www.pokemonfanblog.mastertopforum.org Open in urlscan Pro
31.170.105.177 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.pokemonfanblog.mastertopforum.org/
Effective URL:
http://www.pokemonfanblog.mastertopforum.org/noforum.php
Submission: On November 29 via api (November 29th 2022, 12:01:55 pm UTC) from US — Scanned from US

Summary HTTP 115 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 24 domains to perform 115 HTTP transactions. The main IP is 31.170.105.177, located in Germany and belongs to BKVG-AS, DE. The main domain is www.pokemonfanblog.mastertopforum.org.

This is the only time www.pokemonfanblog.mastertopforum.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 9	31.170.105.177 31.170.105.177	29141 (BKVG-AS) (BKVG-AS)
7	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
2	5.135.162.57 5.135.162.57	16276 (OVH) (OVH)
5 20	87.98.153.73 87.98.153.73	16276 (OVH) (OVH)
2	178.32.120.35 178.32.120.35	16276 (OVH) (OVH)
1	79.143.185.233 79.143.185.233	51167 (CONTABO) (CONTABO)
6	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
1	91.194.90.102 91.194.90.102	51167 (CONTABO) (CONTABO)
5	5.135.94.16 5.135.94.16	16276 (OVH) (OVH)
4	2607:f8b0:400... 2607:f8b0:4006:824::2001	15169 (GOOGLE) (GOOGLE)
2	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
2	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
18	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
2	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2620:100:a001::a 2620:100:a001::a	19750 (AS-CRITEO) (AS-CRITEO)
6	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
1 1	34.231.8.66 34.231.8.66	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.227.211.136 35.227.211.136	15169 (GOOGLE) (GOOGLE)
1 1	34.95.127.121 34.95.127.121	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.33.238.122 23.33.238.122	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2606:4700::68... 2606:4700::6811:a35c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.227.38.65 23.227.38.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	76.13.32.146 76.13.32.146	26101 (YAHOO-BF1) (YAHOO-BF1)
1 1	35.212.79.71 35.212.79.71	15169 (GOOGLE) (GOOGLE)
1	23.227.38.32 23.227.38.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
115	24

9 31.170.105.177 (Germany) 2 redirects

ASN29141 (BKVG-AS, DE)
PTR: s5.mastertopforum.eu

www.pokemonfanblog.mastertopforum.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:817::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.135.162.57 (Bonneuil-sur-Marne, France)

ASN16276 (OVH, FR)
PTR: ns3310665.ip-5-135-162.eu

www.masterworld.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 87.98.153.73 (France) 5 redirects

ASN16276 (OVH, FR)

awghk956qa.s.ad6media.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ae4p4bar4w.s.ad6media.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.32.120.35 (France)

ASN16276 (OVH, FR)
PTR: ip35.ip-178-32-120.eu

ae4p4bar4w.s.ad6media.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
style2.ad6.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.143.185.233 (Munich, Germany)

ASN51167 (CONTABO, DE)
PTR: free.ip-233-185-143-79.dehost.org

www.mastertopforum.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81f::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.194.90.102 (Munich, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi391762.contaboserver.net

www.freestats.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 5.135.94.16 (Sarlat-la-Canéda, France)

ASN16276 (OVH, FR)
PTR: ip16.ip-5-135-94.eu

c.ad6media.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
style.ad6.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:824::2001 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2620:100:a001::a (United States)

ASN19750 (AS-CRITEO, US)

pix.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.8.66 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-8-66.compute-1.amazonaws.com

ad.admitad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.211.136 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 136.211.227.35.bc.googleusercontent.com

new-balance-athletics-inc.sjv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.127.121 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.127.95.34.bc.googleusercontent.com

www.ojrq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.33.238.122 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-33-238-122.deploy.static.akamaitechnologies.com

www.newbalance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:a35c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

track.flexlinkspro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.38.65 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: myshopify.com

atlantapalms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.13.32.146 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.212.79.71 (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 71.79.212.35.bc.googleusercontent.com

click.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.38.32 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: myshopify.com

