993/87436f72739d6fee74ffc3de10ceeb56.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=87436f72739d6fee74ffc3de10ceeb56

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f98ce4c55a2454695668ab225a64a8506875d5a5faf283426fa5b4b0de8659a1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 602
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 13:53:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSRcNh%2BWo2msRu5KLVUe%2BP%2FB%2FYOBf%2FhQ8aM6O4KFQCiJrj8CvNvRX7j5ozdXYeOqgK42jkMKl4jiZfMLA%2B8wNe5jTccj5wfLW2ssz6ywINqO1TwTQWZ108UDlKwaPVELzjUW%2BF9gWXSfDBJJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-ray: 684d9a39fe6ad6e5-FRA
cf-bgj: minify

GET
H3-29 200 wp-emoji-release.min.js Show response
ww1.sdsmanga.com/wp-includes/js/ 13 KB
5 KB 65ms
64ms Script
application/javascript 2606:4700:3036::ac43:9af9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1.sdsmanga.com/wp-includes/js/wp-emoji-release.min.js?ver=5.2.11
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f04d3dd5603c6d02b1e77e3e89830a3a925fd9e576f70a319077d0648de8c7d4

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.2.11
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ww1.sdsmanga.com
referer: https://ww1.sdsmanga.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 389232
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 15 Apr 2021 11:08:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MSg%2BOLYkK4z4in6MuttQo88c69lPzewPnCWtxxzGjofKV3hXwLzOxb%2BHRfEgaXugoIo2MIj2Tb5eFNY58x%2FlwbUmxYEgG8orOLHce7n%2FxrUFI9w%2BEW%2BPiEP0tVJYNExBg8EpjLB8CfX4ftMEMZPt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 684d9a39fd214ec7-FRA
expires: Sun, 29 Aug 2021 01:56:02 GMT

GET
H/1.1 200
OK splash.php Show response
syndication.exdynsrv.com/ 5 KB
3 KB 504ms
84ms XHR
text/xml 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.exdynsrv.com/splash.php?idzone=3913800&cookieconsent=true
Requested by: Host: a.exdynsrv.com
URL: https://a.exdynsrv.com/video-slider.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1dead8fc067d4ad32444d772fa5dff184891e3f0c8a1ffdccaa15b123c5c7f9b

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 14:03:15 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://ww1.sdsmanga.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8

GET
H3-29 200 cropped-NnT_Monster_Strike_Collab.png
sdsmanga.com/wp-content/uploads/2020/12/ 3 MB
3 MB 17ms
17ms Image
image/png 2606:4700:3036::ac43:9af9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sdsmanga.com/wp-content/uploads/2020/12/cropped-NnT_Monster_Strike_Collab.png
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6e793a8f9395e4181208d01e9ac36b905e3ce6e48460b4318df8628dcebe82c

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 400812
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3090454
last-modified: Fri, 25 Dec 2020 19:41:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emuM6z9KgKIujiQvxrjC9dH6SCpPn%2BaQIawOdyjGoQzKKphqkciG8tCmIYvWgXD9D8rBKpywduwbI0KyCtIbiE%2BlV88DYVZtLoza8ldOVlTAJOkjgPzlHtd9W27A9GK3N3%2Bq4orrp8Omp2g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 684d9a39fd2d4ec7-FRA
expires: Sat, 28 Aug 2021 22:43:01 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CRaleway%3A400%2C600%2C500%2C700%2C800&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ww1.sdsmanga.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 00:32:51 GMT
x-content-type-options: nosniff
age: 221423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 00:32:51 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ 46 KB
46 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ww1.sdsmanga.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 04:51:08 GMT
x-content-type-options: nosniff
age: 33126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:30 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 04:51:08 GMT

GET
H2 200 S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v20/ 17 KB
17 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u_w4BMUTPHjxsI9w2_Gwft.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afdd5b03f94d18d31b86e4bdf19ad063f6917233f5605f2e4b34d055a2502b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ww1.sdsmanga.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 00:51:54 GMT
x-content-type-options: nosniff
age: 220280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17640
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 00:51:54 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ww1.sdsmanga.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 00:41:04 GMT
x-content-type-options: nosniff
age: 48130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 00:41:04 GMT

GET
H/1.0 404
Not Found ads.png
sender.best/ 0
0 606ms
139ms Image
text/html 2607:fad0:3801:4::1
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sender.best/ads.png
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:fad0:3801:4::1 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 S6uyw4BMUTPHjxAwXjeu.woff2
fonts.gstatic.com/s/lato/v20/ 5 KB
5 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjxAwXjeu.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b7ad361cce9dbab34c8fd714b379707d7aa40199bf90b90f9f19c7c1db5171b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ww1.sdsmanga.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 00:57:26 GMT
x-content-type-options: nosniff
age: 219948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5480
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:00 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 00:57:26 GMT

GET
H/1.1 200
OK splash.php Show response
syndication.exdynsrv.com/ 5 KB
3 KB 345ms
65ms XHR
text/xml 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.exdynsrv.com/splash.php?idzone=3913800&cookieconsent=true
Requested by: Host: a.exdynsrv.com
URL: https://a.exdynsrv.com/video-slider.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0b738cf726982eda86959ab4decde913a4ba6629f5ffccae8f65a8c8bd115451

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 14:03:15 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://ww1.sdsmanga.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8

GET
H2 200 popunder1000.js Show response
a.exdynsrv.com/ 94 KB
39 KB 6ms
6ms Script
application/javascript 2606:2800:234:4cc4:5670:35d5:1e00:b394
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://a.exdynsrv.com/popunder1000.js
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:4cc4:5670:35d5:1e00:b394 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: 569af0d58a2df0af2da77aaebaaf00b84c15334c5e9af0b77ba4c81a62db5d40

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
content-encoding: gzip
last-modified: Thu, 26 Aug 2021 13:40:32 GMT
server: ECS (frb/675D)
age: 1363
etag: W/"f744f0d2317398d07acc666b278"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=10800
accept-ranges: bytes
content-length: 40039
expires: Thu, 26 Aug 2021 17:03:15 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9ee01ee8903499cb90168df3d5de82fdcf4660511aa12e06207bca6ccfdf064

Request headers

Origin: https://ww1.sdsmanga.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129378113-16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1604
date: Thu, 26 Aug 2021 13:36:31 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 26 Aug 2021 15:36:31 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/ 252 KB
93 KB 48ms
34ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2462719866673011&plah=ww1.sdsmanga.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2462719866673011

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b0cdd883ba5aba9619606b07e5354d7a7d02c613f16304b2be6f14382142a7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95603
x-xss-protection: 0
server: cafe
etag: 14975429524352139583
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 26 Aug 2021 14:03:15 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210823/r20190131/ Frame 77F1 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210823/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2462719866673011

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210823/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ww1.sdsmanga.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ww1.sdsmanga.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 26 Aug 2021 13:24:41 GMT
expires: Thu, 09 Sep 2021 13:24:41 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 2314
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cmp-v2.0.1.js Show response
assets.vlitag.com/plugins/cmptcf2/ 267 KB
72 KB 33ms
25ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1629980993/87436f72739d6fee74ffc3de10ceeb56.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 146225
cf-polished: origSize=489839
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 29 Dec 2020 02:18:12 GMT
server: cloudflare
etag: W/"5fea91e4-7796f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CbxJwgIJkGVDWfVuFmVNv3QxFnihEZETzTyIpxNplaMDp%2FnzIGfD38fV6jKkyHWyHHj0rOeo5HXvv3pS7Jgu3lVzbcNc1n83k5zChXZbzUjikqEsovWTUDkKSepplHYAZsrJtH%2B86HHhhh6ZfLpp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 684d9a3cdad0d6e5-FRA
expires: Tue, 24 Aug 2021 21:56:10 GMT

GET
H2 200 prebid-v5.8.1.js Show response
assets.vlitag.com/prebid/default/ 453 KB
133 KB 46ms
39ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/prebid/default/prebid-v5.8.1.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1629980993/87436f72739d6fee74ffc3de10ceeb56.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32c10d35396f1f2cc090d0fb2df38b33e1a60acb4c29fd8577c636ff5767cbcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1057899
cf-polished: origSize=464441
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Sat, 14 Aug 2021 06:26:25 GMT
server: cloudflare
etag: W/"61176211-71639"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0nYpA51mAXU1jKTavX%2BHxP60iFUsneurSGkL8FLtC2%2BcGFANB3afEjnqGzp3UUj%2BYL4%2BYg5SDJs5JsZv8BiW5oCL2Hb5hLJaYqFuB0RUULSrdb1ojc5LCd6n%2FlR2B6NmGvmXgEJuyQ9jO0JQchdF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 684d9a3cdae2d6e5-FRA
expires: Sat, 14 Aug 2021 08:41:36 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 71 KB
25 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1629980993/87436f72739d6fee74ffc3de10ceeb56.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9436551304fec3a97d4625843e3245d05f790472e890a59feabe4e078c4af7d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "969 / 985 of 1000 / last-modified: 1629976410"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25227
x-xss-protection: 0
expires: Thu, 26 Aug 2021 14:03:15 GMT

GET
H2 200 viPlayer_v47.min.js Show response
assets.vlitag.com/plugins/vlPlayer/ 14 KB
5 KB 29ms
21ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/vlPlayer/viPlayer_v47.min.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1629980993/87436f72739d6fee74ffc3de10ceeb56.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

820940626c8b0ea4d61278c472b9f3f4b02358cbba4c85c0bb22c1d14584b806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20664
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Mon, 26 Jul 2021 08:09:01 GMT
server: cloudflare
etag: W/"60fe6d9d-3700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jcEUwPGG1Vemm99yjVOf205hf014wzbKBsHpqBGGkNrGkIZ0aZOtkc0NValZy0ZmvdLw1ayj9y%2FggxrsI0CB4xcjSaZqb2KJRlZcF%2FpYNaAdMFv1%2FPMXV5CnSjn6%2F8qogVBE4Leca94%2FBsZfOiwT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 684d9a3cdad8d6e5-FRA
expires: Thu, 26 Aug 2021 08:48:51 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 344 KB
119 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1629980993/87436f72739d6fee74ffc3de10ceeb56.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10bda34b2a767f9313bab5797a0a7733d0366cbece27caf11860de930fdc180c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121547
x-xss-protection: 0
expires: Thu, 26 Aug 2021 14:03:15 GMT

GET
H2 200 sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
17 KB 34ms
27ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1629980993/87436f72739d6fee74ffc3de10ceeb56.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 940897
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
etag: W/"5dbbbcf2-9806"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FJGw6g3eNEJtGS%2FhNg%2BFuV7Sdr7xJ0IA1RntRDT3m7p6mssBb5vzFie3wJCcDpBeYwcdFWFrkjzEnpN2VxZNGyzBU2jK89tfu17tTSZDgEbiESPZlTwgsSlV82fiz5tTktNQEIWLBSSzDY%2FoyD8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 684d9a3cdad5d6e5-FRA
expires: Sun, 15 Aug 2021 17:11:38 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=940542972&t=pageview&_s=1&dl=https%3A%2F%2Fww1.sdsmanga.com%2F&ul=en-us&de=UTF-8&dt=Read%20Seven%20Deadly%20Sins%20%7C%20Nanatsu%20no%20Taizai%20Manga%20Online%20In%20High-Quality&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1051608201&gjid=1049380208&cid=196200565.1629986595&tid=UA-129378113-16&_gid=1313008112.1629986595&_r=1&gtm=2ou8n0&z=2098958121

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 14:03:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ww1.sdsmanga.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content bc59eecf5893f7baaf1d49361c04128fd202c239.mp4
u3y8v8u3.ackcdn.net/library/702594/ 4 MB
0 31ms
9ms Media
video/mp4 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://u3y8v8u3.ackcdn.net/library/702594/bc59eecf5893f7baaf1d49361c04128fd202c239.mp4
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ww1.sdsmanga.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 26 Aug 2021 14:03:15 GMT
Last-Modified: Tue, 16 Mar 2021 16:15:13 GMT
Access-Control-Allow-Origin: *
ETag: "1615911313"
X-HW: 1629986595.dop017.fr8.t,1629986595.cds205.fr8.shn,1629986595.dop017.fr8.t,1629986595.cds137.fr8.c
Content-Type: video/mp4
Content-Range: bytes 0-4621109/4621110
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 4621110

GET
H2 200 pubads_impl_2021081901.js Show response
securepubads.g.doubleclick.net/gpt/ 331 KB
116 KB 199ms
74ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

50235ec9793a0ef9fa1e16fc5d47fdfd56f199b343586308c7cbec1e9937435a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 08:39:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118670
x-xss-protection: 0
expires: Thu, 26 Aug 2021 14:03:15 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 35 B
708 B 196ms
68ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ww1.sdsmanga.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

8b212c805c1df4fcd7fb7137e6b340679a138458f56350d0b8b740f75983f83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 26 Aug 2021 14:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51
x-xss-protection: 0
expires: Thu, 26 Aug 2021 14:03:15 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 20ms
6ms XHR
application/json 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210826

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.8.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2379f0dd51e35a8a91d784fe3f7c1080c2784eac7f1670c973f3bd6a954e26df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 38972
x-jsd-version: 1.0.1080
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 933
etag: W/"699-OT0BY8q6A84vpn57VEFpZvh1DDU"
x-served-by: cache-fra19157-FRA
x-jsd-version-type: version
date: Thu, 26 Aug 2021 14:03:15 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
632 B 318ms
294ms XHR
text/plain 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.8.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://ww1.sdsmanga.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UyNOXxJdhsmEpyNPk%2F%2FYCggbFC8Qv4MmlvMXV0EjPh9MHpVeM1yxU8prjxrVSDeTY8wfZ1wLtVhg7vHEYouQTtH%2FihOrSApZCE2HsCH6pGkdgb0IDuZFgb%2FFy7UTTumfc%2FbR8wueRsaYVq0Aj8Xmc3S%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 684d9a3e29192c52-FRA

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/ww1.sdsmanga.com/
Redirect Chain

https://ads.us.e-planning.net/pbjs/1/2c995/1/ww1.sdsmanga.com/ROS?rnd=0.7359052453319093&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fww1.sdsmanga.com%2F&pbv=5.8.0&ncb=1&vs=...
https://ads.us.e-planning.net/hb/1/2c995/1/ww1.sdsmanga.com/ROS?ct=1&r=pbjs&rnd=0.7359052453319093&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fww1.sdsmanga.com%2F&pbv=5.8.0...

325 B
742 B

56ms
55ms

XHR
application/json

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/ww1.sdsmanga.com/ROS?ct=1&r=pbjs&rnd=0.7359052453319093&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fww1.sdsmanga.com%2F&pbv=5.8.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fww1.sdsmanga.com%2F&gdpr=1&gdprcs=
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: e785c4337e570ac3aeb85f336fbdd3f42e0b7437c178ba2ea0997999d3a6bb0e

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://ww1.sdsmanga.com
expires: Thu, 26 Aug 2021 14:03:15 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 325
x-sid: AMS-743

Redirect headers

date: Thu, 26 Aug 2021 14:03:15 GMT
server: openresty
access-control-allow-origin: https://ww1.sdsmanga.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2c995/1/ww1.sdsmanga.com/ROS?ct=1&r=pbjs&rnd=0.7359052453319093&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fww1.sdsmanga.com%2F&pbv=5.8.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fww1.sdsmanga.com%2F&gdpr=1&gdprcs=
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-743

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
378 B 692ms
139ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.8.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ww1.sdsmanga.com
date: Thu, 26 Aug 2021 14:03:15 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 5
vary: origin, Accept-Encoding

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 144 B
833 B 307ms
184ms XHR
application/json 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.8.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

2d423bd39f0951f7ce33a0aa0aff5f661bd5b68a29f95a1bcda6faef77ac5725

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:15 GMT
X-Proxy-Origin: 86.106.103.117; 86.106.103.117; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid: 6cbec7f4-ae86-4329-a0f7-ce320c5681c0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ww1.sdsmanga.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
364 B 326ms
314ms XHR
text/plain 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.8.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://ww1.sdsmanga.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BeT%2Fn0ZNv0Wp2OnjOghqFsIX538z8MuLmM1Fjg4%2FLJQNNqBjgrKhyaySiOSLegrFfSpgw37Odi0gtEfO7NW5QENgdWH6kV%2FKYh%2B2MVaax%2F9ALhT2WjcHr2oWaTH3CG40V3cl9UYko6HezLEri8EaJj%2Fi"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 684d9a3e291c2c52-FRA

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/ww1.sdsmanga.com/
Redirect Chain

https://ads.us.e-planning.net/pbjs/1/2c995/1/ww1.sdsmanga.com/ROS?rnd=0.7359052453319093&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fww1.sdsmanga.com%2F&pbv=5.8.0&ncb=1&vs=...
https://ads.us.e-planning.net/hb/1/2c995/1/ww1.sdsmanga.com/ROS?ct=1&r=pbjs&rnd=0.7359052453319093&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fww1.sdsmanga.com%2F&pbv=5.8.0...

337 B
753 B

56ms
56ms

XHR
application/json

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/ww1.sdsmanga.com/ROS?ct=1&r=pbjs&rnd=0.7359052453319093&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fww1.sdsmanga.com%2F&pbv=5.8.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fww1.sdsmanga.com%2F&gdpr=1&gdprcs=
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: c0a96d49509db25d8784ae09e1488613a9899a26ad99807eb6d06d99670c2fb8

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://ww1.sdsmanga.com
expires: Thu, 26 Aug 2021 14:03:15 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 337
x-sid: AMS-743

Redirect headers

date: Thu, 26 Aug 2021 14:03:15 GMT
server: openresty
access-control-allow-origin: https://ww1.sdsmanga.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2c995/1/ww1.sdsmanga.com/ROS?ct=1&r=pbjs&rnd=0.7359052453319093&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fww1.sdsmanga.com%2F&pbv=5.8.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fww1.sdsmanga.com%2F&gdpr=1&gdprcs=
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-743

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 145 B
834 B 277ms
162ms XHR
application/json 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.8.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

abb31298217ecdfb4d86dc222223f698ee0e94ba28edea6471672f3bdce27d20

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:15 GMT
X-Proxy-Origin: 86.106.103.117; 86.106.103.117; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid: 93fe0a9d-7597-45b1-9825-a7e3d30a5906
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ww1.sdsmanga.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
236 B 704ms
162ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.8.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ww1.sdsmanga.com
date: Thu, 26 Aug 2021 14:03:15 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 28
vary: origin, Accept-Encoding

GET
H2 200 1596163502.jpg
assets.bilsyndication.com/widget/2020/07/30/ 104 KB
105 KB 39ms
20ms Image
image/webp 2606:4700:10::6816:1758
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bilsyndication.com/widget/2020/07/30/1596163502.jpg

Requested by

Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 216341
cf-polished: qual=85, origFmt=jpeg, origSize=140376
content-disposition: inline; filename="1596163502.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 106784
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Fri, 31 Jul 2020 02:45:02 GMT
server: cloudflare
etag: "5f2385ae-22458"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 24 Aug 2021 02:27:34 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 684d9a3e59c22c4a-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 1572962830.jpg
assets.vlitag.com/widget/2019/11/05/ 192 KB
192 KB 37ms
23ms Image
image/jpeg 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg

Requested by

Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 147176
cf-polished: degrade=85, origSize=227959, status=webp_bigger
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 196267
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 05 Nov 2019 14:07:11 GMT
server: cloudflare
etag: "5dc1820f-37a77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=maSDmMRsl1mbe%2F4Dedg6Iz9hywWphLH9IOy5Z65yUTT1Lg4Hn4WSNFbRXsi5hF2h6al1gIO1oiIitbbFUikVZXu%2FC9ktjrHqYykeWFAl4ZMIKyU4Qkc%2Fbi9UMk0sEuqpowDuPV9GcacBXFn5Pzza"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Tue, 24 Aug 2021 21:40:19 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 684d9a3e5d1d969e-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 1592801729.jpg
assets.vlitag.com/widget/2020/06/22/ 74 KB
74 KB 70ms
56ms Image
image/webp 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg

Requested by

Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 68464
cf-polished: qual=85, origFmt=jpeg, origSize=103053
content-disposition: inline; filename="1592801729.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 75514
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Mon, 22 Jun 2020 04:55:29 GMT
server: cloudflare
etag: "5ef039c1-1928d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikM%2FSjudcfW%2Fnm0OOOkFckxkt5GzXvh6GZh2hhCbWCcag%2F%2BtLJfj4Q02XtlI%2FmuP006%2BV%2BeJjupew%2B6uI%2BW40BF4ZzEnqUoUSaRP63uD86DskKiSwIBZCfCDWYKOIvJUDmjs062PGYzWdZaPQVQx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 25 Aug 2021 19:32:11 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 684d9a3e5d19969e-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 1596163502.jpg
assets.vlitag.com/widget/2020/07/30/ 104 KB
105 KB 42ms
29ms Image
image/webp 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2020/07/30/1596163502.jpg

Requested by

Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70030
cf-polished: qual=85, origFmt=jpeg, origSize=140376
content-disposition: inline; filename="1596163502.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 106784
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Fri, 31 Jul 2020 02:45:02 GMT
server: cloudflare
etag: "5f2385ae-22458"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XsOO9JTE6KDIt09f1colvrlV1vGjYpYP2G4KWl5QBHizNQ62%2BzeV2XXyRmKCLib7nEzf8X54i8JAMWa7lAZnaOBFpYlBMkGMrNFR5Wtc7dLwu26xbFDFtG7IZPRRQHGjzfInM5FWkwq%2B%2FZa8znbw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 25 Aug 2021 19:06:04 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 684d9a3e5d1a969e-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 1572962767.jpg
assets.vlitag.com/widget/2019/11/05/ 46 KB
47 KB 30ms
16ms Image
image/webp 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2019/11/05/1572962767.jpg

Requested by

Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94a1096d4ddd1232128b8a52859680031fd1aa9df3bec2a6e25e7cf4ffd95282

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67930
cf-polished: qual=85, origFmt=jpeg, origSize=78339
content-disposition: inline; filename="1572962767.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 47174
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 05 Nov 2019 14:06:07 GMT
server: cloudflare
etag: "5dc181cf-13203"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wp2ZgjghVr09sDcnL%2FsA6wujQ4dF85tPeyRaVqqDNTfUiMXpNCHkrigurA%2F1O41Mxu8ssMc5iz78LA6Xrzq%2BkSSw6juGjuYvRLw6%2FtckpSlE0VKy%2BxYYcKyEtWCIv%2BKTTEVkgq%2Fejf6kVBmLvnIB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 25 Aug 2021 19:41:05 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 684d9a3e5d1b969e-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 1572962788.jpg
assets.vlitag.com/widget/2019/11/05/ 83 KB
83 KB 58ms
46ms Image
image/webp 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2019/11/05/1572962788.jpg

Requested by

Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

268d81a69a9e1910b84cf74017fba73517adac9e466f83ba8f264da82e07e74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62419
cf-polished: qual=85, origFmt=jpeg, origSize=111413
content-disposition: inline; filename="1572962788.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 84586
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 05 Nov 2019 14:06:28 GMT
server: cloudflare
etag: "5dc181e4-1b335"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FDmXfzkAWVmby0OStrODeehnN1ol73jBj0rrE61%2Fwks8FZleex4aghNgeTvXOTQy4y8cMGXb%2Bybndqza6izO0Z1JYgfkjUj8coJKcR3A6Pott33PdVYBKlPTjW7C5YE4yJFqxcz8s6ZcdbOHxQp"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 25 Aug 2021 21:12:56 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 684d9a3e5d16969e-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 1592802620.jpg
assets.vlitag.com/widget/2020/06/22/ 177 KB
178 KB 51ms
39ms Image
image/webp 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2020/06/22/1592802620.jpg

Requested by

Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff17fae67a8461e89b15329dfc863d7c1f75dcc594b897d5cbcc1cc2a3323cfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61714
cf-polished: qual=85, origFmt=jpeg, origSize=210846
content-disposition: inline; filename="1592802620.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 181668
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Mon, 22 Jun 2020 05:10:21 GMT
server: cloudflare
etag: "5ef03d3d-3379e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4TogF2xha9KhUN%2Bu3V6vJRaXtgIIC3E0v6t18VAuuT%2F%2BlFWrqoD1yz1tIzxB7rxmcq1GCen1xrjef4onpmbWgy7%2B%2FQ%2FStHbQcw1ZMigQ37Hd%2FNDSCDRFjuketx2XUwN9QpiTFzgdsDimvnWFuYc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 25 Aug 2021 21:24:41 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 684d9a3e5d14969e-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 1592294784.jpg
assets.vlitag.com/widget/2020/06/16/ 20 KB
20 KB 63ms
51ms Image
image/webp 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2020/06/16/1592294784.jpg

Requested by

Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a9f4a4cc23bbe232be7f4ca796c9cf6f5edeabb85c1332a077df626c084cf4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 68424
cf-polished: qual=85, origFmt=jpeg, origSize=26122
content-disposition: inline; filename="1592294784.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 20188
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 16 Jun 2020 08:06:24 GMT
server: cloudflare
etag: "5ee87d80-660a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=275%2BySthZ6Wv9EIDBLwHKt%2BP6GKMAH7OeYxfOOE%2BsJg8JLQ9KovSWrlJmdjZDzYo56%2BhwS3TuzRr0P5Usk1z4AWyCUQvGZ9rEYIB3RwBGZ10oGLJ175drz1pnKc%2FY%2FKJIo9mGoXYL%2BGBIu56RMWr"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 25 Aug 2021 19:32:51 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 684d9a3e5d17969e-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 1572962870.jpg
assets.vlitag.com/widget/2019/11/05/ 107 KB
108 KB 64ms
52ms Image
image/webp 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2019/11/05/1572962870.jpg

Requested by

Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 69798
cf-polished: qual=85, origFmt=jpeg, origSize=151033
content-disposition: inline; filename="1572962870.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 109336
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 05 Nov 2019 14:07:50 GMT
server: cloudflare
etag: "5dc18236-24df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1f49F2PY2MZ0PjhrEDjPM472RqMUFmPX1BMbwoInp5%2BFLZUKnAvXFUaVP2EgTmyZivEMfOahrO2QuD0KfroktppVPR4GJUiE4wzt6kC9KxuSZ2BKwzXJVUmgIke3o2zfbi6xDoqEDRMYymk27y18"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 25 Aug 2021 19:09:57 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 684d9a3e5d18969e-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 vi-logo.svg
assets.vlitag.com/media/icon/ 11 KB
4 KB 47ms
47ms Image
image/svg+xml 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/media/icon/vi-logo.svg

Requested by

Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 975666
cf-ray: 684d9a3e8d27969e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Nov 2019 05:04:49 GMT
server: cloudflare
etag: W/"5dbbbcf1-2c34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=em6M5socV5al0CtKzRJcHY%2FelX1UCWDf%2FhOPHMArTkXW9nJLlSbEqvjj3bjvqM%2FJer%2BSx4Jzd31FoPi2dbwYIKTEZIFn1j22MbkFcUHfKbch2rlJlLFBr%2FXNJOhKmXDzqWO%2F704%2F1mB%2BtQXmiSt5"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=16070400
x-robots-tag: noindex, nofollow

GET
H3-29 200 vi-icon.svg
assets.vlitag.com/media/icon/ 3 KB
2 KB 47ms
47ms Image
image/svg+xml 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/media/icon/vi-icon.svg

Requested by

Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

647f43cd0cfdbafe354249e2c9831cc97c843fe0e44a726febdfb956bd1d25c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 146194
cf-ray: 684d9a3e8d28969e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Nov 2019 05:04:49 GMT
server: cloudflare
etag: W/"5dbbbcf1-dc6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JOl5ywbsB4LCuKO1bLZtjv%2FnnaWecxJ2VfW03MHm2rrEL3EEcqJFhm%2BhIL4rQ%2FMNUTSpqMynl830x%2F%2BEJ%2BLFPlprXjDR0VUmZ%2BkWO0X4bGPDLxeyXzfjRjeehJdsxB3nHFhD1ivJ2phLT0hbGRoB"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=16070400
x-robots-tag: noindex, nofollow

GET
H/1.1 200
OK vregister.php
syndication.exdynsrv.com/ 0
289 B 68ms
67ms Image
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://syndication.exdynsrv.com/vregister.php?a=vimp&tracking_event=impression&idzone=3913800&904f46813ae5d83a843d5a8599c8f9a2=tsVuZ8uHLjt4eNvLtq48PXDn649ddlTlK8E.fjtu48O27jw57uPHvramslrpwzPTB1wNxsSvWMPOZ9OOuqCtxd.aquViRzPCza9Btmf2yMSvMbmppNcDbDdrlNcFTlOffhy6.emuBuexmOCp9ynPt448vPPXA3VBW5n47duHbprgbxmlcz5.ePPxw4a4G2mK3HpqcM.vHvrgbaYknYgelz6c.XDzz8a4G7WKYGK4Jpc.nnn38eO_LXA3NVn04a4G2aZrqnKc.WuBtty2BpzPhrgbaYppgcpz4a4G4Kp8._TjrqsZz4a7WI7HM.O7gDt6657GY4Kn3KV6WK3M_HXXPYzHBU.5Su1ZTS5K1hmieBraYknYgelXasppclawzRPA1uXtPsSvOL1zLz2MxwVPuU58dbl7T7Erzi9cy8rld01MWfHWw2vXhO5nz463ZqZGK89cDcrld01MWfHW1NZLXTgvNTA9BKxHmemDrfrrnXvXdmpuYpbcbXdmpz1wNz0zN2NVrtMVuPTU4Z8eHLXPTA1BK8vJM25Hn01v11z1Z8ddTVLjkq9LlU0dlcE0ueuypyleBvPhrspjXfYqfz5eHOPBrz488mOHZ13xxZb49HOLXHpy48PLnPXBJPS5VVBNKvVWxXZVnw1wST0uVVQTSrwS2sRwNr0uMVTS58tdLjrlLlK9UFbi781VcrEjmd13HdU3VIxK8xuamk1sNsxzNRZ8NcDczrrlOfXpz4.NcDcbErcEry87DzmfHh04ceWty9xqyuCaVeuCRzPhu4cdcDbbFbDTktblOfLXA20xTTA5SvVNZS05nw1yzVNUwT158NcErUz0sFcy8kzbmfDXW5VWvJM25nw10uPQTSrvOTSsSOLwN58u3fn35ctc9M1.C9VbFdlWe3jrgbnYprlcpz4a2oK8F3nJpWJHF4G8.Xbvz78.GuVythqyCvBeema_BevCdzN.aquCV7XK5Ww1ZBXgvPTNfgu25U1TBPXBNLnbPLrYbZjmaiXtcpz1wST0uVVQTSrsRxrwS2sRwNr0uMVTS1Z8tdVjPLPhrqsZ558NdTVME9a9eE7meupqmCeteViRzPXU1TBPWva5TnrZpmuqcpXtcpz88tdtOfDXBLW5TKxHnw1yzLu2St1Z8NcDdLlU80tUFri8bGE1lefDXA3JZHXBjNK5nw12VOUrtMTzwSvZ8NdlTlK7TE88Ery7tLlFjkrWGfDW5IxBGvBVPnw122WQN58e3Lz58duvnrx7ceHTpw78u3Hl38u8ufXh34N664JHKq2JJ8.Pbl58.O3Xz11tTTRQONTS1OS158Y-
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 14:03:15 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
657 B 230ms
76ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ww1.sdsmanga.com&callback=_gfp_s_&client=ca-pub-2462719866673011

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2462719866673011&plah=ww1.sdsmanga.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e276ab7c471e65d36877c173f3417b1a0a690179557ea3edde45956fefbda2e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
463 B 45ms
26ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fww1.sdsmanga.com%2F&tn=DIV&id=exo_slider_3913800_PW&cls=exo_wrapper&ign=false&pw=1600&ph=1200&x=1575&y=1175

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 14:03:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 162ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ww1.sdsmanga.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 26 Aug 2021 14:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 163ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ww1.sdsmanga.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 26 Aug 2021 14:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 94C1 603 B
221 B 30ms
26ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&adk=1812271804&adf=3025194257&lmt=1629986595&plat=1%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fww1.sdsmanga.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=3&bdt=431&idt=313&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1103991354717&frm=20&pv=2&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=840

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&adk=1812271804&adf=3025194257&lmt=1629986595&plat=1%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fww1.sdsmanga.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=3&bdt=431&idt=313&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1103991354717&frm=20&pv=2&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=840
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ww1.sdsmanga.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ww1.sdsmanga.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 26 Aug 2021 14:03:16 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 26-Aug-2021 14:18:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 30ms
30ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210823&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66a478731d58490c85f2ad5bbfefae858dd936a82646c122e60338381cd39911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 26 Aug 2021 14:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8554
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f6048e026a358bcd25087b08a35840836764c0c3a97cd18569a0dab3263b7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:15 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629718286636491"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27620
x-xss-protection: 0
expires: Thu, 26 Aug 2021 14:03:15 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 29F9 98 KB
35 KB 309ms
307ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&h=280&slotname=3242898716&adk=670283550&adf=1359369005&pi=t.ma~as.3242898716&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.khlifat-info.xyz%2F2021%2F02%2Fpaypal.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=2&bdt=430&idt=331&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1103991354717&frm=20&pv=1&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&loc=https%3A%2F%2Fww1.sdsmanga.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oCIK0i7QnQ&p=https%3A//ww1.sdsmanga.com&dtd=851

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a1e09f64ce20c981de44a096593a15f985a928419b188b0098f59687760c546

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ6asqDtzvICFYzTEQgd7zcJ_A&gqi=JJ8nYYKyBaSW9u8Psqm64AI&layout=/sadbundle/%24csp%253Der3%24/15962325814773363846/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&h=280&slotname=3242898716&adk=670283550&adf=1359369005&pi=t.ma~as.3242898716&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.khlifat-info.xyz%2F2021%2F02%2Fpaypal.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=2&bdt=430&idt=331&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1103991354717&frm=20&pv=1&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&loc=https%3A%2F%2Fww1.sdsmanga.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oCIK0i7QnQ&p=https%3A//ww1.sdsmanga.com&dtd=851
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ww1.sdsmanga.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ww1.sdsmanga.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ6asqDtzvICFYzTEQgd7zcJ_A&gqi=JJ8nYYKyBaSW9u8Psqm64AI&layout=/sadbundle/%24csp%253Der3%24/15962325814773363846/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 26 Aug 2021 14:03:16 GMT
server: cafe
content-length: 35448
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 26-Aug-2021 14:18:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 26 Aug 2021 14:03:16 GMT
cache-control: private

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 27ms
27ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=tagging_dupdiv&b=1&dp=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2462719866673011

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 14:03:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2CB0 26 KB
11 KB 362ms
349ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&h=280&slotname=3242898716&adk=670283550&adf=2051377974&pi=t.ma~as.3242898716&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.khlifat-info.xyz%2F2021%2F02%2Fpaypal.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=2&bdt=431&idt=510&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1103991354717&frm=20&pv=1&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=24969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&loc=https%3A%2F%2Fww1.sdsmanga.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=4GVNNm5dQD&p=https%3A//ww1.sdsmanga.com&dtd=1032

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f6ab570e3bedc7c364c0430d659a20dafb00defc5830f2744ab251c8d17c3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&h=280&slotname=3242898716&adk=670283550&adf=2051377974&pi=t.ma~as.3242898716&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.khlifat-info.xyz%2F2021%2F02%2Fpaypal.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=2&bdt=431&idt=510&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1103991354717&frm=20&pv=1&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=24969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&loc=https%3A%2F%2Fww1.sdsmanga.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=4GVNNm5dQD&p=https%3A//ww1.sdsmanga.com&dtd=1032
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ww1.sdsmanga.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ww1.sdsmanga.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 26 Aug 2021 14:03:16 GMT
server: cafe
content-length: 10911
x-xss-protection: 0
set-cookie: IDE=AHWqTUn2cm_5igPq5XwTuhKFGkhmTFEhy1DPQqkfK6FslhTX0wr7U8XwcuOEFdnw8fc; expires=Tue, 20-Sep-2022 14:03:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 26 Aug 2021 14:03:16 GMT
cache-control: private

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 26 Aug 2021 14:03:16 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame CA47 12 KB
5 KB 23ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ww1.sdsmanga.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ww1.sdsmanga.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 26 Aug 2021 13:51:53 GMT
expires: Fri, 26 Aug 2022 13:51:53 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7F0E 783 B
815 B 18ms
15ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8b2fe7ec1a5f8afce34a67f956c9b3fb3fcb698171534b537f269efdfa4e1657

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-STB8DVzXWnxKhSMQ5tW/Uw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ww1.sdsmanga.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ww1.sdsmanga.com/

Response headers

expires: Thu, 26 Aug 2021 14:03:16 GMT
date: Thu, 26 Aug 2021 14:03:16 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-STB8DVzXWnxKhSMQ5tW/Uw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
tag.vlitag.com/passbacktarget/1629973848/ Frame D611 312 B
562 B 253ms
252ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/passbacktarget/1629973848/?t=iframe&pbID=7&d=16615&z=70499&divID=vi_1661570499_208&w=300&h=250

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1629980993/87436f72739d6fee74ffc3de10ceeb56.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c666a95fd3b0a4703d5241baee79ac60168d7467a66ac61e90a4618d52c80a60

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 26 Aug 2021 14:03:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZarjHpULsiRZZAr3SfmGxXUk6YZKj290%2B9ozZUuoAvOYRNJICblEToZ7ly43ZXfJ8jbyhEGZdAhR2nPapFEvNsVPwXyKpAoRrwQHTxmlhF%2BoyG4u2rQEucdaYAw1djQRlRMABUJ3mO2deyR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 684d9a42adbed6e5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 /
stats.vlitag.com/pi/ Frame D611 0
349 B 122ms
114ms Image
image/jpeg 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.vlitag.com/pi/?e=zdNeYAqwAAP-BUTT-PPtA-qyKY-YrAeTZtYtwAKRzNhqllwqe0RrNTUUTZRmNKAPaaRrtNRcsokty_orN
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1629980993/87436f72739d6fee74ffc3de10ceeb56.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZVzS6NfuY0%2BhrVXNPNZXKJRLdtRD2bL4QBpRs%2F%2B4DNgPwMcDEPHfwMEGizFwVpRWeF%2BMC%2Fwv5Z5Fesn%2FWfAuRTC1liFbilcMLY6T6SFfYfrS7G6nu%2FXPWRz8SOmI9i1tti%2Fr%2F5Qjsbeb1qcFFQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 684d9a42cdfad6e5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
px.vliplatform.com/bi/ 0
272 B 163ms
147ms Image
image/jpeg 2606:4700:21::681b:cf5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://px.vliplatform.com/bi/?e=zdNMKYByeMP-Zqqa-PUyB-MeyT-PAZPYqqZrKTyRrNTUUTZRmNKAPaaRrtNheRlmNBAAbYZARdzNwqfftkRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZARwlNjxqfzxdrtb,thsqffofu,qdb,qhhftbxlRwkNRswyNRws0N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SK%2BGUnHAasTzI4QUzvXtt35q9tCpeoRY%2FulP705kC3ePQinjvevKIIvAf5WYv76EuMY%2Bx96%2FwlAxDEnkG4XrPvOwR%2Febjbq0J61bVaFcfCgfZky5kLm0%2BzcY1%2B3Ws1uxad0NOdwpGhfoG44VUdVttA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 684d9a42cffc4e26-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
tag.vlitag.com/passbacktarget/1629973848/ Frame 636B 312 B
466 B 263ms
263ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/passbacktarget/1629973848/?t=iframe&pbID=7&d=16615&z=70499&divID=vi_1661570499_309&w=300&h=250

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1629980993/87436f72739d6fee74ffc3de10ceeb56.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c666a95fd3b0a4703d5241baee79ac60168d7467a66ac61e90a4618d52c80a60