sneakerthrone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	criteo.net static.criteo.net — Cisco Umbrella Rank: 590 pix.us.criteo.net — Cisco Umbrella Rank: 3161 csm.us.criteo.net — Cisco Umbrella Rank: 3222	854 KB
23	ad6media.fr 5 redirects awghk956qa.s.ad6media.fr ae4p4bar4w.s.ad6media.fr c.ad6media.fr — Cisco Umbrella Rank: 445446	42 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 182	237 KB
9	mastertopforum.org 2 redirects www.pokemonfanblog.mastertopforum.org	58 KB
6	criteo.com rtb.va.us.criteo.com — Cisco Umbrella Rank: 6578 ads.us.criteo.com — Cisco Umbrella Rank: 3138 cat.va.us.criteo.com — Cisco Umbrella Rank: 4061	88 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 64	37 KB
4	ad6.fr style.ad6.fr — Cisco Umbrella Rank: 87368 style2.ad6.fr	82 KB
3	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1227	1 KB
2	sjv.io 2 redirects new-balance-athletics-inc.sjv.io — Cisco Umbrella Rank: 456957	495 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 300	10 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	95 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 121	671 B
2	masterworld.org www.masterworld.org	8 KB
1	sneakerthrone.com sneakerthrone.com
1	linksynergy.com 1 redirects click.linksynergy.com — Cisco Umbrella Rank: 19829	1012 B
1	atlantapalms.com atlantapalms.com
1	flexlinkspro.com 1 redirects track.flexlinkspro.com — Cisco Umbrella Rank: 116750	354 B
1	newbalance.com www.newbalance.com — Cisco Umbrella Rank: 59906
1	ojrq.net 1 redirects www.ojrq.net — Cisco Umbrella Rank: 5737	575 B
1	admitad.com 1 redirects ad.admitad.com — Cisco Umbrella Rank: 45439	552 B
1	freestats.net www.freestats.net
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 961	700 B
1	mastertopforum.eu www.mastertopforum.eu
0	freestats.org Failed www.freestats.org Failed
115	24

	Domain	Requested by
19	awghk956qa.s.ad6media.fr	4 redirects www.pokemonfanblog.mastertopforum.org c.ad6media.fr
18	static.criteo.net	ads.us.criteo.com
14	pix.us.criteo.net	ads.us.criteo.com www.pokemonfanblog.mastertopforum.org
9	www.pokemonfanblog.mastertopforum.org	2 redirects www.pokemonfanblog.mastertopforum.org
6	csm.us.criteo.net	ads.us.criteo.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.pokemonfanblog.mastertopforum.org
5	pagead2.googlesyndication.com	www.pokemonfanblog.mastertopforum.org pagead2.googlesyndication.com www.googletagservices.com
4	tpc.googlesyndication.com	googleads.g.doubleclick.net
3	sp.analytics.yahoo.com	www.pokemonfanblog.mastertopforum.org
3	style.ad6.fr	www.pokemonfanblog.mastertopforum.org
2	new-balance-athletics-inc.sjv.io	2 redirects
2	cdnjs.cloudflare.com	ads.us.criteo.com
2	cat.va.us.criteo.com	ads.us.criteo.com
2	ads.us.criteo.com	googleads.g.doubleclick.net
2	rtb.va.us.criteo.com	googleads.g.doubleclick.net www.pokemonfanblog.mastertopforum.org
2	www.googletagservices.com	googleads.g.doubleclick.net
2	c.ad6media.fr	awghk956qa.s.ad6media.fr www.pokemonfanblog.mastertopforum.org
2	adservice.google.com	pagead2.googlesyndication.com
2	ae4p4bar4w.s.ad6media.fr	1 redirects www.pokemonfanblog.mastertopforum.org
2	www.masterworld.org	www.pokemonfanblog.mastertopforum.org
1	sneakerthrone.com	c.ad6media.fr
1	click.linksynergy.com	1 redirects
1	atlantapalms.com	c.ad6media.fr
1	track.flexlinkspro.com	1 redirects
1	www.newbalance.com	c.ad6media.fr
1	www.ojrq.net	1 redirects
1	ad.admitad.com	1 redirects
1	style2.ad6.fr	www.pokemonfanblog.mastertopforum.org
1	www.freestats.net	www.pokemonfanblog.mastertopforum.org
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.mastertopforum.eu	www.pokemonfanblog.mastertopforum.org
0	www.freestats.org Failed	www.pokemonfanblog.mastertopforum.org
115	32

This site contains links to these domains. Also see Links.

Domain
demo.mastertopforum.eu
help.mastertopforum.com
www.masterworld.org
www.mastertop100.com
www.scambiositi.com
www.scambiobanner.tv
www.freestats.net
www.freestats.org
s4.mastertopforum.org

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.s.ad6media.fr R3	`2022-10-18` - `2023-01-16`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.va.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-08` - `2023-01-09`	3 months	crt.sh
*.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-30` - `2023-01-03`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.us.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-07` - `2023-02-07`	3 months	crt.sh
*.ad6.fr R3	`2022-11-21` - `2023-02-19`	3 months	crt.sh
www.newbalance.com Entrust Certification Authority - L1M	`2022-02-09` - `2023-03-08`	a year	crt.sh
atlantapalms.com R3	`2022-10-29` - `2023-01-27`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-09` - `2023-02-01`	6 months	crt.sh
sneakerthrone.com R3	`2022-11-07` - `2023-02-05`	3 months	crt.sh

This page contains 13 frames:

Primary Page: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Frame ID: 239AF9CC77380FECF6E6945F0877AEBC
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 2CDC8AD0C8F1EC687339ADB5F387D8EC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0619060941749983&output=html&h=280&slotname=2188020745&adk=2320542684&adf=1965096578&pi=t.ma~as.2188020745&w=1200&fwrn=4&fwrnh=100&lmt=1669723285&rafmt=1&format=1200x280&url=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2Fnoforum.php&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1669723284607&bpp=12&bdt=690&idt=524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=171794653032&frm=20&pv=2&ga_vid=1897128727.1669723285&ga_sid=1669723285&ga_hid=1764834597&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C42531706%2C44776004%2C31070923%2C44777813&oid=2&pvsid=4191938444186702&tmod=957906275&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Fcg0qYE8vd&p=http%3A//www.pokemonfanblog.mastertopforum.org&dtd=608
Frame ID: 38DFE9F1782A8A085FB14D83D36B0A86
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0619060941749983&output=html&adk=1812271804&adf=3025194257&lmt=1669723285&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2Fnoforum.php&ea=0&pra=7&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&aspe=0&asro=0&dt=1669723285296&bpp=5&bdt=1379&idt=5&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=171794653032&frm=20&pv=1&ga_vid=1897128727.1669723285&ga_sid=1669723285&ga_hid=1764834597&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C42531706%2C44776004%2C31070923%2C44777813&oid=2&pvsid=4191938444186702&tmod=957906275&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=50
Frame ID: B96E2CE5BBD424841E5BF53E135D1762
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Y4X0lQAIZecE0bIPAAaTSDCaPCJ7ANkqGh8R2w&u=%7CZNq05Gxqr80fP1eRLSAiFIwGscQJmI8M0JGEE4Dskvc%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEblbnwQa_69I05eubcfOx4_aMd7nqOCC42G6IfP9O15z4HqPsTJm-4-78ZQWFx-qIKnr5RxmN6Lao0bitGU5WLTFNdeo51jlx5VEGHjhp9sXwliipN52bmQ3LN6SeWQVwLel3ZpOZ6Vh_ELfsA-kGtX-ij_Cf43GxKv1FMBA4mMPcA0zS14po-TLX7TIWKws-AZpzfDWStz8GlzY0GeMwWIUQWtSkl3i2vG0qK761lV-BwttZKCAoPsegJWfpJDhoNOyKTT7ButgOzPKPl-RKSdeYYRts3OYdEEsoWugGirhz9Bhsy9UGeDmDs0R3MhwR2n3x9Ks8Nke3-Rzqua9EmeOshongQIRqewLTuzdUCC-iDJ2j09Q8_SOiZOaLFg2SOm5BmGuaZ_rCUDiGWKAYTRs1NL3hjct3nUapXhhJ03zrZfapuVMHQANnvTqBPW0dtdRO_JPIm4aoFHulLLv05I2l2_k4Y2FZJabDjbP0udWmzVzdrDjtJy8GdQccVtPf0aYVzTB7Q7j3si8yPmDR5gbL1lIfiCefk9J7sH1iW1vapoDATbMUKGyOfYzke14DI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC_rAlfSFY-fLIY_kxtYPyKaayAqcge-wXILzt52dAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTA2MTkwNjA5NDE3NDk5ODPIAQmoAwGqBJ0CT9AKRK6aJkIRoKLg0UPBK0XQbT-VXiLkI2NMJfV3C_sXxFYapAaLbIREbSOM9yUgsgVsoERZgvQTDRUVlkeQ5UQK06dmnEvVQ9PWsOAEm9Hj1YM_o5dwzHPFT7KRepdKpkzoB0DzIZ5wW5QM-07Rdx_rhRNZDHndrz6Qk0i80o89DAxt_VXyJigjOZiQDEZX2CVJmBa3I6CXIci0EGGqjrXOtD_lA3SUKhOntmFfjgSkgBjfiUIka8KvnZ03SEjC-Xj1S_OKk2jezYOqefprT7g2Vrrttj1c_HBhna90sJJ4H_pv8DSzgo1ZdCWR6bhOQdKaw3w8XR86tOYvLR1-zfpuj07ZqQRuv1vsYtV7QlJgDfewbZ5QwmTVhMakgAb_472zzoOJ212gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bttEJZ-sq20aysGkKs00IfaKY1Q%26client%3Dca-pub-0619060941749983%26adurl%3D
Frame ID: 1C7226D607FAB5FD4705624BBAA7879C
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: C65671178F127F4D336F9D9F3A7E991C
Requests: 8 HTTP requests in this frame