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 26 Aug 2021 14:03:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRttMg6XWVgh5MqRjyf7RHmyKN44Hky5XyLgBrSrXlfVp3fJZiRksv1zjAX3LF9Oyjzq99v%2FlT70WOTic8FEbkrqlAyH6uIgFWj7mlRWLY586536aNhIlyxky3o5tfEI%2Fbe3n6tSWdRMuCv5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 684d9a42bdd6d6e5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 /
stats.vlitag.com/pi/ Frame 636B 0
259 B 118ms
118ms Image
image/jpeg 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.vlitag.com/pi/?e=zdNUPUrPBZt-PZZM-PTwP-ateU-UTatayeetBMeRzNhqllwqe0RrNTUUTZRmNKAPaaRrtNRcsokty_orN
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1629980993/87436f72739d6fee74ffc3de10ceeb56.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z82wN0jMWAnNWfziLbhH6InvwOGCZX900aBMXsDnbhrKS3M8T%2BQs4I9fvwALAD0ykVmFo2i3cw%2Fc1IqEbIHxt6ksO89BsDursh4jaiaTlXDJhEO2fbHhuIJmIIchU95sPtQIcbQB6PJnJHFpLF0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 684d9a42cdfcd6e5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
px.vliplatform.com/bi/ 0
594 B 148ms
138ms Image
image/jpeg 2606:4700:21::681b:cf5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://px.vliplatform.com/bi/?e=zdNqtUrKPqa-Uwqy-PATw-MrPK-aTYrPMeBqZyPRrNTUUTZRmNKAPaaRrtNheRlmNBAAbYZARdzNwqfftkRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZARwlNjxqfzxdrtb,thsqffofu,qdb,qhhftbxlRwkNRswyNRws0N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gETTJ7L3wTVmUZSMsA3eBvswLL10ISqGm0m9VcVbf4K8eUjqFmkakt95inntsGmNYxLPw0WcXPmQVhlio3cs3XFIcQ0PRtcCUyGeWNk%2FCVGW51JhKDfcGfV4aROr1S1kh95unX8e0MKr5JDpajlJrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 684d9a42c8014e26-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 09A4 101 KB
40 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-31

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1629980993/87436f72739d6fee74ffc3de10ceeb56.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d64d741f5b533b95f1a6be252ed3f5f89d79d4010d882a17126d18ba8509a868

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41134
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 26 Aug 2021 14:03:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame C9C7 101 KB
40 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-31

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1629980993/87436f72739d6fee74ffc3de10ceeb56.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6cfa689632d30700d433d2ce1aab495ef6ab7bdf5ffd6a143d683609982b7ca0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41133
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 26 Aug 2021 14:03:16 GMT

GET
H3-29 200 UDeKqTBFYaEY2ioWtDs_l49rHnl3Z0jd0o7HlKSj4tA.js Show response
pagead2.googlesyndication.com/bg/ Frame CA47 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UDeKqTBFYaEY2ioWtDs_l49rHnl3Z0jd0o7HlKSj4tA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50378aa9304561a118da2a16b43b3f978f6b1e79776748ddd28ec794a4a3e2d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 12:51:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13427
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 15:08:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Aug 2022 12:51:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 09A4 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-31

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1605
date: Thu, 26 Aug 2021 13:36:31 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 26 Aug 2021 15:36:31 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame C9C7 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-31

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1605
date: Thu, 26 Aug 2021 13:36:31 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 26 Aug 2021 15:36:31 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ Frame 09A4 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=151429258&t=pageview&_s=1&dl=https%3A%2F%2Fww1.sdsmanga.com%2F&ul=en-us&de=UTF-8&dt=noBid_sdsmanga.com_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=sdsmanga.com&cm=noBid&cc=Default&_u=YEBAAUABAAAAAC~&jid=369250584&gjid=1161554868&cid=1528272204.1629986596&tid=UA-128776493-31&_gid=387057643.1629986596&_r=1&gtm=2ou8n0&z=302719662

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 14:03:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ww1.sdsmanga.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ Frame C9C7 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1257429601&t=pageview&_s=1&dl=https%3A%2F%2Fww1.sdsmanga.com%2F&ul=en-us&de=UTF-8&dt=noBid_sdsmanga.com_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=sdsmanga.com&cm=noBid&cc=Default&_u=QACAAUAB~&jid=&gjid=&cid=1528272204.1629986596&tid=UA-128776493-31&_gid=387057643.1629986596&gtm=2ou8n0&z=1875324640

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 17:30:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73940
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210823/r20110914/ Frame 29F9 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210823/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&h=280&slotname=3242898716&adk=670283550&adf=1359369005&pi=t.ma~as.3242898716&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.khlifat-info.xyz%2F2021%2F02%2Fpaypal.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=2&bdt=430&idt=331&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1103991354717&frm=20&pv=1&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&loc=https%3A%2F%2Fww1.sdsmanga.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oCIK0i7QnQ&p=https%3A//ww1.sdsmanga.com&dtd=851

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 13:54:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Sep 2021 13:54:22 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210823/r20110914/client/ Frame 29F9 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210823/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 13:59:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Sep 2021 13:59:28 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 29F9 124 KB
37 KB 5100ms
5086ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629718280506303"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38186
x-xss-protection: 0
expires: Thu, 26 Aug 2021 14:03:21 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210823/r20110914/client/ Frame 29F9 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210823/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbb80dcea54f7729198af5e295a98e3cacc3a66a7c308cda48625042944170b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:01:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6213
x-xss-protection: 0
server: cafe
etag: 5878208181763659450
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Sep 2021 14:01:15 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/ Frame 64E1 138 KB
23 KB 8ms
8ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dafd8a27206f9d906a4cfaffdb22befc8c06eec3bc49410159c4449c981ca7af

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/15962325814773363846/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 24 Aug 2021 18:48:13 GMT
expires: Wed, 24 Aug 2022 18:48:13 GMT
last-modified: Thu, 01 Jul 2021 21:16:05 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 23924
age: 155703
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 29F9 0
0 32ms
31ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CU-rLJJ8nYZ74BYynx_AP7--k4A-A3uK6ZMuy57SrDsCNtwEQASDOh-t-YJUCoAGEocmoAsgBCakCUkvUsKnBsz6oAwHIA0iqBP0BT9Co-MiT6hmKGfHCPIIQkXScS-FJI__Mscoz9WG36Dyd_ZzcXpNlZyHA6N1rd_KaMafI3h3BiM-sXE_dsOk_GsWjrgE4ICfWFqPv0ybVckigNsfInmzD9UxYpMPbzh_yU9Wjj1rfFglzSWEOyZmg0wisKjOzztnytq_XTmKIFCa4Gf9sIqZBAoKGcqPa-WyNVp6St2lzloUTZ_Qp9HCcoawYyn3210uyBN5-nedmujTvLPw4kVS8zKcuGyii9b7LXbIGu0SPF5ieN9trgWg4vH_qPnB9-MEkjLVk_fUU6l0n5Ee6QMGfRYmynnJMM-8PusXgbwAohcXehxrF3cAEr4aZisoDoAYugAfk3rbXAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQ_4YD0ggJCIDhgBAQARgfgAoByAsB2BMD0BUBgBcBshccChoIABIUcHViLTI0NjI3MTk4NjY2NzMwMTEYAA&sigh=FbWPh-GrBAM&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&h=280&slotname=3242898716&adk=670283550&adf=1359369005&pi=t.ma~as.3242898716&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.khlifat-info.xyz%2F2021%2F02%2Fpaypal.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=2&bdt=430&idt=331&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1103991354717&frm=20&pv=1&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&loc=https%3A%2F%2Fww1.sdsmanga.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oCIK0i7QnQ&p=https%3A//ww1.sdsmanga.com&dtd=851
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 26 Aug 2021 14:03:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 26 Aug 2021 14:03:16 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C539 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&h=280&slotname=3242898716&adk=670283550&adf=1359369005&pi=t.ma~as.3242898716&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.khlifat-info.xyz%2F2021%2F02%2Fpaypal.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=2&bdt=430&idt=331&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1103991354717&frm=20&pv=1&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&loc=https%3A%2F%2Fww1.sdsmanga.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oCIK0i7QnQ&p=https%3A//ww1.sdsmanga.com&dtd=851
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&h=280&slotname=3242898716&adk=670283550&adf=1359369005&pi=t.ma~as.3242898716&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.khlifat-info.xyz%2F2021%2F02%2Fpaypal.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=2&bdt=430&idt=331&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1103991354717&frm=20&pv=1&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&loc=https%3A%2F%2Fww1.sdsmanga.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oCIK0i7QnQ&p=https%3A//ww1.sdsmanga.com&dtd=851

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 26 Aug 2021 13:52:34 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ Frame 64E1 2 KB
699 B 14ms
13ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Shadows+Into+Light:regular|Roboto:regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3fafea190edc10f13a86733d072a866b434b4d3bcbe56664532db6b19c4e7322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 13:57:16 GMT
server: ESF
date: Thu, 26 Aug 2021 14:03:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 Aug 2021 14:03:16 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 64E1 16 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 01:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 27 Aug 2021 01:12:52 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 64E1 26 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 20:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62867
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 26 Aug 2021 20:35:29 GMT

GET
H3-29 404 null
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/ Frame 64E1 43 B
63 B 126ms
125ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/null

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:16 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Thu, 26 Aug 2021 14:03:16 GMT

GET
H2 200 UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2
fonts.gstatic.com/s/shadowsintolight/v10/ Frame 64E1 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/shadowsintolight/v10/UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Shadows+Into+Light:regular|Roboto:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7106ac4056a90e6943627d4c041fca5fc4b60312211715a455f5dddf29bf108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 18:57:18 GMT
x-content-type-options: nosniff
age: 155158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16288
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 03:51:13 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 18:57:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 64E1 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Shadows+Into+Light:regular|Roboto:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 04:09:29 GMT
x-content-type-options: nosniff
age: 35627
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 04:09:29 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C539
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

16ms
16ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn2cm_5igPq5XwTuhKFGkhmTFEhy1DPQqkfK6FslhTX0wr7U8XwcuOEFdnw8fc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 26 Aug 2021 14:03:16 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 26-Aug-2021 15:03:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 26 Aug 2021 14:03:16 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 26 Aug 2021 14:03:16 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bn.php Show response
worldstatistics.live/ Frame C9EC 498 B
882 B 178ms
159ms Document
text/html 2606:4700:3037::ac43:c79d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worldstatistics.live/bn.php?size=300x250
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/passbacktarget/1629973848/?t=iframe&pbID=7&d=16615&z=70499&divID=vi_1661570499_208&w=300&h=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.24
Resource Hash: 30b410b83af8676ba33a86cce11abe9db8e5c660b3ec379502ceb32cc014ccb7

Request headers

:method: GET
:authority: worldstatistics.live
:scheme: https
:path: /bn.php?size=300x250
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ww1.sdsmanga.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ww1.sdsmanga.com/

Response headers

date: Thu, 26 Aug 2021 14:03:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.24
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=He8riU7F8VTG%2Bq%2BB6dSxDhvhIwcuduV9V1kuSsGDuW6SU1p4BtJC1qb8D9%2FEfd9r1%2F9He3ECzxj9VNpBHn2t2JoV5v6EnrbE507Q9iclK%2FVc%2BXd%2BzZ9hoKFDLc6y5tv1a6WlKi%2FHtX4%2B3D8uQ2HaO8LlcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 684d9a446f0c4e14-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame D0F7 0
0 31ms
30ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4bhkJJ8nYcyKCof57gPt97BIkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNDYyNzE5ODY2NjczMDExoAHCrujdA8gBCakCFAPOzLa7sz6oAwGqBOYBT9AKNZWUaIK1IJKDEWI2qaa4Yxpg2tscYnapDVpkTlF4r-oeV2ZByAqEDACDpAH5xw6uq2sKaJyTS_FEuKV7na5Xlz8BW8IM60edor6QB6dpGi11hiTXtGnLTbHdeGd-ObY0fZ_wqxoi34uYYjB9R6wBY8ANOu30ItKKZuVU6pgEoyqWGt49U2-3dTjU8m3Lxuow2Y3AsQf_7-8Tgk-H5tTBbxbww3jS3-iWySSWU1Y04TTvlPua-_VvDrRxj15S32XFTd99pd_sEfdpHyy5pjK3I9seaMrFP1M0Kh_NkYjMWGdjEtmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yNDYyNzE5ODY2NjczMDExGAA&sigh=HQiT5H965S0

Requested by

Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&h=280&slotname=3242898716&adk=670283550&adf=2051377974&pi=t.ma~as.3242898716&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.khlifat-info.xyz%2F2021%2F02%2Fpaypal.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=2&bdt=431&idt=510&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1103991354717&frm=20&pv=1&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=24969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&loc=https%3A%2F%2Fww1.sdsmanga.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=4GVNNm5dQD&p=https%3A//ww1.sdsmanga.com&dtd=1032
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 26 Aug 2021 14:03:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame D0F7 0
0 37ms
16ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hjvy0q20bf7p37a21e9maray371tz8shd8a8fc9fyt5qtgejm2bse0d8dk00127av9k2fvx25behwxhs8db6xck5qa6sca2dyfmwa7jex45f8vesp5a2n0jm9twzcnp8tvk3gm1zvfr4s53pknc7s22y2aajmq0h37gjwg6vvwpn9a5ebef73ts17qqqvsykkdp64j9g97yfa5wnhef16nd3qn6ectm5m5tv42yjggmd4t2b7gz38xjqzktvdyc2w04g18xd0my6zbg467hcy19gxzg29h0kxmh5ankpv4fvkbvg29jkcgnt8t0jr7jxy1e8n3bcs4s9056hpe619h7r68bc16t8jevbrf6e4cz81tb2b4h2tm15ty4ak87p97m9p9dyw&b=YSefJAAChUwKe7yHAAw77bBtNofNzZVQt7Wt5w
Requested by: Host: ww1.sdsmanga.com
URL: https://ww1.sdsmanga.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 26 Aug 2021 14:03:16 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame 16DF 2 KB
2 KB 41ms
23ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1gapevzq5mseczk0sd5y4b999jdcjtnf3qh3agpxw1qqms6a7ac6jqg004cwxtskhnsq9bddd4rhp21ypaxvwse87az5kyqspgx4ym824rv4tcqd4bh6egjc82z5e8zymdvmxjvessksrs3h4chtjkq3gmcnndqfwjhc58zb9a8kkmrnf5pqxcc2jyrc54bv95mzxff8f0qe02ze1de2dezstfk4gea0rbx1j2whxj9a4fsyhg0j23s5w6j83p0vzevbj2rq54sv0t340hqgmmw29tx014v2xar8y64zr018xh19tekkb8qpwcgp0h04y46y4vbxckxja56vj06wbk9antpxhy20tgeny6txbg36gvd739x8a98w3gnqefr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiT64JJ8nYcyKCof57gPt97BIkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNDYyNzE5ODY2NjczMDExoAHCrujdA8gBCakCFAPOzLa7sz6oAwGqBOkBT9AKNZWUaIK1IJKDEWI2qaa4Yxpg2tscYnapDVpkTlF4r-oeV2ZByAqEDACDpAH5xw6uq2sKaJyTS_FEuKV7na5Xlz8BW8IM60edor6QB6dpGi11hiTXtGnLTbHdeGd-ObY0fZ_wqxoi34uYYjB9R6wBY8ANOu30ItKKZuVU6pgEoyqWGt49U2-3dTjU8m3Lxuow2Y3AsQf_7-8Tgk-H5tTBbxbww3jS3-iWySSWU1Y04TTvlPua-_VvDrRxj15S32XFTd99pd_sEfdpHyy5pjK3I9tcasdX6IazatdK2R4WEfWRK80T7SmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3MgjdMEa06PQXwrVaumR_WGtOBzQ%26client%3Dca-pub-2462719866673011%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&h=280&slotname=3242898716&adk=670283550&adf=2051377974&pi=t.ma~as.3242898716&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.khlifat-info.xyz%2F2021%2F02%2Fpaypal.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=2&bdt=431&idt=510&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1103991354717&frm=20&pv=1&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=24969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&loc=https%3A%2F%2Fww1.sdsmanga.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=4GVNNm5dQD&p=https%3A//ww1.sdsmanga.com&dtd=1032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b32c0e1e7e7d36f50202fbae4e83981051a9b0b13a2dca251e66f4fcf298a23

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1gapevzq5mseczk0sd5y4b999jdcjtnf3qh3agpxw1qqms6a7ac6jqg004cwxtskhnsq9bddd4rhp21ypaxvwse87az5kyqspgx4ym824rv4tcqd4bh6egjc82z5e8zymdvmxjvessksrs3h4chtjkq3gmcnndqfwjhc58zb9a8kkmrnf5pqxcc2jyrc54bv95mzxff8f0qe02ze1de2dezstfk4gea0rbx1j2whxj9a4fsyhg0j23s5w6j83p0vzevbj2rq54sv0t340hqgmmw29tx014v2xar8y64zr018xh19tekkb8qpwcgp0h04y46y4vbxckxja56vj06wbk9antpxhy20tgeny6txbg36gvd739x8a98w3gnqefr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiT64JJ8nYcyKCof57gPt97BIkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNDYyNzE5ODY2NjczMDExoAHCrujdA8gBCakCFAPOzLa7sz6oAwGqBOkBT9AKNZWUaIK1IJKDEWI2qaa4Yxpg2tscYnapDVpkTlF4r-oeV2ZByAqEDACDpAH5xw6uq2sKaJyTS_FEuKV7na5Xlz8BW8IM60edor6QB6dpGi11hiTXtGnLTbHdeGd-ObY0fZ_wqxoi34uYYjB9R6wBY8ANOu30ItKKZuVU6pgEoyqWGt49U2-3dTjU8m3Lxuow2Y3AsQf_7-8Tgk-H5tTBbxbww3jS3-iWySSWU1Y04TTvlPua-_VvDrRxj15S32XFTd99pd_sEfdpHyy5pjK3I9tcasdX6IazatdK2R4WEfWRK80T7SmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3MgjdMEa06PQXwrVaumR_WGtOBzQ%26client%3Dca-pub-2462719866673011%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Thu, 26 Aug 2021 14:03:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7b12
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 684d9a447a5d4a6e-FRA
content-encoding: br

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210823/r20110914/client/ Frame D0F7 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210823/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&h=280&slotname=3242898716&adk=670283550&adf=2051377974&pi=t.ma~as.3242898716&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.khlifat-info.xyz%2F2021%2F02%2Fpaypal.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=2&bdt=431&idt=510&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1103991354717&frm=20&pv=1&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=24969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&loc=https%3A%2F%2Fww1.sdsmanga.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=4GVNNm5dQD&p=https%3A//ww1.sdsmanga.com&dtd=1032

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 13:59:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Sep 2021 13:59:28 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4752 1 KB
749 B 9ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&h=280&slotname=3242898716&adk=670283550&adf=2051377974&pi=t.ma~as.3242898716&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.khlifat-info.xyz%2F2021%2F02%2Fpaypal.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=2&bdt=431&idt=510&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1103991354717&frm=20&pv=1&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=24969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&loc=https%3A%2F%2Fww1.sdsmanga.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=4GVNNm5dQD&p=https%3A//ww1.sdsmanga.com&dtd=1032

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 26 Aug 2021 03:09:05 GMT
expires: Fri, 27 Aug 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 39251
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D0F7 124 KB
37 KB 4973ms
4972ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&h=280&slotname=3242898716&adk=670283550&adf=2051377974&pi=t.ma~as.3242898716&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.khlifat-info.xyz%2F2021%2F02%2Fpaypal.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=2&bdt=431&idt=510&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1103991354717&frm=20&pv=1&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=24969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&loc=https%3A%2F%2Fww1.sdsmanga.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=4GVNNm5dQD&p=https%3A//ww1.sdsmanga.com&dtd=1032

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629718280506303"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38186
x-xss-protection: 0
expires: Thu, 26 Aug 2021 14:03:21 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210823/r20110914/client/ Frame D0F7 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210823/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&h=280&slotname=3242898716&adk=670283550&adf=2051377974&pi=t.ma~as.3242898716&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.khlifat-info.xyz%2F2021%2F02%2Fpaypal.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=2&bdt=431&idt=510&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1103991354717&frm=20&pv=1&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=24969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&loc=https%3A%2F%2Fww1.sdsmanga.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=4GVNNm5dQD&p=https%3A//ww1.sdsmanga.com&dtd=1032

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbb80dcea54f7729198af5e295a98e3cacc3a66a7c308cda48625042944170b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:01:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6213
x-xss-protection: 0
server: cafe
etag: 5878208181763659450
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Sep 2021 14:01:15 GMT

GET
H2 200 bn.php Show response
worldstatistics.live/ Frame 7CDD 498 B
557 B 168ms
168ms Document
text/html 2606:4700:3037::ac43:c79d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worldstatistics.live/bn.php?size=300x250
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/passbacktarget/1629973848/?t=iframe&pbID=7&d=16615&z=70499&divID=vi_1661570499_309&w=300&h=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.24
Resource Hash: 30b410b83af8676ba33a86cce11abe9db8e5c660b3ec379502ceb32cc014ccb7

Request headers

:method: GET
:authority: worldstatistics.live
:scheme: https
:path: /bn.php?size=300x250
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ww1.sdsmanga.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ww1.sdsmanga.com/

Response headers

date: Thu, 26 Aug 2021 14:03:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.24
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2FfkLYKvuDEWEsBqdpYslZ3EgXmQSzE0LjjjpxlgZ2PiBJ3eQ9YtScFIt3Aar3FxeDPRYdDbkEouW1yj1UttArAQIp8%2Ba5%2BITGhWtG5sLBVrj9DvQ5ZNN3th2%2FCaTbtx5w%2BON%2Fk7Av9CV0uY2OONwv6MDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 684d9a448f4d4e14-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4752 35 B
464 B 28ms
8ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIu_gDiNEeDdqFer6AW8jAY&google_cver=1&google_push=AYg5qPK0AOJRqaEE7KFsJ4RCfYyrPRH2zz6hHCAebuaXKbSaYtEVB0rn1LcRHZBC7TlCmWlSRCcW2bycCU1MAm_km1xCdaJcVl7t

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&h=280&slotname=3242898716&adk=670283550&adf=2051377974&pi=t.ma~as.3242898716&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.khlifat-info.xyz%2F2021%2F02%2Fpaypal.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=2&bdt=431&idt=510&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1103991354717&frm=20&pv=1&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=24969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&loc=https%3A%2F%2Fww1.sdsmanga.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=4GVNNm5dQD&p=https%3A//ww1.sdsmanga.com&dtd=1032

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 14:03:16 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4752
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEDLFxRTrvj1ZHkrXkERg_KQ&google_cver=1&google_push=AYg5qPJ_Guu7cdycfWUa_k5jtT-oICyDqdIaTGPMh4iUQ3izkaD71ff6NQv2fR33XN5a3davIGCuWD_Hv3Av6gplnZVwOSbOheSNvQ
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJ_Guu7cdycfWUa_k5jtT-oICyDqdIaTGPMh4iUQ3izkaD71ff6NQv2fR33XN5a3davIGCuWD_Hv3Av6gplnZVwOSbOheSNvQ&google_hm=Q0FFU0VETEZ4UlRydmo...
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJ_Guu7cdycfWUa_k5jtT-oICyDqdIaTGPMh4iUQ3izkaD71ff6NQv2fR33XN5a3davIGCuWD_Hv3Av6gplnZVwOSbOheSNvQ&google_hm=Q0FFU0VETEZ4UlRydmo...