Frame: https://style.ad6.fr/img/m/81139.jpeg?&subid=S22112913012596841523641327766
Frame ID: D7E5C57F9B86CD8B2AAEA66700B401D5
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Y4X0lQAIo5wITwueAAtA5AKG8wwpi12c-852pg&u=%7CZNq05Gxqr81QkBJwDfAx32OhDXVFhR34GKLi6Wzxy3o%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEadMnLNV8y2A8SbTebqeNpCT4vYV7ni5IPFxZGVRxUNAApYGMRxBLQ27avLiELWr71NcjxNa86OeAFTakoWutcsqyz8YjlPUjeCWqu5W6C2j_yfL33jKOadKjfVgsk-lJ7JvFLu5VucwsBsX7MOrttjBbbGwvP7Y0NTE1nGqcaKzcMLJMzY0NefPnJp5DgJ3SQi1s848EWU8p8AFQaPKjH97H9R_pL-3eJGcqvTur-vbwwYo5FouIRDN6LCILWtR9eujDn5oJCOyC3EmeGIf3biKuhE6xqc-Lotfa8tSvy-RMMpCdwc2LFMvQ9vXsUuyCTF87-eP_5R46b5FFsbkuPWzxDGLVe_E38f5OKkNgkj5Gvd09_Ycj8cEANMEdAG1uGGv7XnoEK4xqSuiCpO4zyjLu10LXGC9bBOd4lo1i5tun5n87NhsCbOEurAPb5FmZtPixqYmpIrg1Hdrqv7ohYmuPKWm43WiKeYYjxDzEMO5JMM4uM9lVZYqnflMyrpJ0myyqlzKzlAgHoWwQWB4qWFfN_rI4QfaeKtd0nC-AvrUP_BVfwuie0H&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeMYjlfSFY5zHIp6XvPIP5IGtsAWcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTA2MTkwNjA5NDE3NDk5ODPIAQmoAwGqBJ0CT9DdgWCt7Fy4RJyHi0pSDxzpf6EOC4XFk4KRmk8hmBss4e99hepkXOXlzl5OEPMea_-41DnonYtttuN2tGip3J_k6XsobeeTf_uQRlEGUWbZ90Kz1qCTfO6YB03CNICYy1DixQoI-I4jMSjPGL_Ekl00kyz99b69Fa3m4onzJaokUqZMGkxypZsy0IDSbl6MaeMI3-aSaTD-pewleuQidDqthHlcj5FZFm4grFEEHQcqiMxmDhYwTnw0uY9ISfnAglbQtIqErWH6Z5NxACKMftkBC5qvKIEHpxWP4UsZcj8Fz8vbbgm5roIxANIfthgjSgNw-bX67HE02rJaa_MIeToRMKkAHHb39zHG_yZnFm0EEUIygFJ92B96QVCZgAb_472zzoOJ212gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ZFcjHUT8VfXUJxuRUnNouylBRhg%26client%3Dca-pub-0619060941749983%26adurl%3D
Frame ID: 1CEACD4B5A18444001E87CAE810E6BE8
Requests: 22 HTTP requests in this frame

Frame: https://www.newbalance.com/?irclickid=U5qTgZ36FxyNTBtzQhw-3zc1UkA0cxRsvUhfwk0&utm_source=Impact&utm_medium=Affiliate&utm_campaign=1310690&utm_term=1417140&Ecid=af_1310690&irgwc=1
Frame ID: E9CFA7D2903AF237BA43D8B322D6C5A9
Requests: 1 HTTP requests in this frame

Frame: https://style.ad6.fr/img/m/78868.png
Frame ID: 4631DDCC1859951946026554FAAE270D
Requests: 2 HTTP requests in this frame

Frame: https://atlantapalms.com/?rfsn=6929388.95a026&utm_source=refersion&utm_medium=influencers&utm_campaign=6929388.95a026&subid=156372.1010968.4611686018427589219FOF54016310368355782
Frame ID: 097B44DBEE3EA26DFF338AC0FAD00543
Requests: 1 HTTP requests in this frame