170 B
188 B

74ms
74ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJ_Guu7cdycfWUa_k5jtT-oICyDqdIaTGPMh4iUQ3izkaD71ff6NQv2fR33XN5a3davIGCuWD_Hv3Av6gplnZVwOSbOheSNvQ&google_hm=Q0FFU0VETEZ4UlRydmoxWkhrclhrRVJnX0tR&google_tc=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&h=280&slotname=3242898716&adk=670283550&adf=2051377974&pi=t.ma~as.3242898716&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.khlifat-info.xyz%2F2021%2F02%2Fpaypal.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=2&bdt=431&idt=510&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1103991354717&frm=20&pv=1&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=24969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&loc=https%3A%2F%2Fww1.sdsmanga.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=4GVNNm5dQD&p=https%3A//ww1.sdsmanga.com&dtd=1032

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 14:03:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 26 Aug 2021 14:03:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJ_Guu7cdycfWUa_k5jtT-oICyDqdIaTGPMh4iUQ3izkaD71ff6NQv2fR33XN5a3davIGCuWD_Hv3Av6gplnZVwOSbOheSNvQ&google_hm=Q0FFU0VETEZ4UlRydmoxWkhrclhrRVJnX0tR&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 434
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4752
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJDOIaa...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJDOIaa...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MjYxNDAzMTcwMDAxNTM1NDE3OTA2MQ%3D%3D&google_push=AYg5qPJDOIaap6cp6VFePHXlKC0Q_DnMOc3eX8A394mM5vy2M7MUspHCwoGhMMxJHsRsUH...

170 B
188 B

68ms
68ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MjYxNDAzMTcwMDAxNTM1NDE3OTA2MQ%3D%3D&google_push=AYg5qPJDOIaap6cp6VFePHXlKC0Q_DnMOc3eX8A394mM5vy2M7MUspHCwoGhMMxJHsRsUHz0ErcsAyFLDNmFveNGOjL__-9o6t7_DQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&h=280&slotname=3242898716&adk=670283550&adf=2051377974&pi=t.ma~as.3242898716&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.khlifat-info.xyz%2F2021%2F02%2Fpaypal.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=2&bdt=431&idt=510&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1103991354717&frm=20&pv=1&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=24969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&loc=https%3A%2F%2Fww1.sdsmanga.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=4GVNNm5dQD&p=https%3A//ww1.sdsmanga.com&dtd=1032

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 14:03:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MjYxNDAzMTcwMDAxNTM1NDE3OTA2MQ%3D%3D&google_push=AYg5qPJDOIaap6cp6VFePHXlKC0Q_DnMOc3eX8A394mM5vy2M7MUspHCwoGhMMxJHsRsUHz0ErcsAyFLDNmFveNGOjL__-9o6t7_DQ
pragma: no-cache
date: Thu, 26 Aug 2021 14:03:17 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Thu, 26 Aug 2021 14:03:17 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4752
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEEi2SSuBJyb7ZgxrUxJ8sZk&google_cver=1&google_push=AYg5qPKq1Ibh37bDXaEHE8MrK-PbC2kSu74HQ_xOEi1fGLEPsSh-RDFccC9Zl0X2VkSyOSnM_qRpgKlgqNfhGg40G8DRLmvZYOSB
https://rtb.openx.net/sync/dds?google_gid=CAESEEi2SSuBJyb7ZgxrUxJ8sZk&google_cver=1&google_push=AYg5qPKq1Ibh37bDXaEHE8MrK-PbC2kSu74HQ_xOEi1fGLEPsSh-RDFccC9Zl0X2VkSyOSnM_qRpgKlgqNfhGg40G8DRLmvZYOSB&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKq1Ibh37bDXaEHE8MrK-PbC2kSu74HQ_xOEi1fGLEPsSh-RDFccC9Zl0X2VkSyOSnM_qRpgKlgqNfhGg40G8DRLmvZYOSB&google_hm=ymbccMzuxU4EXAvd069-2Q==
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKq1Ibh37bDXaEHE8MrK-PbC2kSu74HQ_xOEi1fGLEPsSh-RDFccC9Zl0X2VkSyOSnM_qRpgKlgqNfhGg40G8DRLmvZYOSB&google_hm=ymbccMzuxU4EXAvd069-2Q=...

170 B
188 B

74ms
74ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKq1Ibh37bDXaEHE8MrK-PbC2kSu74HQ_xOEi1fGLEPsSh-RDFccC9Zl0X2VkSyOSnM_qRpgKlgqNfhGg40G8DRLmvZYOSB&google_hm=ymbccMzuxU4EXAvd069-2Q==&google_tc=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&h=280&slotname=3242898716&adk=670283550&adf=2051377974&pi=t.ma~as.3242898716&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.khlifat-info.xyz%2F2021%2F02%2Fpaypal.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=2&bdt=431&idt=510&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1103991354717&frm=20&pv=1&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=24969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&loc=https%3A%2F%2Fww1.sdsmanga.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=4GVNNm5dQD&p=https%3A//ww1.sdsmanga.com&dtd=1032

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 14:03:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 26 Aug 2021 14:03:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKq1Ibh37bDXaEHE8MrK-PbC2kSu74HQ_xOEi1fGLEPsSh-RDFccC9Zl0X2VkSyOSnM_qRpgKlgqNfhGg40G8DRLmvZYOSB&google_hm=ymbccMzuxU4EXAvd069-2Q==&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 418
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4752
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cdbMIJI8T3ekytfPG9OAQQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

76ms
75ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cdbMIJI8T3ekytfPG9OAQQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLI5K-CgcPdtUw7raq-vFOlgCPPY1V11RVRzgwR7cAaUxmVvg3QpejJnHPgihXFvAThA6Fg1caq0ObhatewNg5uDnGLuYIN3A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&h=280&slotname=3242898716&adk=670283550&adf=2051377974&pi=t.ma~as.3242898716&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.khlifat-info.xyz%2F2021%2F02%2Fpaypal.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=2&bdt=431&idt=510&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1103991354717&frm=20&pv=1&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=24969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&loc=https%3A%2F%2Fww1.sdsmanga.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=4GVNNm5dQD&p=https%3A//ww1.sdsmanga.com&dtd=1032

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 14:03:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cdbMIJI8T3ekytfPG9OAQQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLI5K-CgcPdtUw7raq-vFOlgCPPY1V11RVRzgwR7cAaUxmVvg3QpejJnHPgihXFvAThA6Fg1caq0ObhatewNg5uDnGLuYIN3A
date: Thu, 26 Aug 2021 14:03:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4752
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEM_aUQhVT7cbK0qfZUrwK4o&google_cver=1&google_push=AYg5qPIxK8WhyNP1tlXI7iSS7TqmzcUC2JP21tC4nNc8zQkOMWjKts1BXJoB1AD6a8MSLMfen48...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NTWlhORjItOS0xSFpY&google_push=AYg5qPIxK8WhyNP1tlXI7iSS7TqmzcUC2JP21tC4nNc8zQkOMWjKts1BXJoB1AD6a8MSLMfen48WThUXslbA6v1dICDnZyvPnYFlCg

170 B
188 B

68ms
68ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NTWlhORjItOS0xSFpY&google_push=AYg5qPIxK8WhyNP1tlXI7iSS7TqmzcUC2JP21tC4nNc8zQkOMWjKts1BXJoB1AD6a8MSLMfen48WThUXslbA6v1dICDnZyvPnYFlCg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&h=280&slotname=3242898716&adk=670283550&adf=2051377974&pi=t.ma~as.3242898716&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.khlifat-info.xyz%2F2021%2F02%2Fpaypal.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=2&bdt=431&idt=510&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1103991354717&frm=20&pv=1&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=24969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&loc=https%3A%2F%2Fww1.sdsmanga.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=4GVNNm5dQD&p=https%3A//ww1.sdsmanga.com&dtd=1032

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 14:03:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NTWlhORjItOS0xSFpY&google_push=AYg5qPIxK8WhyNP1tlXI7iSS7TqmzcUC2JP21tC4nNc8zQkOMWjKts1BXJoB1AD6a8MSLMfen48WThUXslbA6v1dICDnZyvPnYFlCg
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 4752
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHL...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4752 0
59 B 70ms
67ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LpVAKYOX6ccGHNOHRfzaJYjeUgzJ3a_hFMEwSF-JJnClbVPC-faKRexBptjqQH0X3hzDUL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&h=280&slotname=3242898716&adk=670283550&adf=2051377974&pi=t.ma~as.3242898716&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.khlifat-info.xyz%2F2021%2F02%2Fpaypal.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=2&bdt=431&idt=510&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=1103991354717&frm=20&pv=1&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=24969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&loc=https%3A%2F%2Fww1.sdsmanga.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=4GVNNm5dQD&p=https%3A//ww1.sdsmanga.com&dtd=1032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 94ms
92ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210823&jk=871546251004057&bg=!4-Cl4KTNAAYXVutgF1Y7ACkAdvg8WhIcGmrH-Kbxw3eefJypy273luw8bbqdAF7XgQya1ltzHjBkXAIAAAC0UgAAACloAQcKABWetnc9zicfOEJGdiTDXR5x5-o9WgWZAokYDbyoxf_czPzQLZpTtkKO6FwmDvTOOBKwfkcYIofB4ETWx4x1VpP363TEFHvNWTZQbdvcS09kQcNtRkXyxwp1pPkldNY4ixdx41hsefopxnMXoQs_KopTROv_wdTrQrcbL1_Avkd14Ls8Ac-VbwRnD_tOLkcrwTIf0_tFJz85Mhhb3W9H9PGLRzF_nRpsmOLFr8ucUiUnJFwAx48rKxhhMImmCO6MQCyaOyrmsbTuI7iqVg5hkPPsKyAn1ghQKIq3psKwlAvn26DsJhhGU8y4-2ezy0FlD1y5APh8XKrbxp92eelam67pAniyKCfeTJueL4AzTXNFp9nxpMa-IK8yhNEQ2qRL5Te0Y8HH1a7fJGny2FZcDZMy--8BVHhV1jxULN3WlKY5cIuYC-0CW6DrzdSPiaxEYOl9O557-6d5xnT8BqJP-6ZpQxkNvJfMuvRC9WpwtaJbmHh0xH4ky6NeOIfCYsyoZ9otXlcI271oirprEBc_srZVrVv1s3mze8tgBjnyo7zd5L7Ahlfepdb3sD1D3_lHgJgl4EKMJXUC-7AnQI940K_v2L7WIclos8rQZHfX1_RvKa4jMUfwWyYp4U3rIWrVNQtLfetXlu7nx8QA9tj74YHocAc366S7McLjkM55b60TJjNbBtxvnPRYr86laMwTvp1Fjv8YMXtpmUs2Y3mKtfDM0-GVqjapUER-Hh4OdHZgX5UOan1VHfgb_6vFNNA9AiOgmNSe0jYFpJidy0E9zGq3X5Sq4QJ6GiLy6Ma-svla-TJUz-A1p2ZTQCci_Dx_zae_KwuA7KWoyDHlrFCpKC3kLhtvk7lY2kz52qOyU4xhanQuxNxQqqBPDxZFLlWKkGdX
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame 16DF 58 KB
59 KB 27ms
18ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1gapevzq5mseczk0sd5y4b999jdcjtnf3qh3agpxw1qqms6a7ac6jqg004cwxtskhnsq9bddd4rhp21ypaxvwse87az5kyqspgx4ym824rv4tcqd4bh6egjc82z5e8zymdvmxjvessksrs3h4chtjkq3gmcnndqfwjhc58zb9a8kkmrnf5pqxcc2jyrc54bv95mzxff8f0qe02ze1de2dezstfk4gea0rbx1j2whxj9a4fsyhg0j23s5w6j83p0vzevbj2rq54sv0t340hqgmmw29tx014v2xar8y64zr018xh19tekkb8qpwcgp0h04y46y4vbxckxja56vj06wbk9antpxhy20tgeny6txbg36gvd739x8a98w3gnqefr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiT64JJ8nYcyKCof57gPt97BIkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNDYyNzE5ODY2NjczMDExoAHCrujdA8gBCakCFAPOzLa7sz6oAwGqBOkBT9AKNZWUaIK1IJKDEWI2qaa4Yxpg2tscYnapDVpkTlF4r-oeV2ZByAqEDACDpAH5xw6uq2sKaJyTS_FEuKV7na5Xlz8BW8IM60edor6QB6dpGi11hiTXtGnLTbHdeGd-ObY0fZ_wqxoi34uYYjB9R6wBY8ANOu30ItKKZuVU6pgEoyqWGt49U2-3dTjU8m3Lxuow2Y3AsQf_7-8Tgk-H5tTBbxbww3jS3-iWySSWU1Y04TTvlPua-_VvDrRxj15S32XFTd99pd_sEfdpHyy5pjK3I9tcasdX6IazatdK2R4WEfWRK80T7SmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3MgjdMEa06PQXwrVaumR_WGtOBzQ%26client%3Dca-pub-2462719866673011%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1gapevzq5mseczk0sd5y4b999jdcjtnf3qh3agpxw1qqms6a7ac6jqg004cwxtskhnsq9bddd4rhp21ypaxvwse87az5kyqspgx4ym824rv4tcqd4bh6egjc82z5e8zymdvmxjvessksrs3h4chtjkq3gmcnndqfwjhc58zb9a8kkmrnf5pqxcc2jyrc54bv95mzxff8f0qe02ze1de2dezstfk4gea0rbx1j2whxj9a4fsyhg0j23s5w6j83p0vzevbj2rq54sv0t340hqgmmw29tx014v2xar8y64zr018xh19tekkb8qpwcgp0h04y46y4vbxckxja56vj06wbk9antpxhy20tgeny6txbg36gvd739x8a98w3gnqefr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiT64JJ8nYcyKCof57gPt97BIkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNDYyNzE5ODY2NjczMDExoAHCrujdA8gBCakCFAPOzLa7sz6oAwGqBOkBT9AKNZWUaIK1IJKDEWI2qaa4Yxpg2tscYnapDVpkTlF4r-oeV2ZByAqEDACDpAH5xw6uq2sKaJyTS_FEuKV7na5Xlz8BW8IM60edor6QB6dpGi11hiTXtGnLTbHdeGd-ObY0fZ_wqxoi34uYYjB9R6wBY8ANOu30ItKKZuVU6pgEoyqWGt49U2-3dTjU8m3Lxuow2Y3AsQf_7-8Tgk-H5tTBbxbww3jS3-iWySSWU1Y04TTvlPua-_VvDrRxj15S32XFTd99pd_sEfdpHyy5pjK3I9tcasdX6IazatdK2R4WEfWRK80T7SmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3MgjdMEa06PQXwrVaumR_WGtOBzQ%26client%3Dca-pub-2462719866673011%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Thu, 26 Aug 2021 14:03:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5110258
cf-polished: origSize=59196
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58969
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvi7U5co7uwhMJUpPKJf%2F%2BvArbxb9%2BVRYJ56xMmuW9KPVvy6%2FaEcv90fNUDKosZNeyfUqoM2yrZsocPOyNkf6P4E7dFFhvKHH5rHGklM0W5gIw046mEuKD7VkcQo5PXAZX06VhA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
expires: Tue, 28 Jun 2022 10:32:18 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 684d9a44ba334321-FRA
cf-bgj: minify

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame 16DF 36 KB
13 KB 39ms
30ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1gapevzq5mseczk0sd5y4b999jdcjtnf3qh3agpxw1qqms6a7ac6jqg004cwxtskhnsq9bddd4rhp21ypaxvwse87az5kyqspgx4ym824rv4tcqd4bh6egjc82z5e8zymdvmxjvessksrs3h4chtjkq3gmcnndqfwjhc58zb9a8kkmrnf5pqxcc2jyrc54bv95mzxff8f0qe02ze1de2dezstfk4gea0rbx1j2whxj9a4fsyhg0j23s5w6j83p0vzevbj2rq54sv0t340hqgmmw29tx014v2xar8y64zr018xh19tekkb8qpwcgp0h04y46y4vbxckxja56vj06wbk9antpxhy20tgeny6txbg36gvd739x8a98w3gnqefr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiT64JJ8nYcyKCof57gPt97BIkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNDYyNzE5ODY2NjczMDExoAHCrujdA8gBCakCFAPOzLa7sz6oAwGqBOkBT9AKNZWUaIK1IJKDEWI2qaa4Yxpg2tscYnapDVpkTlF4r-oeV2ZByAqEDACDpAH5xw6uq2sKaJyTS_FEuKV7na5Xlz8BW8IM60edor6QB6dpGi11hiTXtGnLTbHdeGd-ObY0fZ_wqxoi34uYYjB9R6wBY8ANOu30ItKKZuVU6pgEoyqWGt49U2-3dTjU8m3Lxuow2Y3AsQf_7-8Tgk-H5tTBbxbww3jS3-iWySSWU1Y04TTvlPua-_VvDrRxj15S32XFTd99pd_sEfdpHyy5pjK3I9tcasdX6IazatdK2R4WEfWRK80T7SmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3MgjdMEa06PQXwrVaumR_WGtOBzQ%26client%3Dca-pub-2462719866673011%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Referer: https://ad4m.at/ad/dr?ed=1gapevzq5mseczk0sd5y4b999jdcjtnf3qh3agpxw1qqms6a7ac6jqg004cwxtskhnsq9bddd4rhp21ypaxvwse87az5kyqspgx4ym824rv4tcqd4bh6egjc82z5e8zymdvmxjvessksrs3h4chtjkq3gmcnndqfwjhc58zb9a8kkmrnf5pqxcc2jyrc54bv95mzxff8f0qe02ze1de2dezstfk4gea0rbx1j2whxj9a4fsyhg0j23s5w6j83p0vzevbj2rq54sv0t340hqgmmw29tx014v2xar8y64zr018xh19tekkb8qpwcgp0h04y46y4vbxckxja56vj06wbk9antpxhy20tgeny6txbg36gvd739x8a98w3gnqefr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiT64JJ8nYcyKCof57gPt97BIkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNDYyNzE5ODY2NjczMDExoAHCrujdA8gBCakCFAPOzLa7sz6oAwGqBOkBT9AKNZWUaIK1IJKDEWI2qaa4Yxpg2tscYnapDVpkTlF4r-oeV2ZByAqEDACDpAH5xw6uq2sKaJyTS_FEuKV7na5Xlz8BW8IM60edor6QB6dpGi11hiTXtGnLTbHdeGd-ObY0fZ_wqxoi34uYYjB9R6wBY8ANOu30ItKKZuVU6pgEoyqWGt49U2-3dTjU8m3Lxuow2Y3AsQf_7-8Tgk-H5tTBbxbww3jS3-iWySSWU1Y04TTvlPua-_VvDrRxj15S32XFTd99pd_sEfdpHyy5pjK3I9tcasdX6IazatdK2R4WEfWRK80T7SmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3MgjdMEa06PQXwrVaumR_WGtOBzQ%26client%3Dca-pub-2462719866673011%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date: Thu, 26 Aug 2021 14:03:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9460
x-guploader-uploadid: ADPycdsGLlT5pjpuh9lOKcC1RKzE7pwylW8ooILvwbOiQSkdph87WQd2B6Tb1u1_uPTcjPm0uke-MpPz6OmPT4q0pG8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 23 Aug 2021 11:25:18 GMT
server: cloudflare
etag: W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhQovEaygn81L6cq%2F1liHg%2F5%2B8dLwx2R3Z%2F4yM722mD%2BeLK9tcsbt6aVuqwGxBaTB9btiLmPjVhCUT7Mbzu1l4UwFzMckxOGDonIsDyBcHZBqTLTo3%2FzgXrb0IgdyGLnm0jQikc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1628590096242097
content-type: application/javascript; charset=utf-8
expires: Thu, 26 Aug 2021 11:25:36 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 684d9a44ba2b4321-FRA
cf-bgj: minify