Frame: https://style.ad6.fr/img/m/73792.png?&u1=S22112913013654191523651327766
Frame ID: 793DAEA03379E7AD232247F8A714AE60
Requests: 2 HTTP requests in this frame

Frame: https://sneakerthrone.com/?utm_source=Rakuten&utm_medium=affiliate&utm_content=Ad6+Media&utm_campaign=3&ranMID=49414&ranEAID=3ETukusvEm0&ranSiteID=3ETukusvEm0-P8jbOfCFmfA8EXrl0h3Usw
Frame ID: BA8DB3DFE540746733B4FC08E1539259
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Master Top Forum - Free Forum Hosting - Il tuo Forum Gratis subito pronto!

Page URL History Show full URLs

http://www.pokemonfanblog.mastertopforum.org/ HTTP 302
http://www.pokemonfanblog.mastertopforum.org/noforum.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

115
Requests

78 %
HTTPS

43 %
IPv6

24
Domains

32
Subdomains

24
IPs

4
Countries

1512 kB
Transfer

2530 kB
Size

25
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://demo.mastertopforum.eu/
Title: Forum Demo

Search URL Search Domain Scan URL

URL: http://help.mastertopforum.com/
Title: Forum Help

Search URL Search Domain Scan URL

URL: http://demo.mastertopforum.eu/stylesdemo/
Title: Demo Template

Search URL Search Domain Scan URL

URL: http://www.masterworld.org/?linkid=100834
Title: Cerca nel web

Search URL Search Domain Scan URL

URL: http://www.mastertop100.com/data/master.php?id=mastertopforum
Title: Mastertop100.com

Search URL Search Domain Scan URL

URL: http://www.scambiositi.com/
Title: Scambiositi.com

Search URL Search Domain Scan URL

URL: http://www.scambiobanner.tv/
Title: Scambiobanner

Search URL Search Domain Scan URL

URL: http://www.masterworld.org/toprefer/index.cgi?mtfeusuper

Search URL Search Domain Scan URL

URL: http://www.freestats.net/stats.php?i=8

Search URL Search Domain Scan URL

URL: http://www.freestats.org/stats.php?i=174

Search URL Search Domain Scan URL

URL: http://s4.mastertopforum.org/signup.php?lang=italian
Title: Registrati ora!

Search URL Search Domain Scan URL

URL: http://www.mastertop100.com/
Title: MasterTop100.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.pokemonfanblog.mastertopforum.org/ HTTP 302
http://www.pokemonfanblog.mastertopforum.org/noforum.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

http://awghk956qa.s.ad6media.fr/?d=1669723284230&r= HTTP 301
https://awghk956qa.s.ad6media.fr/?d=1669723284230&r=

Request Chain 13

http://ae4p4bar4w.s.ad6media.fr/?d=1669723284231&r= HTTP 301
https://ae4p4bar4w.s.ad6media.fr/?d=1669723284231&r=

Request Chain 14

http://www.pokemonfanblog.mastertopforum.org/linea.gif HTTP 302
http://www.mastertopforum.eu/404.php

Request Chain 84

https://awghk956qa.s.ad6media.fr/p/54374/27766/13/0/0/0/0/3.181/0/0/0/58/0/1301259684152364/64728/0/104b00d5b4dd5545f3833d04754d262c?&ref=www.pokemonfanblog.mastertopforum.org&t=c HTTP 302
https://ad.admitad.com/g/8k3zba1fs4832cbddfa7d22535e02e/?&subid=S22112913012596841523641327766& HTTP 302
https://new-balance-athletics-inc.sjv.io/c/1310690/1417140/16502?subid1=3bf64fe5a1c75c3f6218b27641058e51&sharedid=957691 HTTP 302
https://www.ojrq.net/p/?return=https%3A%2F%2Fnew-balance-athletics-inc.sjv.io%2Fc%2F1310690%2F1417140%2F16502%3Fsubid1%3D3bf64fe5a1c75c3f6218b27641058e51%26sharedid%3D957691%26level%3D1%26srcref%3Dhttp%253A%252F%252Fwww.pokemonfanblog.mastertopforum.org%252F&cid=16502&tpsync=yes HTTP 302
https://new-balance-athletics-inc.sjv.io/c/1310690/1417140/16502?subid1=3bf64fe5a1c75c3f6218b27641058e51&sharedid=957691&level=1&srcref=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2F&brwsr=8e67b531-6fdd-11ed-b665-33114f863c05&brwsrsig=392Q80WPRR6Kyqlx98T3vWUOTgBxCE HTTP 301
https://www.newbalance.com/?irclickid=U5qTgZ36FxyNTBtzQhw-3zc1UkA0cxRsvUhfwk0&utm_source=Impact&utm_medium=Affiliate&utm_campaign=1310690&utm_term=1417140&Ecid=af_1310690&irgwc=1

Request Chain 97

https://awghk956qa.s.ad6media.fr/p/53678/27766/13/0/0/0/0/2.4009/0/0/0/58/0/1301315887152362/63872/0/104b00d5b4dd5545f3833d04754d262c?&ref=www.pokemonfanblog.mastertopforum.org&t=c HTTP 302
https://track.flexlinkspro.com/g.ashx?foid=156372.1010968.4611686018427589219&trid=1314262.228867&foc=11&fot=9999&fos=2& HTTP 302
https://atlantapalms.com/?rfsn=6929388.95a026&utm_source=refersion&utm_medium=influencers&utm_campaign=6929388.95a026&subid=156372.1010968.4611686018427589219FOF54016310368355782

Request Chain 108

https://awghk956qa.s.ad6media.fr/p/51934/27766/13/0/0/0/0/2.4007/0/0/0/58/0/1301365419152365/61394/0/104b00d5b4dd5545f3833d04754d262c?&ref=www.pokemonfanblog.mastertopforum.org&t=c HTTP 302
https://click.linksynergy.com/fs-bin/click?id=3ETukusvEm0&offerid=1177654.3&type=3&u1=S22112913013654191523651327766& HTTP 302
https://sneakerthrone.com/?utm_source=Rakuten&utm_medium=affiliate&utm_content=Ad6+Media&utm_campaign=3&ranMID=49414&ranEAID=3ETukusvEm0&ranSiteID=3ETukusvEm0-P8jbOfCFmfA8EXrl0h3Usw

115 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.0

500
Internal Server Error

Primary Request noforum.php Show response
www.pokemonfanblog.mastertopforum.org/
Redirect Chain

http://www.pokemonfanblog.mastertopforum.org/
http://www.pokemonfanblog.mastertopforum.org/noforum.php

11 KB
11 KB

163ms
162ms

Document
text/html

31.170.105.177
BKVG-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.0
Server: 31.170.105.177 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS: s5.mastertopforum.eu
Software: Apache/2.2.15 / PHP/5.3.3
Resource Hash: 836c8262653ac6979ac5d22114fa40648871ce95f17a45dfdd2db2c25e48e9e5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Date: Tue, 29 Nov 2022 12:09:56 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: Apache/2.2.15
X-Powered-By: PHP/5.3.3

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=ISO-8859-1
Date: Tue, 29 Nov 2022 12:09:55 GMT
Location: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Server: Apache/2.2.15
X-Powered-By: PHP/5.3.3

GET
H/1.1 200
OK stile.css
www.pokemonfanblog.mastertopforum.org/ 4 KB
4 KB 304ms
153ms Stylesheet
text/css 31.170.105.177
BKVG-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.pokemonfanblog.mastertopforum.org/stile.css
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.1
Server: 31.170.105.177 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS: s5.mastertopforum.eu
Software: Apache/2.2.15 /
Resource Hash: c93aa25a43fb8f3fc998fefc3188b4712ba1e34c6e87826141f97aa2e6f05213

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/noforum.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 12:09:56 GMT
Last-Modified: Sat, 09 Oct 2004 12:23:58 GMT
Server: Apache/2.2.15
ETag: "2aa396-ef2-3e602cd405380"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 3826

GET
H/1.1 200
OK destra.gif
www.pokemonfanblog.mastertopforum.org/ 14 KB
15 KB 305ms
154ms Image
image/gif 31.170.105.177
BKVG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.pokemonfanblog.mastertopforum.org/destra.gif
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.1
Server: 31.170.105.177 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS: s5.mastertopforum.eu
Software: Apache/2.2.15 /
Resource Hash: 100a79221e013ca1fe205e594222ffc28722f4fadeaac7ee31f9abf842f2d067

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/noforum.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 12:09:56 GMT
Last-Modified: Sat, 09 Oct 2004 12:21:36 GMT
Server: Apache/2.2.15
ETag: "2aa331-39ee-3e602c4c99400"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 14830

GET us.png
www.freestats.org/plugins/ip2country/flags/ 0
0

GET de.png
www.freestats.org/plugins/ip2country/flags/ 0
0

GET it.png
www.freestats.org/plugins/ip2country/flags/ 0
0

GET fr.png
www.freestats.org/plugins/ip2country/flags/ 0
0

GET es.png
www.freestats.org/plugins/ip2country/flags/ 0
0

GET br.png
www.freestats.org/plugins/ip2country/flags/ 0
0

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
51 KB 186ms
104ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php