GET
H2 200 UDeKqTBFYaEY2ioWtDs_l49rHnl3Z0jd0o7HlKSj4tA.js Show response
pagead2.googlesyndication.com/bg/ Frame 64E1 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UDeKqTBFYaEY2ioWtDs_l49rHnl3Z0jd0o7HlKSj4tA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50378aa9304561a118da2a16b43b3f978f6b1e79776748ddd28ec794a4a3e2d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 12:51:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13427
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 15:08:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Aug 2022 12:51:19 GMT

GET
H3-29 200 Hirsch.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/ Frame 64E1 8 KB
8 KB 8ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/Hirsch.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8737add0f4dcfe0274b0527cdcec53cc4375cf530513f6ae191787404b90a587

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 173527
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8540
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 21:16:05 GMT
server: sffe
date: Tue, 24 Aug 2021 13:51:09 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 13:51:09 GMT

GET
H3-29 200 Karo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/ Frame 64E1 4 KB
4 KB 9ms
9ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/Karo.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faaaf01f597e356e9dc91520c3bba215dd5476370b3ddea78490da9ffaace6f2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 204053
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4188
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 21:16:05 GMT
server: sffe
date: Tue, 24 Aug 2021 05:22:23 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 05:22:23 GMT

GET
H3-29 200 Logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/ Frame 64E1 7 KB
7 KB 9ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/Logo.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a982a633ea505e607eec56c1683486a77cadd9bc6c5bdfdcf8212dc68690b77

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 205669
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7078
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 21:16:05 GMT
server: sffe
date: Tue, 24 Aug 2021 04:55:27 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 04:55:27 GMT

GET
H3-29 200 Tisch-min.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/ Frame 64E1 29 KB
29 KB 10ms
9ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/Tisch-min.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b42b4352de6f6b0ccbb4a464b20658f2e8411ec7a1a89803dac29cc22de84cd8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 210427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29475
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 21:16:05 GMT
server: sffe
date: Tue, 24 Aug 2021 03:36:09 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 03:36:09 GMT

GET
H3-29 200 Modells.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/ Frame 64E1 24 KB
24 KB 13ms
13ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/Modells.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a76d813c85afe6df4124f577cc295dcd15565b68683d7696e5ca44b23044a4fe

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 152077
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24734
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 21:16:05 GMT
server: sffe
date: Tue, 24 Aug 2021 19:48:39 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 19:48:39 GMT

GET
H3-29 200 Wald.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/ Frame 64E1 45 KB
45 KB 11ms
11ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15962325814773363846/Wald.jpg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df22fac12b6ae280330dcf8d761dd7363c737aa8903aa1198782f901f057a26f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 218685
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45656
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 21:16:05 GMT
server: sffe
date: Tue, 24 Aug 2021 01:18:31 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 01:18:31 GMT

GET
DATA 200
OK truncated
/ Frame 64E1 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 16DF 3 KB
4 KB 37ms
21ms Image
image/png 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Thu, 26 Aug 2021 14:03:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6744214
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZRjM9rhkMbqOS0dQlM5zKk%2FcZ3VsSU5Vjamq8MkgklOMwf0Jc7xYRcH2CKUSc9pjLI1CVjuPMAnWP9gSq7isgqmKUu6IeS9qNEe1W1a1lybETyXzLYMeObKt9cWtsVwGdoaIoOcoSGhVX9BfWl40d5uSg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 684d9a451c32176e-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame E14D 2 KB
2 KB 19ms
19ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1gapevzq5mseczk0sd5y4b999jdcjtnf3qh3agpxw1qqms6a7ac6jqg004cwxtskhnsq9bddd4rhp21ypaxvwse87az5kyqspgx4ym824rv4tcqd4bh6egjc82z5e8zymdvmxjvessksrs3h4chtjkq3gmcnndqfwjhc58zb9a8kkmrnf5pqxcc2jyrc54bv95mzxff8f0qe02ze1de2dezstfk4gea0rbx1j2whxj9a4fsyhg0j23s5w6j83p0vzevbj2rq54sv0t340hqgmmw29tx014v2xar8y64zr018xh19tekkb8qpwcgp0h04y46y4vbxckxja56vj06wbk9antpxhy20tgeny6txbg36gvd739x8a98w3gnqefr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiT64JJ8nYcyKCof57gPt97BIkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNDYyNzE5ODY2NjczMDExoAHCrujdA8gBCakCFAPOzLa7sz6oAwGqBOkBT9AKNZWUaIK1IJKDEWI2qaa4Yxpg2tscYnapDVpkTlF4r-oeV2ZByAqEDACDpAH5xw6uq2sKaJyTS_FEuKV7na5Xlz8BW8IM60edor6QB6dpGi11hiTXtGnLTbHdeGd-ObY0fZ_wqxoi34uYYjB9R6wBY8ANOu30ItKKZuVU6pgEoyqWGt49U2-3dTjU8m3Lxuow2Y3AsQf_7-8Tgk-H5tTBbxbww3jS3-iWySSWU1Y04TTvlPua-_VvDrRxj15S32XFTd99pd_sEfdpHyy5pjK3I9tcasdX6IazatdK2R4WEfWRK80T7SmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3MgjdMEa06PQXwrVaumR_WGtOBzQ%26client%3Dca-pub-2462719866673011%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1gapevzq5mseczk0sd5y4b999jdcjtnf3qh3agpxw1qqms6a7ac6jqg004cwxtskhnsq9bddd4rhp21ypaxvwse87az5kyqspgx4ym824rv4tcqd4bh6egjc82z5e8zymdvmxjvessksrs3h4chtjkq3gmcnndqfwjhc58zb9a8kkmrnf5pqxcc2jyrc54bv95mzxff8f0qe02ze1de2dezstfk4gea0rbx1j2whxj9a4fsyhg0j23s5w6j83p0vzevbj2rq54sv0t340hqgmmw29tx014v2xar8y64zr018xh19tekkb8qpwcgp0h04y46y4vbxckxja56vj06wbk9antpxhy20tgeny6txbg36gvd739x8a98w3gnqefr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiT64JJ8nYcyKCof57gPt97BIkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNDYyNzE5ODY2NjczMDExoAHCrujdA8gBCakCFAPOzLa7sz6oAwGqBOkBT9AKNZWUaIK1IJKDEWI2qaa4Yxpg2tscYnapDVpkTlF4r-oeV2ZByAqEDACDpAH5xw6uq2sKaJyTS_FEuKV7na5Xlz8BW8IM60edor6QB6dpGi11hiTXtGnLTbHdeGd-ObY0fZ_wqxoi34uYYjB9R6wBY8ANOu30ItKKZuVU6pgEoyqWGt49U2-3dTjU8m3Lxuow2Y3AsQf_7-8Tgk-H5tTBbxbww3jS3-iWySSWU1Y04TTvlPua-_VvDrRxj15S32XFTd99pd_sEfdpHyy5pjK3I9tcasdX6IazatdK2R4WEfWRK80T7SmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3MgjdMEa06PQXwrVaumR_WGtOBzQ%26client%3Dca-pub-2462719866673011%26adurl%3D

Response headers

date: Thu, 26 Aug 2021 14:03:16 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Thu, 26 Aug 2021 15:03:16 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 126555
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkDLX13RiHBms64cIURFGyc7y1IcXZ%2BO8CQspxQgoIG0k%2FvLNAqB1q%2FeLJJ8zK4CWGYe3UbO9BvNNNzKIs3CWGCl4fpMax%2FFR2zIMF4PpvnHH4nmw42IDxRr0wBHCsUoeEDt7Vw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 684d9a44faf54321-FRA
content-encoding: br

GET
H3-29 200 banner300x250.png
worldstatistics.live/img/baner/ Frame C9EC 52 KB
53 KB 42ms
15ms Image
image/png 2606:4700:3037::ac43:c79d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worldstatistics.live/img/baner/banner300x250.png
Requested by: Host: worldstatistics.live
URL: https://worldstatistics.live/bn.php?size=300x250
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edd010405afcf7f11562b847e3295cd2d9d12bcc1c90a30ef6321a38ea4758fe

Request headers

Referer: https://worldstatistics.live/bn.php?size=300x250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 217754
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 53730
pragma: public
last-modified: Tue, 25 May 2021 10:24:41 GMT
server: cloudflare
etag: "60acd069-d1e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K78tJ3mU06m9Q%2FvI9gOLLOqJMSePYAPWw%2B6lxijmCBZf85DLXXGr2AVIf45WgWXDoaxfU%2BeRXHrTEAnZ9%2BF1vhoaEiuFUVvS0T%2Fnu6m2fI4u59qgtmiZNGZLXDTrGgyjopUx6mMEEGBQcYzJULbOEynspw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 684d9a45bd9f97b4-FRA
expires: Thu, 23 Sep 2021 01:34:02 GMT

GET
H3-29 200 banner300x250.png
worldstatistics.live/img/baner/ Frame 7CDD 52 KB
53 KB 43ms
21ms Image
image/png 2606:4700:3037::ac43:c79d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worldstatistics.live/img/baner/banner300x250.png
Requested by: Host: worldstatistics.live
URL: https://worldstatistics.live/bn.php?size=300x250
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edd010405afcf7f11562b847e3295cd2d9d12bcc1c90a30ef6321a38ea4758fe

Request headers

Referer: https://worldstatistics.live/bn.php?size=300x250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 217754
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 53730
pragma: public
last-modified: Tue, 25 May 2021 10:24:41 GMT
server: cloudflare
etag: "60acd069-d1e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhQbvgNz4ZtRdxBi5mOdYYsJYj%2Fa89YS%2FpzSS2yBcYXuLFiEYcOTBth0KaDIAllY1FN%2ByIq7q0cVLTOKE%2B1hbAfJkDpNTToPb2c25a0UeCbd6sHrIwJ4lTq%2F5q8qJlWIWBLV1FhlRci2lO%2BDnjjDSDWE8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 684d9a45bd9e97b4-FRA
expires: Thu, 23 Sep 2021 01:34:02 GMT

POST
H3-29 200 rs Show response
ad4m.at/ Frame 16DF 1 KB
2 KB 28ms
27ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6040aaa9086db2da20f918be71f9cfdd6441098cbd69ae5522dfaeafb268b8d

Request headers

Referer: https://ad4m.at/ad/dr?ed=1gapevzq5mseczk0sd5y4b999jdcjtnf3qh3agpxw1qqms6a7ac6jqg004cwxtskhnsq9bddd4rhp21ypaxvwse87az5kyqspgx4ym824rv4tcqd4bh6egjc82z5e8zymdvmxjvessksrs3h4chtjkq3gmcnndqfwjhc58zb9a8kkmrnf5pqxcc2jyrc54bv95mzxff8f0qe02ze1de2dezstfk4gea0rbx1j2whxj9a4fsyhg0j23s5w6j83p0vzevbj2rq54sv0t340hqgmmw29tx014v2xar8y64zr018xh19tekkb8qpwcgp0h04y46y4vbxckxja56vj06wbk9antpxhy20tgeny6txbg36gvd739x8a98w3gnqefr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiT64JJ8nYcyKCof57gPt97BIkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNDYyNzE5ODY2NjczMDExoAHCrujdA8gBCakCFAPOzLa7sz6oAwGqBOkBT9AKNZWUaIK1IJKDEWI2qaa4Yxpg2tscYnapDVpkTlF4r-oeV2ZByAqEDACDpAH5xw6uq2sKaJyTS_FEuKV7na5Xlz8BW8IM60edor6QB6dpGi11hiTXtGnLTbHdeGd-ObY0fZ_wqxoi34uYYjB9R6wBY8ANOu30ItKKZuVU6pgEoyqWGt49U2-3dTjU8m3Lxuow2Y3AsQf_7-8Tgk-H5tTBbxbww3jS3-iWySSWU1Y04TTvlPua-_VvDrRxj15S32XFTd99pd_sEfdpHyy5pjK3I9tcasdX6IazatdK2R4WEfWRK80T7SmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3MgjdMEa06PQXwrVaumR_WGtOBzQ%26client%3Dca-pub-2462719866673011%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 684d9a45ac6c4321-FRA
date: Thu, 26 Aug 2021 14:03:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7ogfZ1Fou%2B6d4E9r8HH0LSFlCfsG1scSMFNL%2FQ%2Bgw9Kwb%2FsvH06jCYZdXrtlra60Vvlr7rwT1Omi05cl%2FxXx%2BO2efEM7grXiJPFJ2kJTnq9Vu8zQA92ioNGV5M9Cx83zqLsRmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-f57t

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame A62D 9 KB
4 KB 27ms
26ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=6ae8c214838a04448fa2dee79a03abfd%2F4585127077303086760&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629986596730&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20ttd458mvz1m13f0c6gcg96fn8wfabnen0cgyc04c3qm65rr47rfp8n7bgp39ea9ntngmczgrtdqmxy7msh6tahjztw60abp0dp2jffdq70sk4t7q1690x81076kq4s9jfbfkz7acezpt137eaybmc07tc455b4pnrmrvsr73tnnqka49gy6474ckhge2kfpegkwq0200s2g5f7e15c9kzkw956zncdha4qvp1p5ysqwbvk93ck120anz0peyg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT64JJ8nYcyKCof57gPt97BIkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNDYyNzE5ODY2NjczMDExoAHCrujdA8gBCakCFAPOzLa7sz6oAwGqBOkBT9AKNZWUaIK1IJKDEWI2qaa4Yxpg2tscYnapDVpkTlF4r-oeV2ZByAqEDACDpAH5xw6uq2sKaJyTS_FEuKV7na5Xlz8BW8IM60edor6QB6dpGi11hiTXtGnLTbHdeGd-ObY0fZ_wqxoi34uYYjB9R6wBY8ANOu30ItKKZuVU6pgEoyqWGt49U2-3dTjU8m3Lxuow2Y3AsQf_7-8Tgk-H5tTBbxbww3jS3-iWySSWU1Y04TTvlPua-_VvDrRxj15S32XFTd99pd_sEfdpHyy5pjK3I9tcasdX6IazatdK2R4WEfWRK80T7SmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MgjdMEa06PQXwrVaumR_WGtOBzQ%2526client%253Dca-pub-2462719866673011%2526adurl%253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c9ae086df1dc31c5f80ba308456aec5c3b72dd9922e2f8aca30df85fd6f82db

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=6ae8c214838a04448fa2dee79a03abfd%2F4585127077303086760&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629986596730&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20ttd458mvz1m13f0c6gcg96fn8wfabnen0cgyc04c3qm65rr47rfp8n7bgp39ea9ntngmczgrtdqmxy7msh6tahjztw60abp0dp2jffdq70sk4t7q1690x81076kq4s9jfbfkz7acezpt137eaybmc07tc455b4pnrmrvsr73tnnqka49gy6474ckhge2kfpegkwq0200s2g5f7e15c9kzkw956zncdha4qvp1p5ysqwbvk93ck120anz0peyg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT64JJ8nYcyKCof57gPt97BIkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNDYyNzE5ODY2NjczMDExoAHCrujdA8gBCakCFAPOzLa7sz6oAwGqBOkBT9AKNZWUaIK1IJKDEWI2qaa4Yxpg2tscYnapDVpkTlF4r-oeV2ZByAqEDACDpAH5xw6uq2sKaJyTS_FEuKV7na5Xlz8BW8IM60edor6QB6dpGi11hiTXtGnLTbHdeGd-ObY0fZ_wqxoi34uYYjB9R6wBY8ANOu30ItKKZuVU6pgEoyqWGt49U2-3dTjU8m3Lxuow2Y3AsQf_7-8Tgk-H5tTBbxbww3jS3-iWySSWU1Y04TTvlPua-_VvDrRxj15S32XFTd99pd_sEfdpHyy5pjK3I9tcasdX6IazatdK2R4WEfWRK80T7SmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MgjdMEa06PQXwrVaumR_WGtOBzQ%2526client%253Dca-pub-2462719866673011%2526adurl%253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:16 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 684d9a45ddc04a6e-FRA
content-encoding: br

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.8/one-ad/ Frame A62D 64 KB
8 KB 18ms
17ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=6ae8c214838a04448fa2dee79a03abfd%2F4585127077303086760&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629986596730&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20ttd458mvz1m13f0c6gcg96fn8wfabnen0cgyc04c3qm65rr47rfp8n7bgp39ea9ntngmczgrtdqmxy7msh6tahjztw60abp0dp2jffdq70sk4t7q1690x81076kq4s9jfbfkz7acezpt137eaybmc07tc455b4pnrmrvsr73tnnqka49gy6474ckhge2kfpegkwq0200s2g5f7e15c9kzkw956zncdha4qvp1p5ysqwbvk93ck120anz0peyg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT64JJ8nYcyKCof57gPt97BIkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNDYyNzE5ODY2NjczMDExoAHCrujdA8gBCakCFAPOzLa7sz6oAwGqBOkBT9AKNZWUaIK1IJKDEWI2qaa4Yxpg2tscYnapDVpkTlF4r-oeV2ZByAqEDACDpAH5xw6uq2sKaJyTS_FEuKV7na5Xlz8BW8IM60edor6QB6dpGi11hiTXtGnLTbHdeGd-ObY0fZ_wqxoi34uYYjB9R6wBY8ANOu30ItKKZuVU6pgEoyqWGt49U2-3dTjU8m3Lxuow2Y3AsQf_7-8Tgk-H5tTBbxbww3jS3-iWySSWU1Y04TTvlPua-_VvDrRxj15S32XFTd99pd_sEfdpHyy5pjK3I9tcasdX6IazatdK2R4WEfWRK80T7SmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MgjdMEa06PQXwrVaumR_WGtOBzQ%2526client%253Dca-pub-2462719866673011%2526adurl%253D&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=6ae8c214838a04448fa2dee79a03abfd%2F4585127077303086760&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629986596730&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20ttd458mvz1m13f0c6gcg96fn8wfabnen0cgyc04c3qm65rr47rfp8n7bgp39ea9ntngmczgrtdqmxy7msh6tahjztw60abp0dp2jffdq70sk4t7q1690x81076kq4s9jfbfkz7acezpt137eaybmc07tc455b4pnrmrvsr73tnnqka49gy6474ckhge2kfpegkwq0200s2g5f7e15c9kzkw956zncdha4qvp1p5ysqwbvk93ck120anz0peyg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT64JJ8nYcyKCof57gPt97BIkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNDYyNzE5ODY2NjczMDExoAHCrujdA8gBCakCFAPOzLa7sz6oAwGqBOkBT9AKNZWUaIK1IJKDEWI2qaa4Yxpg2tscYnapDVpkTlF4r-oeV2ZByAqEDACDpAH5xw6uq2sKaJyTS_FEuKV7na5Xlz8BW8IM60edor6QB6dpGi11hiTXtGnLTbHdeGd-ObY0fZ_wqxoi34uYYjB9R6wBY8ANOu30ItKKZuVU6pgEoyqWGt49U2-3dTjU8m3Lxuow2Y3AsQf_7-8Tgk-H5tTBbxbww3jS3-iWySSWU1Y04TTvlPua-_VvDrRxj15S32XFTd99pd_sEfdpHyy5pjK3I9tcasdX6IazatdK2R4WEfWRK80T7SmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MgjdMEa06PQXwrVaumR_WGtOBzQ%2526client%253Dca-pub-2462719866673011%2526adurl%253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:16 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 684758
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 18 Aug 2021 15:50:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 684d9a460d654321-FRA
cf-bgj: minify