Protocol

HTTP/1.1

Server

2607:f8b0:4006:817::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

256d36cfaa073735ff47a9937b97986fc838d2a417cad52057fbc7f3ecef23a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 12:01:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 51706
X-XSS-Protection: 0
Server: cafe
ETag: 10204028784904228283
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Tue, 29 Nov 2022 12:01:24 GMT

GET
H/1.1 200
OK minimize.gif
www.pokemonfanblog.mastertopforum.org/ 69 B
313 B 354ms
159ms Image
image/gif 31.170.105.177
BKVG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.pokemonfanblog.mastertopforum.org/minimize.gif
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.1
Server: 31.170.105.177 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS: s5.mastertopforum.eu
Software: Apache/2.2.15 /
Resource Hash: 6cc31cc35cfa43adcc675bd940550fe24aa51b8127144b511ab2cdbda94dffb5

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/noforum.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 12:09:56 GMT
Last-Modified: Sat, 09 Oct 2004 12:22:38 GMT
Server: Apache/2.2.15
ETag: "2aa35a-45-3e602c87b9f80"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 69

GET
H/1.1 200
OK masterworld88x31.gif
www.masterworld.org/images/ 3 KB
4 KB 852ms
220ms Image
image/gif 5.135.162.57
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.masterworld.org/images/masterworld88x31.gif
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.1
Server: 5.135.162.57 Bonneuil-sur-Marne, France, ASN16276 (OVH, FR),
Reverse DNS: ns3310665.ip-5-135-162.eu
Software: Apache/2.2.15 /
Resource Hash: 467f1fc56a98e88d57d231446f032a1e3efa853f01409654ab1d90afccfaa5e3

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 12:20:39 GMT
Last-Modified: Mon, 26 Dec 2005 20:14:01 GMT
Server: Apache/2.2.15
ETag: "fe317d-d3c-408d901fb1440"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 3388

GET
H/1.1 200
OK toprefer_88x31.gif
www.masterworld.org/images/ 4 KB
4 KB 824ms
221ms Image
image/gif 5.135.162.57
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.masterworld.org/images/toprefer_88x31.gif
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.1
Server: 5.135.162.57 Bonneuil-sur-Marne, France, ASN16276 (OVH, FR),
Reverse DNS: ns3310665.ip-5-135-162.eu
Software: Apache/2.2.15 /
Resource Hash: 35ace17c92ca477853ce11c45e198abd3cb26a41f11a4411a9dea48ec25b478c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 12:20:39 GMT
Last-Modified: Mon, 23 Feb 2009 11:08:56 GMT
Server: Apache/2.2.15
ETag: "fe31de-10a1-4639407528200"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 4257

GET
H2

200

/ Show response
awghk956qa.s.ad6media.fr/
Redirect Chain

http://awghk956qa.s.ad6media.fr/?d=1669723284230&r=
https://awghk956qa.s.ad6media.fr/?d=1669723284230&r=

365 B
792 B

583ms
152ms

Script
application/javascript

87.98.153.73
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://awghk956qa.s.ad6media.fr/?d=1669723284230&r=
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Server: 87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 06b81bb7df2632bb5e65f97405f064cc5207cd90ea02aabe600685d1133c4ccc

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: application/javascript
date: Tue, 29 Nov 2022 12:01:25 GMT
server: nginx
timing-allow-origin: *
report-to: { "url": "https://report.s.ad6media.fr/reports", "max_age": 10886400, "include_subdomains":true }
p3p: policyref="https://www.ad6media.fr/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI"

Redirect headers

location: https://awghk956qa.s.ad6media.fr/?d=1669723284230&r=
content-length: 0

GET
H2

404

/
ae4p4bar4w.s.ad6media.fr/
Redirect Chain

http://ae4p4bar4w.s.ad6media.fr/?d=1669723284231&r=
https://ae4p4bar4w.s.ad6media.fr/?d=1669723284231&r=

0
0

615ms
167ms

Script
application/javascript

178.32.120.35
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ae4p4bar4w.s.ad6media.fr/?d=1669723284231&r=
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Server: 178.32.120.35 , France, ASN16276 (OVH, FR),
Reverse DNS: ip35.ip-178-32-120.eu
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: application/javascript
date: Tue, 29 Nov 2022 12:01:25 GMT
server: nginx
timing-allow-origin: *
report-to: { "url": "https://report.s.ad6media.fr/reports", "max_age": 10886400, "include_subdomains":true }
p3p: policyref="https://www.ad6media.fr/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI"