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame A62D 18 KB
19 KB 23ms
14ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=6ae8c214838a04448fa2dee79a03abfd%2F4585127077303086760&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629986596730&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20ttd458mvz1m13f0c6gcg96fn8wfabnen0cgyc04c3qm65rr47rfp8n7bgp39ea9ntngmczgrtdqmxy7msh6tahjztw60abp0dp2jffdq70sk4t7q1690x81076kq4s9jfbfkz7acezpt137eaybmc07tc455b4pnrmrvsr73tnnqka49gy6474ckhge2kfpegkwq0200s2g5f7e15c9kzkw956zncdha4qvp1p5ysqwbvk93ck120anz0peyg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT64JJ8nYcyKCof57gPt97BIkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNDYyNzE5ODY2NjczMDExoAHCrujdA8gBCakCFAPOzLa7sz6oAwGqBOkBT9AKNZWUaIK1IJKDEWI2qaa4Yxpg2tscYnapDVpkTlF4r-oeV2ZByAqEDACDpAH5xw6uq2sKaJyTS_FEuKV7na5Xlz8BW8IM60edor6QB6dpGi11hiTXtGnLTbHdeGd-ObY0fZ_wqxoi34uYYjB9R6wBY8ANOu30ItKKZuVU6pgEoyqWGt49U2-3dTjU8m3Lxuow2Y3AsQf_7-8Tgk-H5tTBbxbww3jS3-iWySSWU1Y04TTvlPua-_VvDrRxj15S32XFTd99pd_sEfdpHyy5pjK3I9tcasdX6IazatdK2R4WEfWRK80T7SmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MgjdMEa06PQXwrVaumR_WGtOBzQ%2526client%253Dca-pub-2462719866673011%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Thu, 26 Aug 2021 14:03:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63874
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdswBy5gW51e85786-S6wCIRzLcwKFa8E3GO4pkIq1-36fSKhGe7OFt_aCkwHpEAvg1RAlmOLfnjqP_liNPshw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7sTjR2RtgYFUa87TsXwICnDSRu6kLzgqMM5mNwESd5%2F32KsQM69Wy5FLJRq0KlOeKet9yv0KwpCJ%2FPtcQGznT4igPoZaAsn2177Sb0wYTPS2rOL5WNsK%2Fyi%2BG0GLwwYmkAc4G0KHPGS%2FbGRx"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Fri, 27 Aug 2021 14:03:16 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 684d9a461e564a6e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame A62D 2 KB
2 KB 29ms
21ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=6ae8c214838a04448fa2dee79a03abfd%2F4585127077303086760&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629986596730&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20ttd458mvz1m13f0c6gcg96fn8wfabnen0cgyc04c3qm65rr47rfp8n7bgp39ea9ntngmczgrtdqmxy7msh6tahjztw60abp0dp2jffdq70sk4t7q1690x81076kq4s9jfbfkz7acezpt137eaybmc07tc455b4pnrmrvsr73tnnqka49gy6474ckhge2kfpegkwq0200s2g5f7e15c9kzkw956zncdha4qvp1p5ysqwbvk93ck120anz0peyg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT64JJ8nYcyKCof57gPt97BIkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNDYyNzE5ODY2NjczMDExoAHCrujdA8gBCakCFAPOzLa7sz6oAwGqBOkBT9AKNZWUaIK1IJKDEWI2qaa4Yxpg2tscYnapDVpkTlF4r-oeV2ZByAqEDACDpAH5xw6uq2sKaJyTS_FEuKV7na5Xlz8BW8IM60edor6QB6dpGi11hiTXtGnLTbHdeGd-ObY0fZ_wqxoi34uYYjB9R6wBY8ANOu30ItKKZuVU6pgEoyqWGt49U2-3dTjU8m3Lxuow2Y3AsQf_7-8Tgk-H5tTBbxbww3jS3-iWySSWU1Y04TTvlPua-_VvDrRxj15S32XFTd99pd_sEfdpHyy5pjK3I9tcasdX6IazatdK2R4WEfWRK80T7SmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MgjdMEa06PQXwrVaumR_WGtOBzQ%2526client%253Dca-pub-2462719866673011%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Thu, 26 Aug 2021 14:03:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60472
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycdvxiwb5RKXGMMHBzv56rxK6Q88_AYo8qCEw4oZR0GIBxht1dw9MQjKLwMi9KUtHhz8hdnqUq1eDYH8OnA2N_1xke3wEWQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4hOcPL2FiDSvJK8qck0b%2BADiUoUg40rZRdoiswCwiKPVr0fZtovc2GqC5VIxTZnbjMK6M1CHCppN%2FAVKJCsSBZm3A4B3UJVX3GtWbFuQHieR2ss1VosMCnObkQfUdHt7%2B6fuAgLAAFNY2g0"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Fri, 27 Aug 2021 14:03:16 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 684d9a461e594a6e-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame A62D 43 B
704 B 217ms
91ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneide7RC3fVfxBVcjHZHet1teW3sjTQTx8Joneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:16 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame A62D 38 KB
39 KB 28ms
20ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=6ae8c214838a04448fa2dee79a03abfd%2F4585127077303086760&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629986596730&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20ttd458mvz1m13f0c6gcg96fn8wfabnen0cgyc04c3qm65rr47rfp8n7bgp39ea9ntngmczgrtdqmxy7msh6tahjztw60abp0dp2jffdq70sk4t7q1690x81076kq4s9jfbfkz7acezpt137eaybmc07tc455b4pnrmrvsr73tnnqka49gy6474ckhge2kfpegkwq0200s2g5f7e15c9kzkw956zncdha4qvp1p5ysqwbvk93ck120anz0peyg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT64JJ8nYcyKCof57gPt97BIkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNDYyNzE5ODY2NjczMDExoAHCrujdA8gBCakCFAPOzLa7sz6oAwGqBOkBT9AKNZWUaIK1IJKDEWI2qaa4Yxpg2tscYnapDVpkTlF4r-oeV2ZByAqEDACDpAH5xw6uq2sKaJyTS_FEuKV7na5Xlz8BW8IM60edor6QB6dpGi11hiTXtGnLTbHdeGd-ObY0fZ_wqxoi34uYYjB9R6wBY8ANOu30ItKKZuVU6pgEoyqWGt49U2-3dTjU8m3Lxuow2Y3AsQf_7-8Tgk-H5tTBbxbww3jS3-iWySSWU1Y04TTvlPua-_VvDrRxj15S32XFTd99pd_sEfdpHyy5pjK3I9tcasdX6IazatdK2R4WEfWRK80T7SmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MgjdMEa06PQXwrVaumR_WGtOBzQ%2526client%253Dca-pub-2462719866673011%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Thu, 26 Aug 2021 14:03:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70649
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdtccTe1l3Z80dYcnJ61Wd-_blDnFbhz70zjQ2vL9xMDEUdbDK0utHA0pvAjJ9Cp7XL4y75kVIDObhuoiJpR09s
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5JuJaY7GFJMcNFhdFDkA6hP%2FurGbYy38S8QGYyombMMFSsevgKyBlDy2jrJN7jwtV6mR9lJR3mJLh6l7KhK9bBayEmlC7UEIi6nLv%2FJJ0k8j8xKJnGkPcVNzLFAOE9bze0JkiBBNLjLYw5o"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Fri, 27 Aug 2021 14:03:16 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 684d9a461e584a6e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame A62D 113 KB
113 KB 29ms
21ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=6ae8c214838a04448fa2dee79a03abfd%2F4585127077303086760&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629986596730&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20ttd458mvz1m13f0c6gcg96fn8wfabnen0cgyc04c3qm65rr47rfp8n7bgp39ea9ntngmczgrtdqmxy7msh6tahjztw60abp0dp2jffdq70sk4t7q1690x81076kq4s9jfbfkz7acezpt137eaybmc07tc455b4pnrmrvsr73tnnqka49gy6474ckhge2kfpegkwq0200s2g5f7e15c9kzkw956zncdha4qvp1p5ysqwbvk93ck120anz0peyg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT64JJ8nYcyKCof57gPt97BIkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNDYyNzE5ODY2NjczMDExoAHCrujdA8gBCakCFAPOzLa7sz6oAwGqBOkBT9AKNZWUaIK1IJKDEWI2qaa4Yxpg2tscYnapDVpkTlF4r-oeV2ZByAqEDACDpAH5xw6uq2sKaJyTS_FEuKV7na5Xlz8BW8IM60edor6QB6dpGi11hiTXtGnLTbHdeGd-ObY0fZ_wqxoi34uYYjB9R6wBY8ANOu30ItKKZuVU6pgEoyqWGt49U2-3dTjU8m3Lxuow2Y3AsQf_7-8Tgk-H5tTBbxbww3jS3-iWySSWU1Y04TTvlPua-_VvDrRxj15S32XFTd99pd_sEfdpHyy5pjK3I9tcasdX6IazatdK2R4WEfWRK80T7SmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MgjdMEa06PQXwrVaumR_WGtOBzQ%2526client%253Dca-pub-2462719866673011%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Thu, 26 Aug 2021 14:03:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62951
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdsjOY0s0q8yMvK5qU9PRPkn4xqZs3uTr_NJGEDRM2HjSvR5Zpwywme1NcHQhNt9v2s6L9c55rjfPKIJwlxSm7c
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6PrWbiWPWdanj7m6CiWIPSi0qgyhz1t14BxHENq%2FtxbQEB%2BVr6tKxuM9CKdSP1ok4kN%2F66E9UBePMGCtLy%2FSDK%2FVfUtHRFkAzX3zF3R%2BSK5CIBnaRI6IJBojGtdRiXXzuZqmvMOljj6hxDv3"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Fri, 27 Aug 2021 14:03:16 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 684d9a461e574a6e-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame A62D 43 B
704 B 222ms
92ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneide7RC3fVfYpcjHZHet1tbrzUjTQTx8Joneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:16 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame A62D 8 KB
9 KB 28ms
21ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=6ae8c214838a04448fa2dee79a03abfd%2F4585127077303086760&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629986596730&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20ttd458mvz1m13f0c6gcg96fn8wfabnen0cgyc04c3qm65rr47rfp8n7bgp39ea9ntngmczgrtdqmxy7msh6tahjztw60abp0dp2jffdq70sk4t7q1690x81076kq4s9jfbfkz7acezpt137eaybmc07tc455b4pnrmrvsr73tnnqka49gy6474ckhge2kfpegkwq0200s2g5f7e15c9kzkw956zncdha4qvp1p5ysqwbvk93ck120anz0peyg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT64JJ8nYcyKCof57gPt97BIkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNDYyNzE5ODY2NjczMDExoAHCrujdA8gBCakCFAPOzLa7sz6oAwGqBOkBT9AKNZWUaIK1IJKDEWI2qaa4Yxpg2tscYnapDVpkTlF4r-oeV2ZByAqEDACDpAH5xw6uq2sKaJyTS_FEuKV7na5Xlz8BW8IM60edor6QB6dpGi11hiTXtGnLTbHdeGd-ObY0fZ_wqxoi34uYYjB9R6wBY8ANOu30ItKKZuVU6pgEoyqWGt49U2-3dTjU8m3Lxuow2Y3AsQf_7-8Tgk-H5tTBbxbww3jS3-iWySSWU1Y04TTvlPua-_VvDrRxj15S32XFTd99pd_sEfdpHyy5pjK3I9tcasdX6IazatdK2R4WEfWRK80T7SmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MgjdMEa06PQXwrVaumR_WGtOBzQ%2526client%253Dca-pub-2462719866673011%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Thu, 26 Aug 2021 14:03:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 216376
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdsFA7D1vcCfysEr0Db7M-aZenlfp1l0nb9GBuYFVbgrlGoO7bvuWaQTs4om-9D-joM3giWf_NfvvwphSYkbh1E
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5KF3u0NzycrgfTIV%2FTL02q%2BSVnTK3gh0WwjzR7Sa8wrusmlOHwdGD4KcEJSulJ%2FGGHSECofm3rvCKBSGfkb1CGUoDuoZMFucA%2FGf27SoINrEujZxJDdwCW2VC7z93eGLiBlrmVTe7zORpcd"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Fri, 27 Aug 2021 14:03:16 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 684d9a461e5d4a6e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame A62D 30 KB
30 KB 22ms
14ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=6ae8c214838a04448fa2dee79a03abfd%2F4585127077303086760&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629986596730&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20ttd458mvz1m13f0c6gcg96fn8wfabnen0cgyc04c3qm65rr47rfp8n7bgp39ea9ntngmczgrtdqmxy7msh6tahjztw60abp0dp2jffdq70sk4t7q1690x81076kq4s9jfbfkz7acezpt137eaybmc07tc455b4pnrmrvsr73tnnqka49gy6474ckhge2kfpegkwq0200s2g5f7e15c9kzkw956zncdha4qvp1p5ysqwbvk93ck120anz0peyg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT64JJ8nYcyKCof57gPt97BIkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNDYyNzE5ODY2NjczMDExoAHCrujdA8gBCakCFAPOzLa7sz6oAwGqBOkBT9AKNZWUaIK1IJKDEWI2qaa4Yxpg2tscYnapDVpkTlF4r-oeV2ZByAqEDACDpAH5xw6uq2sKaJyTS_FEuKV7na5Xlz8BW8IM60edor6QB6dpGi11hiTXtGnLTbHdeGd-ObY0fZ_wqxoi34uYYjB9R6wBY8ANOu30ItKKZuVU6pgEoyqWGt49U2-3dTjU8m3Lxuow2Y3AsQf_7-8Tgk-H5tTBbxbww3jS3-iWySSWU1Y04TTvlPua-_VvDrRxj15S32XFTd99pd_sEfdpHyy5pjK3I9tcasdX6IazatdK2R4WEfWRK80T7SmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MgjdMEa06PQXwrVaumR_WGtOBzQ%2526client%253Dca-pub-2462719866673011%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date: Thu, 26 Aug 2021 14:03:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62793
cf-polished: qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid: ADPycduX3IY3J-feEt1k0UvbjeWqTEFNhwd-qhwcK-LX16pshMY3ooAppp9k3aBOZEl3LwGCEG8pLHIDCXfGngCnkA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 30226
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJ81yFrDx6bXeQFdjMzJZofnTOO2QPyR5zMfcbWBksPC56%2FEvH%2FF3VWCSKnpIzKrUcjkGxmRs%2B77xEP2Pwrz0yLV52iEeVUQ%2BCSzF8b%2BnIm3Juph%2F0ZbuSgjdtwMcfd3cfK3aDB6aAuo56BS"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1586422222365290
content-type: image/webp
expires: Fri, 27 Aug 2021 14:03:16 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 81547
accept-ranges: bytes
cf-ray: 684d9a461e5b4a6e-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame A62D
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CLbF56DtzvICFfXLuwgdxBUIHw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629986597_5ca7ef60-0676-11ec-bfe3-692d0dec5663

0
518 B

184ms
58ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629986597_5ca7ef60-0676-11ec-bfe3-692d0dec5663
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=6ae8c214838a04448fa2dee79a03abfd%2F4585127077303086760&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629986596730&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20ttd458mvz1m13f0c6gcg96fn8wfabnen0cgyc04c3qm65rr47rfp8n7bgp39ea9ntngmczgrtdqmxy7msh6tahjztw60abp0dp2jffdq70sk4t7q1690x81076kq4s9jfbfkz7acezpt137eaybmc07tc455b4pnrmrvsr73tnnqka49gy6474ckhge2kfpegkwq0200s2g5f7e15c9kzkw956zncdha4qvp1p5ysqwbvk93ck120anz0peyg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT64JJ8nYcyKCof57gPt97BIkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNDYyNzE5ODY2NjczMDExoAHCrujdA8gBCakCFAPOzLa7sz6oAwGqBOkBT9AKNZWUaIK1IJKDEWI2qaa4Yxpg2tscYnapDVpkTlF4r-oeV2ZByAqEDACDpAH5xw6uq2sKaJyTS_FEuKV7na5Xlz8BW8IM60edor6QB6dpGi11hiTXtGnLTbHdeGd-ObY0fZ_wqxoi34uYYjB9R6wBY8ANOu30ItKKZuVU6pgEoyqWGt49U2-3dTjU8m3Lxuow2Y3AsQf_7-8Tgk-H5tTBbxbww3jS3-iWySSWU1Y04TTvlPua-_VvDrRxj15S32XFTd99pd_sEfdpHyy5pjK3I9tcasdX6IazatdK2R4WEfWRK80T7SmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MgjdMEa06PQXwrVaumR_WGtOBzQ%2526client%253Dca-pub-2462719866673011%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:16 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Thu, 26 Aug 2021 14:03:17 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629986597_5ca7ef60-0676-11ec-bfe3-692d0dec5663
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame B984 3 KB
1 KB 130ms
128ms Document
text/html 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.8.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 238018597a0e3b579cd29ba9b7aeeb2c4f5f0e3e6363d593ca957910a34ccdae

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ww1.sdsmanga.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ww1.sdsmanga.com/

Response headers

date: Thu, 26 Aug 2021 14:03:19 GMT
content-type: text/html
set-cookie: uid=12c22a24-e82a-4c36-91ed-e9ea2266bd06; expires=Wed, 15 Sep 2021 14:03:19 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndoxD41G6hMpGuw%2FjUVxZQHPOgx%2BWb08uKF%2FBTgsVM%2F5xxvYASws3qyUrlGnsJObDD%2Fi%2BjOjwV0odb44h1XD%2F1L7tOxTZPoJCYLaxzC12bNqb%2Fs%2BpGBCwqEOZbHP%2Ba3MoJ21sMlFsG0XQ8HkoYMfJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 684d9a557f632c52-FRA
content-encoding: br

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame 259B 3 KB
1004 B 169ms
169ms Document
text/html 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.8.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4a0ccd1cf2d05b241997d5e0370c31e7c52c5a4f3083a7535cba7fbdebe383f

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ww1.sdsmanga.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ww1.sdsmanga.com/

Response headers

date: Thu, 26 Aug 2021 14:03:19 GMT
content-type: text/html
set-cookie: uid=029392c8-9d98-44c4-bd4e-708995bb7c13; expires=Wed, 15 Sep 2021 14:03:19 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5LAW6PgcYZPu%2FrkMbfVpzxcqrbtoaiyufEQ2grpGxrIQrAywzKZIyLpm%2BPDFx78UAR55R2FBgqUGt9Gz3ISfGrH4QMmhLEPit%2BrA1BpuOy%2BXRdyGyHlC5jKl1Osk4yPCyWIbB18EyeujHUxMT6bwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 684d9a557f5c2c52-FRA
content-encoding: br

GET
H2

200

um
u-ams02.e-planning.net/
Redirect Chain

https://ufo.approximity.com/mu?td=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Daa770806b4a66cf5%26fi%3D33a2156c6da5736a
https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=33a2156c6da5736a&uid=02000000B79E27615C6E31BA02181E7B

42 B
104 B

179ms
54ms

Image
image/gif

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=33a2156c6da5736a&uid=02000000B79E27615C6E31BA02181E7B
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:19 GMT
server: openresty
content-type: image/gif

Redirect headers

location: https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=33a2156c6da5736a&uid=02000000B79E27615C6E31BA02181E7B
date: Thu, 26 Aug 2021 14:01:27 GMT
server: nginx/1.20.1
content-type: text/html
content-length: 145
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2

200

setuid
sync.quantumdex.io/ Frame B984
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=9108288298279714048

43 B
326 B

126ms
125ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=9108288298279714048
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cA4n6I5UNqhjcpBJ%2FY6aV4eTbI2HpzPTH0XCPLpDszawKWa%2FTGHszYLIn9xkgGYZyxlhM7eADLaklUAbxY6BxnNZnmuSvkLQdp3QWzsNAZeVqW1mTTi2YnIthfu5TRMPtJCsgbwEW5qg9%2BU2EmtGXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 684d9a581db72c52-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:19 GMT
X-Proxy-Origin: 86.106.103.117; 86.106.103.117; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b0a52b8f-0065-4237-b2bd-3ff248fb782f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=9108288298279714048
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame B984
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=1b266ec9-4a7f-4c0d-b9bb-c7215c591b50

43 B
338 B

128ms
128ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=1b266ec9-4a7f-4c0d-b9bb-c7215c591b50
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwPmgfhN%2BfPu9R38QulWhGN20iuFW3ePc2vwkkndkIsEZKmO%2BobVsaGFgpYqNTpvZzrGo%2FSiIpVEAWjpIE4upaShdL0mKf96jIaHP9l6TUIv%2F2h1A2egRFNBo1TydoKW3F1yC1IvBZX0%2BSspwUUXeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 684d9a575b552c52-FRA
content-length: 43

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=1b266ec9-4a7f-4c0d-b9bb-c7215c591b50
date: Thu, 26 Aug 2021 14:03:19 GMT
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame B984
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-m7Bn02hE2uG9mS8J.X7ky_w9FOhKkwpNkcVYC98-~A

43 B
355 B

123ms
122ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-m7Bn02hE2uG9mS8J.X7ky_w9FOhKkwpNkcVYC98-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qC8edQBu1L8xKPap0%2FzfPXpZomUfgJ6nu%2FC0Z3CSoeM0VMKQ0PgGPeVtj8k%2FzUjnWRdJzdFqXoSkIo%2FTYCnFIxzS%2BrF62u7MSDx%2F9F55yuFeoWgjpXn39Gu%2BNP62g6MAuENDyMWY55ZTYYlxRC3h5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 684d9a57dcce2c52-FRA
content-length: 43

Redirect headers

Date: Thu, 26 Aug 2021 14:03:19 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-m7Bn02hE2uG9mS8J.X7ky_w9FOhKkwpNkcVYC98-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame B984
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4583330466077400509

43 B
339 B

150ms
148ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4583330466077400509
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stz8BRILYjJAttk10qU9uEdwtD15yWdVXs4%2F%2BTbs0sfbDTFRRTdztwyJgnQHzF2vJENX%2F1GHEdCnQ2aS0ekA1BivX9oSwygCTVgQLWPcWLo777yfG2ZvRQSY9kF%2F6RiOqq98Pskfnfi%2FzzHgjiPeFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 684d9a582e512c52-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:19 GMT
X-Proxy-Origin: 86.106.103.117; 86.106.103.117; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1fa9b28f-ae13-47ac-8d3e-9c75886b5cb0
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4583330466077400509
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

1.gif
id5-sync.com/c/495/0/0/ Frame B984
Redirect Chain

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

43 B
1 KB

59ms
59ms

Image
image/gif

51.75.146.200
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.75.146.200 , France, ASN16276 (OVH, FR),

Reverse DNS

p11.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 14:03:19 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date: Thu, 26 Aug 2021 14:03:19 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

setuid
sync.quantumdex.io/ Frame B984
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=22ff3b79-f675-4cd4-a3f3-b9fbdeb8fab1

43 B
332 B

142ms
140ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=22ff3b79-f675-4cd4-a3f3-b9fbdeb8fab1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pa9Bx6cJY0iJWbKJE5vKfc%2BI90eTfk%2BHPyr081bXcvRdakk%2BynpuO%2By%2BZRWBO9w%2FfzBkrsw9aOcK8J2cfYjhvFb5hVUjr3B%2BxQuCZGSIclcMHVPU9PXphrXwAhl855ZFvVagGPZcAUPNCTJKV5LmzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 684d9a579c1c2c52-FRA
content-length: 43

Redirect headers

date: Thu, 26 Aug 2021 14:03:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BhsaGxTUPhwGGhejvM%2BJATU39rX4zLWpUtU%2BQbu3pQmNkWcHA2ctPnodWV4ZRKJYFF%2BNvvKAptXn2ErZXrABIRJMKYOcatW4sKJfQ0HTFjh2uRUYgnmm3bnjAag3WuuBqJgdtZJP6JJPig4vMYo%3D"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=22ff3b79-f675-4cd4-a3f3-b9fbdeb8fab1
cf-ray: 684d9a56492a2c52-FRA
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame B984
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=497165d96412fbf1699cc70f

43 B
323 B

140ms
140ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=497165d96412fbf1699cc70f
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mj0LcVXfHRnt18J3DbE85WEGe3XtBLUwlqYWaJ2uUosdF1hJZABeW546laPu0p02zXXyjds6WQ3UmhnSothf6yNwIJQyB5ull2sEffal0hbCa%2FQzjWxhBRM0VWNNBL4Oy3QFV4stT8%2BjBlYsVUBfLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 684d9a581dbe2c52-FRA
content-length: 43

Redirect headers

Date: Thu, 26 Aug 2021 14:03:19 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=497165d96412fbf1699cc70f
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame B984
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP5e1450c4-0676-11ec-9adf-02334b7a4382
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP5e1450c4-0676-11ec-9adf-02334b7a4382

43 B
351 B

127ms
127ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP5e1450c4-0676-11ec-9adf-02334b7a4382
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7I8SmCOEnq%2FhKGl71g6FPjG6m2KP09%2FKYYCIQyRlAeYKDtEarp3e3%2Bb%2FKuvwpw7yFLBFeQlnIrUIcx0zi2hYPATr41fSc%2FiwGE%2B7CaJlri0TStSvjR5de2fjfhT9XEH6igvp1V1aCIPvsv1vFZnOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 684d9a587ea82c52-FRA
content-length: 43

Redirect headers

Date: Thu, 26 Aug 2021 14:03:19 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP5e1450c4-0676-11ec-9adf-02334b7a4382
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame B984 0
474 B 259ms
51ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:19 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 5F5E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

166ms
93ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2982efdac2b2e53a50f652767df1f61d51f615b0e404b6a70aba1d9bbcf89b51

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YSefJ0uDFztaUIh4Jv1L9wAA; CMPS=219
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|241|39|45|65|195|88|46
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1843
Expires: Thu, 26 Aug 2021 14:03:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:19 GMT
Connection: keep-alive
Set-Cookie: CMID=YSefJ0uDFztaUIh4Jv1L9wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 26 Aug 2022 14:03:19 GMT CMPS=219;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 24 Nov 2021 14:03:19 GMT CMPRO=331;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 24 Nov 2021 14:03:19 GMT CMST=YSefJ2EnnycA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 27 Aug 2021 14:03:19 GMT CMRUM3=4161279f2705a0&2e61279f2705a0&2761279f270b40&f161279f2705a0&5861279f2705a0&c361279f2705a00&e661279f272760&2d61279f2705a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 26 Aug 2022 14:03:19 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Thu, 26 Aug 2021 14:03:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:19 GMT
Connection: keep-alive
Set-Cookie: CMID=YSefJ0uDFztaUIh4Jv1L9wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 26 Aug 2022 14:03:19 GMT CMPS=219;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 24 Nov 2021 14:03:19 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 7E8B 2 KB
823 B 175ms
57ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 33F4 14 KB
5 KB 191ms
62ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=28331
expires: Thu, 26 Aug 2021 21:55:30 GMT
date: Thu, 26 Aug 2021 14:03:19 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame 72E0 43 B
555 B 210ms
53ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Thu, 26 Aug 2021 14:03:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s57129|YSefK; path=/; domain=.go.sonobi.com

GET
H2

200

setuid
sync.quantumdex.io/ Frame 259B
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=03ffea73-b9b9-4646-bbf4-ef6d241ca76d

43 B
473 B

129ms
128ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=03ffea73-b9b9-4646-bbf4-ef6d241ca76d
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzngLrza0HFTHRbKddjotiiHWd8odCj46aEa7bgTkDOkMRtBZyWqjB1mGb%2FbReUQLQnwpoMrUefZyJrfvoSe94LHarKeu4zmeflKfKT5A7HWUFwkMqmbZeu6j6f5pGYboxyzihIlQ1tpIjXVfYvTiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 684d9a575b582c52-FRA
content-length: 43

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=03ffea73-b9b9-4646-bbf4-ef6d241ca76d
date: Thu, 26 Aug 2021 14:03:19 GMT
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 259B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-0woI8IZE2uEcyUXkOPH4qk9C4Xc7IDmB06s7koM-~A

43 B
320 B

129ms
128ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-0woI8IZE2uEcyUXkOPH4qk9C4Xc7IDmB06s7koM-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6HDNPxl1lqIbsfZhVdzLNzD9CypoLxkfIMnwr6mno8BuLo8RhifErxSNdqqDD1BtC4cwZoxg324k2CfOrYVerJnDEw5Qri58Yf5z3spxaQeJ33UojtDRYUvxPmrKVh1w1SM8mhuOctbydnCZg3Pjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 684d9a580d9c2c52-FRA
content-length: 43

Redirect headers

Date: Thu, 26 Aug 2021 14:03:19 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-0woI8IZE2uEcyUXkOPH4qk9C4Xc7IDmB06s7koM-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 259B
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3372475440555118583

43 B
327 B

128ms
126ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3372475440555118583
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZXKm7rx%2BJvWsjKOmG6ey85awAAO3kjkW8bvEmKK045FDHmB6wuIXRRu6EG9c%2B5gRrtcPsjxOL4xe4OCYUejGwYUbQQFNuWPNDF041LOBTJgn2Vqd0obWPCXbkJzAEQx4%2ByQEOMxkr8F4QAsDAYj9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 684d9a580d9a2c52-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:19 GMT
X-Proxy-Origin: 86.106.103.117; 86.106.103.117; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9252cc16-c613-4c69-ad04-35280cfd6467
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3372475440555118583
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

1.gif
id5-sync.com/c/495/0/0/ Frame 259B
Redirect Chain

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

43 B
1 KB

58ms
58ms

Image
image/gif

51.75.146.200
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.75.146.200 , France, ASN16276 (OVH, FR),

Reverse DNS

p11.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 14:03:19 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date: Thu, 26 Aug 2021 14:03:19 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

setuid
sync.quantumdex.io/ Frame 259B
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3372475440555118583

43 B
332 B

123ms
123ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3372475440555118583
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4AkI4jQQ%2BcMZvsQ6dcx6K7O31iZ5BzhRXT%2BgXBOhkDUBKNZ0%2F6rW7SHbC3v5VebaP5s1MSwGzF5%2BJxhnwYTYCfpvA7YtRywYmlwOPnoFR%2F7vxzZCEvnWnRTlaSOhW9%2FufhKJUcHJsTFnrxVD72RXCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 684d9a586e8c2c52-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:19 GMT
X-Proxy-Origin: 86.106.103.117; 86.106.103.117; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 884c9d19-c9b7-40f0-afb8-58c09a773b36
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3372475440555118583
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 259B
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=11458e9a-b4ac-4a9a-a70f-e297166eca87

43 B
324 B

176ms
176ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=11458e9a-b4ac-4a9a-a70f-e297166eca87
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12bnW8ZkTjc666g3qc6MuVX0ns0HHdjbdphfwLUbZ8yU59NNV7A8NCXoEJWVv%2Fy6X0c8d4C7CwEet0XfzatA3MLq7w%2B5ZCguPPYqq5WVDfBuEdDbMGAbEwuKC2Ix9w9diT8OzheAv5MlfVhTE0Uc5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 684d9a57dcc92c52-FRA
content-length: 43

Redirect headers

date: Thu, 26 Aug 2021 14:03:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPETEF7B7jpzOZS3cxPFytdweFvJ8TEcu8i3rtPplnIXBHMW3EcR1pGnNyCN3sqbwdrMlJn%2BKGisY5uOUrUa8J1TousCNINCZ7hqRxXX%2BlDSWEvlZ2BHGN8BbnYMu8nI0p7Y8FKHcGxjFgR83ok%3D"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=11458e9a-b4ac-4a9a-a70f-e297166eca87
cf-ray: 684d9a5699d92c52-FRA
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 259B
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=adb172d21b2d048e0ffc350d

43 B
323 B

238ms
237ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=adb172d21b2d048e0ffc350d
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0MetaORuOeF5oMkZFGrDp7ilHC0KMVE9NWgnR677j1lwh%2BcyOLsCrx%2BaQEp6WJrm4XT0wd1aXBMB5bUhbunDD24Yfm9lzebG1D6opfGXUi6QSOapzFIeCw9V6HWBNSdvYyUhyB2tdKlsavjKnwOeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 684d9a586e872c52-FRA
content-length: 43

Redirect headers

Date: Thu, 26 Aug 2021 14:03:19 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=adb172d21b2d048e0ffc350d
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 259B
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP5e0fbd5e-0676-11ec-9e68-02a0e91c9544
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP5e0fbd5e-0676-11ec-9e68-02a0e91c9544

43 B
329 B

128ms
127ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP5e0fbd5e-0676-11ec-9e68-02a0e91c9544
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ec8VFpCUVKHvKuyPapjeTbBPhLjVzxv6FnxZQT8mhDHRVgK9Ho8qQg%2FAFXCSdYXQb%2FiDE%2BB17MOjBkSUqkgSgB4nvAyhE1nbtisovnlH%2FMR1%2B5FI6zhmqsKOon47xCgqltRmkPNbVCGLrLyZsezYog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 684d9a587eb02c52-FRA
content-length: 43

Redirect headers

Date: Thu, 26 Aug 2021 14:03:19 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP5e0fbd5e-0676-11ec-9e68-02a0e91c9544
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 259B 0
478 B 231ms
71ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:19 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame E14B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

126ms
117ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b0abc244800c9752f1744accbd3f096b031e227985973d89a2c00db09065a372

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=219; CMID=YSefJ26jud2rJfIL-AM5zAAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|230|45|39|41|152|206|57
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1595
Expires: Thu, 26 Aug 2021 14:03:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:19 GMT
Connection: keep-alive
Set-Cookie: CMID=YSefJ26jud2rJfIL-AM5zAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 26 Aug 2022 14:03:19 GMT CMPS=219;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 24 Nov 2021 14:03:19 GMT CMPRO=312;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 24 Nov 2021 14:03:19 GMT CMRUM3=2961279f2705a0&f161279f2705a0&ce61279f2705a0&3961279f2705a0&2761279f270b40&e661279f272760&2d61279f2705a0&9861279f2705a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 26 Aug 2022 14:03:19 GMT CMST=YSefJ2EnnycA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 27 Aug 2021 14:03:19 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Thu, 26 Aug 2021 14:03:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:19 GMT
Connection: keep-alive
Set-Cookie: CMID=YSefJ26jud2rJfIL-AM5zAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 26 Aug 2022 14:03:19 GMT CMPS=219;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 24 Nov 2021 14:03:19 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame CBBC 2 KB
823 B 127ms
58ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame FB76 14 KB
5 KB 149ms
66ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=28331
expires: Thu, 26 Aug 2021 21:55:30 GMT
date: Thu, 26 Aug 2021 14:03:19 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame DBD9 43 B
551 B 167ms
53ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Thu, 26 Aug 2021 14:03:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YSefK; path=/; domain=.go.sonobi.com

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 33F4 0
39 B 64ms
64ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=66531399&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:19 GMT
content-length: 0

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 5F5E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSefJ0uDFztaUIh4Jv1L9wAAAUsAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YSefJ0uDFztaUIh4Jv1L9wAAAUsAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENwnfFUs_RUXfMVpcyQBQao&google_cver=1

43 B
315 B

106ms
105ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENwnfFUs_RUXfMVpcyQBQao&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 26 Aug 2021 14:03:19 GMT

Redirect headers

pragma: no-cache
date: Thu, 26 Aug 2021 14:03:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENwnfFUs_RUXfMVpcyQBQao&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 5F5E
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSefJ0uDFztaUIh4Jv1L9wAAAUsAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSefJ0uDFztaUIh4Jv1L9wAAAUsAAAAB&dcc=t

43 B
645 B

147ms
147ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSefJ0uDFztaUIh4Jv1L9wAAAUsAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:20 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ES3ZWV5Q9SCC2VB4WWRJ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:20 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 0P0KYBVXNCMSWX4PJFVJ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSefJ0uDFztaUIh4Jv1L9wAAAUsAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 5F5E 70 B
264 B 207ms
68ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 14:03:19 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 5F5E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSefJ0uDFztaUIh4Jv1L9wAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN8Z7YVukiQe34IghuJ4cUM&google_cver=1&gdpr=1

43 B
998 B

93ms
93ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN8Z7YVukiQe34IghuJ4cUM&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 26 Aug 2021 14:03:20 GMT

Redirect headers

pragma: no-cache
date: Thu, 26 Aug 2021 14:03:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN8Z7YVukiQe34IghuJ4cUM&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 5F5E
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1630072999&gdpr=1

43 B
315 B

314ms
75ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1630072999&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 26 Aug 2021 14:03:20 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1630072999&gdpr=1
pragma: no-cache
date: Thu, 26 Aug 2021 14:03:19 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 5F5E
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-584f0dfb-8f7e-4f2e-bc55-abf8f576b21d

43 B
1 KB

129ms
128ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-584f0dfb-8f7e-4f2e-bc55-abf8f576b21d
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 26 Aug 2021 14:03:20 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-584f0dfb-8f7e-4f2e-bc55-abf8f576b21d
date: Thu, 26 Aug 2021 14:03:20 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5F5E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YSefJwAD7FOBrwAC
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YSefJwAD7FOBrwAC&gdpr=1&_test=YSefJwAD7FOBrwAC

43 B
1 KB

82ms
82ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YSefJwAD7FOBrwAC&gdpr=1&_test=YSefJwAD7FOBrwAC
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 26 Aug 2021 14:03:20 GMT

Redirect headers

pragma: no-cache
date: Thu, 26 Aug 2021 14:03:19 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1629986600.980693,VS0,VE0
x-served-by: cache-fra19151-FRA
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YSefJwAD7FOBrwAC&gdpr=1&_test=YSefJwAD7FOBrwAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 5F5E 0
0 186ms
72ms Image
text/html 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 setuid
sync.quantumdex.io/ Frame 5F5E 43 B
329 B 123ms
122ms Image
image/gif 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YSefJ0uDFztaUIh4Jv1L9wAAAUsAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iake5mLbIH%2BH14XEEMxCcm%2BLoq4A3q5pcUNxLsFDab%2BbZP3r6teLDIE2HVNfZYokIU9i%2BVyY0ROdkNuLhV%2Bd5MBKK3qHy%2BANTZckdwwpLmGoNb1KcflsSFnipOgsfnV0yPADNLp3Sod5LtOE21eqOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 684d9a57fd282c52-FRA
content-length: 43

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame E14B
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSefJ26jud2rJfIL_AM5zAAAATgAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSefJ26jud2rJfIL_AM5zAAAATgAAAAB&dcc=t

43 B
645 B

140ms
139ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSefJ26jud2rJfIL_AM5zAAAATgAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:20 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: PFZ9PDC93ANXYZXBA044
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:20 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 11Q0Z5APSRAV5SS14KKT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSefJ26jud2rJfIL_AM5zAAAATgAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame E14B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSefJ26jud2rJfIL_AM5zAAAATgAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YSefJ26jud2rJfIL_AM5zAAAATgAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG_26Sc2ojukMnCjPzdTj0g&google_cver=1

43 B
315 B

120ms
120ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG_26Sc2ojukMnCjPzdTj0g&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 26 Aug 2021 14:03:19 GMT

Redirect headers

pragma: no-cache
date: Thu, 26 Aug 2021 14:03:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG_26Sc2ojukMnCjPzdTj0g&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E14B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSefJ26jud2rJfIL-AM5zAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN8Z7YVukiQe34IghuJ4cUM&google_cver=1&gdpr=1

43 B
1 KB

111ms
78ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN8Z7YVukiQe34IghuJ4cUM&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 26 Aug 2021 14:03:20 GMT

Redirect headers

pragma: no-cache
date: Thu, 26 Aug 2021 14:03:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN8Z7YVukiQe34IghuJ4cUM&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame E14B 70 B
265 B 172ms
67ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 14:03:19 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame E14B 43 B
408 B 434ms
59ms Image
image/gif 72.251.241.206
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:20 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-4
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E14B
Redirect Chain

https://sync.extend.tv/r.gif?exchange=index
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=d425bb47-11b0-4d34-8aa0-3eb10052c8d2

43 B
1 KB

90ms
90ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=d425bb47-11b0-4d34-8aa0-3eb10052c8d2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 26 Aug 2021 14:03:20 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:20 GMT
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=d425bb47-11b0-4d34-8aa0-3eb10052c8d2
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 132
Expires: Tue, 29 May 1984 15:00:00 GMT

GET
H/1.1 204
No Content sync
ups.analytics.yahoo.com/ups/55940/ Frame E14B 0
234 B 105ms
59ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YSefJ26jud2rJfIL_AM5zAAAATgAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 14:03:19 GMT
Server: ATS/7.1.2.138
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E14B
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739029348022967

43 B
1016 B

95ms
94ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739029348022967
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Aug 2021 14:03:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 26 Aug 2021 14:03:20 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739029348022967
Date: Thu, 26 Aug 2021 14:03:20 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 setuid
sync.quantumdex.io/ Frame E14B 43 B
481 B 158ms
154ms Image
image/gif 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YSefJ26jud2rJfIL_AM5zAAAATgAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 14:03:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Yno0Aeav29mFri9Tj0%2FrZXxFYb3V%2BtzXtH%2B19Dm%2BlJGWBOHRcIfjKtcbPX2pPR200IBgrBZpEqLRJ1qIy9Milcu%2FiHXzi9lPsU5CFz9gHmt77g2Ob%2F5wr5AjgaEFxXPLlUwChf9xQheCyACmUADEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 684d9a582e0a2c52-FRA
content-length: 43

GET
DATA 200
OK truncated
/ Frame D0F7 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 518f5f703f0a15f5f59437876e0e94549c0d74a34883be7b01eb1f2f928b5cad

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 29F9 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 674f8ce5d7a502e23d3acbfd10e828b7141fb1c9ecae3c5c7ce01dbda665e41e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 29F9 0
0 30ms
30ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUjX9JJ8nYZ74BYynx_AP7--k4A-A3uK6ZMuy57SrDsCNtwEQASDOh-t-YJUCoAGEocmoAsgBCakCUkvUsKnBsz6oAwGqBP0BT9Co-MiT6hmKGfHCPIIQkXScS-FJI__Mscoz9WG36Dyd_ZzcXpNlZyHA6N1rd_KaMafI3h3BiM-sXE_dsOk_GsWjrgE4ICfWFqPv0ybVckigNsfInmzD9UxYpMPbzh_yU9Wjj1rfFglzSWEOyZmg0wisKjOzztnytq_XTmKIFCa4Gf9sIqZBAoKGcqPa-WyNVp6St2lzloUTZ_Qp9HCcoawYyn3210uyBN5-nedmujTvLPw4kVS8zKcuGyii9b7LXbIGu0SPF5ieN9trgWg4vH_qPnB9-MEkjLVk_fUU6l0n5Ee6QMGfRYmynnJMM-8PusXgbwAohcXehxrF3cAEr4aZisoDoAYugAfk3rbXAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQ_4YD0ggJCIDhgBAQARgfgAoByAsB2BMD0BUBgBcBshccChoIABIUcHViLTI0NjI3MTk4NjY2NzMwMTEYAA&sigh=B6yHSktNslQ&vt=1&template_id=419&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2462719866673011&output=html&h=280&slotname=3242898716&adk=670283550&adf=1359369005&pi=t.ma~as.3242898716&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.khlifat-info.xyz%2F2021%2F02%2Fpaypal.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629986595102&bpp=2&bdt=430&idt=331&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1103991354717&frm=20&pv=1&ga_vid=196200565.1629986595&ga_sid=1629986596&ga_hid=940542972&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=871546251004057&loc=https%3A%2F%2Fww1.sdsmanga.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oCIK0i7QnQ&p=https%3A//ww1.sdsmanga.com&dtd=851
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 26 Aug 2021 14:03:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 26 Aug 2021 14:03:22 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 29F9 42 B
174 B 29ms
29ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFLJyQ2q76oOL6dR4uMpbRNMKqN_q2u_H32H6WueFtLdKFBS5kTzPcvHigd58wddwKg0rUS8rQH6xGdihhpAuaIxyqqQSAOIe8Zz8Ici7OKYg5TWxcOeS9rO4yXQ&sai=AMfl-YSpTNfAjhI_LZbhRx4Nj1uFIkXzcf1Zy9_bjdlo4p_DHZvJoaSnNTfEiu7CZ1yzI58LJ1-yx74IAYHy&sig=Cg0ArKJSzOtENuhStmlIEAE&id=lidar2&mcvt=1000&p=949,632,1229,968&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210823&bin=7&avms=nio&bs=0,0&mc=0.9&if=1&app=0&itpl=2&adk=670283550&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629986595954&dlt=570&rpt=5631&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 14:03:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vregister.php
syndication.exdynsrv.com/ 0
289 B 166ms
61ms Image
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://syndication.exdynsrv.com/vregister.php?a=vview&tracking_event=progress&progress=00:00:10.000&idzone=3913800&904f46813ae5d83a843d5a8599c8f9a2=tsVuZ8uHLjt4eNvLtq48PXDn649ddlTlK8E.fjtu48O27jw57uPHvramslrpwzPTB1wNxsSvWMPOZ9OOuqCtxd.aquViRzPCza9Btmf2yMSvMbmppNcDbDdrlNcFTlOffhy6.emuBuexmOCp9ynPt448vPPXA3VBW5n47duHbprgbxmlcz5.ePPxw4a4G2mK3HpqcM.vHvrgbaYknYgelz6c.XDzz8a4G7WKYGK4Jpc.nnn38eO_LXA3NVn04a4G2aZrqnKc.WuBtty2BpzPhrgbaYppgcpz4a4G4Kp8._TjrqsZz4a7WI7HM.O7gDt6657GY4Kn3KV6WK3M_HXXPYzHBU.5Su1ZTS5K1hmieBraYknYgelXasppclawzRPA1uXtPsSvOL1zLz2MxwVPuU58dbl7T7Erzi9cy8rld01MWfHWw2vXhO5nz463ZqZGK89cDcrld01MWfHW1NZLXTgvNTA9BKxHmemDrfrrnXvXdmpuYpbcbXdmpz1wNz0zN2NVrtMVuPTU4Z8eHLXPTA1BK8vJM25Hn01v11z1Z8ddTVLjkq9LlU0dlcE0ueuypyleBvPhrspjXfYqfz5eHOPBrz488mOHZ13xxZb49HOLXHpy48PLnPXBJPS5VVBNKvVWxXZVnw1wST0uVVQTSrwS2sRwNr0uMVTS58tdLjrlLlK9UFbi781VcrEjmd13HdU3VIxK8xuamk1sNsxzNRZ8NcDczrrlOfXpz4.NcDcbErcEry87DzmfHh04ceWu2BtyZdy1yWvPW5TTNS1M25nrgbbYrYaclrcpz5a4G2mKaYHKV6prKWnM.GuWapqmCevPhrglamelgrmXkmbcz4a63Kq15Jm3M.Gulx6CaVd5yaViRxeBvPl278._LlrnpmvwXqrYrsqz28dcDc7FNcrlOfDW1BXgu85NKxI4vA3ny7d.ffnw1yuVsNWQV4Lz0zX4L14TuZvzVVwSva5XK2GrIK8F56Zr8F23KmqYJ64Jpc7Z5dbDbMczUS9rlOeuCSelyqqCaVdiONeCW1iOBtelxiqaWrPlrqsZ5Z8NdVjPPPhrqapgnrXrwncz11NUwT1rysSOZ66mqYJ617XKc9bNM11TlK9rlOfnlrtpz4a4Ja3KZWI8.GuWZd2yVurPhrgbpcqnmlqgtcXjYwmsrz4a4G5LI64MZpXM.GtyRiCNeCqfPhrtssgbz49uXnz47dfPXlx6dOPTp479e3Hl38u8ufXhxY8a64JHKq2JJ8.Pbl58.O3Xz11tTTRQONTS1OS158Y-
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ww1.sdsmanga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 14:03:26 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSefJPmqWRZtUnOJ5tgxEQAAAqgAAAIB&google_gid=CAESEEh290d-jROkkc3h8ZVuD-c&google_push=AYg5qPJMYLLuxDsC0CytDn9WzOCdsrit_yaYnRirKay2tdr_KHLJsOzf46SKzfQMH9HRr7QYsPETovjCYSDFsoIDE96IV_4UPkI1dA&google_cver=1

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 20:46:27	Name: test_cookie Value: CheckForPermission
			.sdsmanga.com/	1970-01-20 06:08:02	Name: __gads Value: ID=afe2cac8be4efd78-22b2801cb7c900e1:T=1629986596:RT=1629986596:S=ALNI_MaFmAJC_ofYSIXTFsn3TNsW8Udg8g

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://ww1.sdsmanga.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	error	URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js(Line 439) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://tag.vlitag.com/v1/1629980993/87436f72739d6fee74ffc3de10ceeb56.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://tag.vlitag.com/v1/1629980993/87436f72739d6fee74ffc3de10ceeb56.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.exdynsrv.com
ad.doubleclick.net
ad4m.at
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
ap.lijit.com
as.ad4m.at
assets.ad4m.at
assets.bilsyndication.com
assets.vlitag.com
banner.congstar.de
casale-match.dotomi.com
cdn.jsdelivr.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs-simple.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
match.adsrvr.org
match.sharethrough.com
ms.quantumdex.io
nep.advangelists.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
pixel.rubiconproject.com
prebid.a-mo.net
prod-rtb.ad4mat.net
px.vliplatform.com
rtb.openx.net
s.amazon-adsystem.com
sdsmanga.com
secure.adnxs.com
securepubads.g.doubleclick.net
sender.best
services.vlitag.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
stats.vlitag.com
sync-tm.everesttech.net
sync.extend.tv
sync.go.sonobi.com
sync.quantumdex.io
syndication.exdynsrv.com
tag.vlitag.com
tpc.googlesyndication.com
u-ams02.e-planning.net
u3y8v8u3.ackcdn.net
ufo.approximity.com
ups.analytics.yahoo.com
useast.quantumdex.io
worldstatistics.live
ww1.sdsmanga.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
cm.g.doubleclick.net
104.111.215.191
104.111.239.217
13.248.242.197
142.250.185.194
142.250.186.66
142.250.186.98
147.75.38.124
148.251.139.77
151.101.14.49
178.162.133.149
18.156.0.31
18.195.172.136
185.33.221.91
185.33.223.178
185.64.190.78
193.0.160.128
2.18.233.180
2.18.234.21
2001:4de0:ac19::1:b:3a
209.54.176.128
216.58.212.134
2600:1901:0:76b9::
2606:2800:234:4cc4:5670:35d5:1e00:b394
2606:4700:10::6816:1758
2606:4700:20::681a:ad1
2606:4700:20::681a:eee
2606:4700:20::ac43:4597
2606:4700:20::ac43:47f1
2606:4700:21::681b:cf5c
2606:4700:3032::6815:57ae
2606:4700:3036::ac43:9af9
2606:4700:3037::ac43:c79d
2607:fad0:3801:4::1
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:808::2001
2a00:1450:4001:810::2008
2a00:1450:4001:811::200a
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:7c80:0:121::2
2a02:fa8:8806:13::1400
2a04:4e42:3::485
3.120.13.220
35.158.223.21
35.171.214.154
35.186.253.211
46.249.52.248
46.249.52.249
51.75.146.200
51.89.9.254
54.209.33.59
69.173.144.138
72.251.241.206
72.251.249.13
95.211.229.245
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0a982a633ea505e607eec56c1683486a77cadd9bc6c5bdfdcf8212dc68690b77
0b738cf726982eda86959ab4decde913a4ba6629f5ffccae8f65a8c8bd115451
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c8082a361e5d63cdd8add7cae6871b93d3119c0a7f1aabaf877415731996334
10bda34b2a767f9313bab5797a0a7733d0366cbece27caf11860de930fdc180c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1b32c0e1e7e7d36f50202fbae4e83981051a9b0b13a2dca251e66f4fcf298a23
1c67538660c5b2504ce618da37968a380b1dcb06b38189d9fad5d4a6571c624a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1dead8fc067d4ad32444d772fa5dff184891e3f0c8a1ffdccaa15b123c5c7f9b
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2379f0dd51e35a8a91d784fe3f7c1080c2784eac7f1670c973f3bd6a954e26df
238018597a0e3b579cd29ba9b7aeeb2c4f5f0e3e6363d593ca957910a34ccdae
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
268d81a69a9e1910b84cf74017fba73517adac9e466f83ba8f264da82e07e74d
2982efdac2b2e53a50f652767df1f61d51f615b0e404b6a70aba1d9bbcf89b51
2b7ad361cce9dbab34c8fd714b379707d7aa40199bf90b90f9f19c7c1db5171b
2d423bd39f0951f7ce33a0aa0aff5f661bd5b68a29f95a1bcda6faef77ac5725
2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30b410b83af8676ba33a86cce11abe9db8e5c660b3ec379502ceb32cc014ccb7
31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb
32c10d35396f1f2cc090d0fb2df38b33e1a60acb4c29fd8577c636ff5767cbcc
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3f6ab570e3bedc7c364c0430d659a20dafb00defc5830f2744ab251c8d17c3cc
3fafea190edc10f13a86733d072a866b434b4d3bcbe56664532db6b19c4e7322
3fbb60324ba018c58305566d35e4f580630b41aeb9bb737daef3314a6b100121
45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707
4650401a4f688dd1be61819d98f76ddb4051b52f45c61b18d13cba7492dcf033
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
48989643c50365f61cd0a19032957eb70490a3ce314d6c8be3d146c0ba3aac76
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880
4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50235ec9793a0ef9fa1e16fc5d47fdfd56f199b343586308c7cbec1e9937435a
50378aa9304561a118da2a16b43b3f978f6b1e79776748ddd28ec794a4a3e2d0
50ca6ed9f1be92b3ada7c2b0597866fb8a53090a4eb95fa6b17f332943e48e1b
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
518f5f703f0a15f5f59437876e0e94549c0d74a34883be7b01eb1f2f928b5cad
54027a92a68deb2438218170df0f8733ca15dc7955fe69abd7c6214dd8adfa3a
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
569af0d58a2df0af2da77aaebaaf00b84c15334c5e9af0b77ba4c81a62db5d40
5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
647f43cd0cfdbafe354249e2c9831cc97c843fe0e44a726febdfb956bd1d25c5
66a478731d58490c85f2ad5bbfefae858dd936a82646c122e60338381cd39911
674f8ce5d7a502e23d3acbfd10e828b7141fb1c9ecae3c5c7ce01dbda665e41e
6a1e09f64ce20c981de44a096593a15f985a928419b188b0098f59687760c546
6a9f4a4cc23bbe232be7f4ca796c9cf6f5edeabb85c1332a077df626c084cf4e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cfa689632d30700d433d2ce1aab495ef6ab7bdf5ffd6a143d683609982b7ca0
7106ac4056a90e6943627d4c041fca5fc4b60312211715a455f5dddf29bf108f
737dadb23f48c0823c3d5f597c2f9d34d81a8e964f013109fb366d7d84dffdc1
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
820940626c8b0ea4d61278c472b9f3f4b02358cbba4c85c0bb22c1d14584b806
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
857c89b90bea6b75f04b6cc7b659594ea58b72724f1c6dde3955c958d4627245
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
8737add0f4dcfe0274b0527cdcec53cc4375cf530513f6ae191787404b90a587
8b212c805c1df4fcd7fb7137e6b340679a138458f56350d0b8b740f75983f83c
8b2fe7ec1a5f8afce34a67f956c9b3fb3fcb698171534b537f269efdfa4e1657
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
9436551304fec3a97d4625843e3245d05f790472e890a59feabe4e078c4af7d3
94a1096d4ddd1232128b8a52859680031fd1aa9df3bec2a6e25e7cf4ffd95282
98726f9632fa3f6359c2d118f2061241729bcfc9a98563ccb6cf87444d32bd88
99f6048e026a358bcd25087b08a35840836764c0c3a97cd18569a0dab3263b7b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b0cdd883ba5aba9619606b07e5354d7a7d02c613f16304b2be6f14382142a7b
9c9ae086df1dc31c5f80ba308456aec5c3b72dd9922e2f8aca30df85fd6f82db
9de626a464b668bcafcd10dc2619ce1c039e35525c16f1ecbad67f20664088a5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e17dc7fbb41dd035a4b0bb0f3f3623ef3e234b993a212f6d1f92873aa221a8
a2e9cc6fb50b7227bfb03cce27a74458b0dda724d7e2b6d32831f46430342eed
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a76d813c85afe6df4124f577cc295dcd15565b68683d7696e5ca44b23044a4fe
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abb31298217ecdfb4d86dc222223f698ee0e94ba28edea6471672f3bdce27d20
afdd5b03f94d18d31b86e4bdf19ad063f6917233f5605f2e4b34d055a2502b0e
b0abc244800c9752f1744accbd3f096b031e227985973d89a2c00db09065a372
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18681a82ac52105a909d98563860994fa9002da2b3d44b2ed98640e49dbfd73
b42b4352de6f6b0ccbb4a464b20658f2e8411ec7a1a89803dac29cc22de84cd8
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c0a96d49509db25d8784ae09e1488613a9899a26ad99807eb6d06d99670c2fb8
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c33de5a9a75aa952fbca26788f0be0c39e855f078fb2350685c7329b2c6a1ac8
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c666a95fd3b0a4703d5241baee79ac60168d7467a66ac61e90a4618d52c80a60
c6e793a8f9395e4181208d01e9ac36b905e3ce6e48460b4318df8628dcebe82c
c9ee01ee8903499cb90168df3d5de82fdcf4660511aa12e06207bca6ccfdf064
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d64d741f5b533b95f1a6be252ed3f5f89d79d4010d882a17126d18ba8509a868
dafd8a27206f9d906a4cfaffdb22befc8c06eec3bc49410159c4449c981ca7af
db0036b2374adbe7d918022156b9ce51374aaa2741d9aa43062eb395cfeb2928
dbb80dcea54f7729198af5e295a98e3cacc3a66a7c308cda48625042944170b9
df22fac12b6ae280330dcf8d761dd7363c737aa8903aa1198782f901f057a26f
e0447c33437b68ce8263e7ce898c532cb1676e1dfc94662aea3300263e425265
e276ab7c471e65d36877c173f3417b1a0a690179557ea3edde45956fefbda2e9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6040aaa9086db2da20f918be71f9cfdd6441098cbd69ae5522dfaeafb268b8d
e785c4337e570ac3aeb85f336fbdd3f42e0b7437c178ba2ea0997999d3a6bb0e
edd010405afcf7f11562b847e3295cd2d9d12bcc1c90a30ef6321a38ea4758fe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04d3dd5603c6d02b1e77e3e89830a3a925fd9e576f70a319077d0648de8c7d4
f4331958938b7c1c57a67d7b16bf9f90b27b99842f80517b27d99def1f643a73
f4830ea2f15f8329f64ed5b8ee0f4d162ff9ba060f29b3700e863e30eeb3ddc3
f4a0ccd1cf2d05b241997d5e0370c31e7c52c5a4f3083a7535cba7fbdebe383f
f98ce4c55a2454695668ab225a64a8506875d5a5faf283426fa5b4b0de8659a1
faaaf01f597e356e9dc91520c3bba215dd5476370b3ddea78490da9ffaace6f2
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff17fae67a8461e89b15329dfc863d7c1f75dcc594b897d5cbcc1cc2a3323cfc

ww1.sdsmanga.com Open in urlscan Pro 2606:4700:3036::ac43:9af9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

203 Requests

99 %HTTPS

47 %IPv6

51 Domains

72 Subdomains

49 IPs

6 Countries

8493 kBTransfer

15967 kBSize

2 Cookies

7 Outgoing links

Page URL History

Redirected requests

203 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ww1.sdsmanga.com Open in urlscan Pro
2606:4700:3036::ac43:9af9 Public Scan

Screenshot
Live screenshot

Full Image

203
Requests

99 %
HTTPS

47 %
IPv6

51
Domains

72
Subdomains

49
IPs

6
Countries

8493 kB
Transfer

15967 kB
Size

2
Cookies

203 HTTP transactions
4 data transactions