Redirect headers

location: https://ae4p4bar4w.s.ad6media.fr/?d=1669723284231&r=
content-length: 0

GET
H/1.1

200
OK

404.php
www.mastertopforum.eu/
Redirect Chain

http://www.pokemonfanblog.mastertopforum.org/linea.gif
http://www.mastertopforum.eu/404.php

0
0

938ms
161ms

Image
text/html

79.143.185.233
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.mastertopforum.eu/404.php
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/stile.css
Protocol: HTTP/1.1
Server: 79.143.185.233 Munich, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: free.ip-233-185-143-79.dehost.org
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Redirect headers

Location: http://www.mastertopforum.eu/404.php
Date: Tue, 29 Nov 2022 12:09:56 GMT
Server: Apache/2.2.15
Connection: close
Content-Length: 220
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK titolo.jpg
www.pokemonfanblog.mastertopforum.org/ 24 KB
25 KB 306ms
157ms Image
image/jpeg 31.170.105.177
BKVG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.pokemonfanblog.mastertopforum.org/titolo.jpg
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/stile.css
Protocol: HTTP/1.1
Server: 31.170.105.177 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS: s5.mastertopforum.eu
Software: Apache/2.2.15 /
Resource Hash: f1a669735fa107786f09178de699852a83d5db33483da7865e98a96edbe5f636

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/stile.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 12:09:56 GMT
Last-Modified: Thu, 06 Jan 2005 22:42:28 GMT
Server: Apache/2.2.15
ETag: "2aa39a-616d-3ed09d10e5d00"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 24941

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 355 KB
117 KB 266ms
120ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

781f95266dcfd8fa8889009f37c8ca55813776b3ffe05405b8d93bd47ee5629c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119595
x-xss-protection: 0
server: cafe
etag: 1208016596867885104
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Nov 2022 12:01:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 2CDC 10 KB
10 KB 230ms
69ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pokemonfanblog.mastertopforum.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 18437
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-length: 9772
content-type: text/html; charset=ISO-8859-1
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 06:54:07 GMT
etag: 10353107486223812946
expires: Tue, 13 Dec 2022 06:54:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
700 B 418ms
90ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.pokemonfanblog.mastertopforum.org&callback=_gfp_s_&client=ca-pub-0619060941749983&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f56e008235182846012e8ded18dc6b683f80c3474e5c8ff19ec205c94aecbc90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 410ms
93ms Script
application/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.pokemonfanblog.mastertopforum.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 38DF 23 KB
10 KB 485ms
222ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0619060941749983&output=html&h=280&slotname=2188020745&adk=2320542684&adf=1965096578&pi=t.ma~as.2188020745&w=1200&fwrn=4&fwrnh=100&lmt=1669723285&rafmt=1&format=1200x280&url=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2Fnoforum.php&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1669723284607&bpp=12&bdt=690&idt=524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=171794653032&frm=20&pv=2&ga_vid=1897128727.1669723285&ga_sid=1669723285&ga_hid=1764834597&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C42531706%2C44776004%2C31070923%2C44777813&oid=2&pvsid=4191938444186702&tmod=957906275&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Fcg0qYE8vd&p=http%3A//www.pokemonfanblog.mastertopforum.org&dtd=608

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d68dcf4d66af5d921e7564199d7d61dc161756453aad5b6bda3600ab78d52775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pokemonfanblog.mastertopforum.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9976
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 12:01:25 GMT
expires: Tue, 29 Nov 2022 12:01:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 403
Forbidden counter.php
www.freestats.net/ 0
0 625ms
152ms Image
text/html 91.194.90.102
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.freestats.net/counter.php?i=8&r=&e=http%3A//www.pokemonfanblog.mastertopforum.org/noforum.php&n=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/107.0.5304.121%20Safari/537.36&p=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/107.0.5304.121%20Safari/537.36&g=http%3A//www.pokemonfanblog.mastertopforum.org/noforum.php&l=undefined&sd=24&sw=1600x1200
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.1
Server: 91.194.90.102 Munich, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi391762.contaboserver.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET counter.php
www.freestats.org/ 0
0

GET
H2 200 sl.js Show response
c.ad6media.fr/ 6 KB
2 KB 542ms
144ms Script
application/javascript 5.135.94.16
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.ad6media.fr/sl.js?21
Requested by: Host: awghk956qa.s.ad6media.fr
URL: http://awghk956qa.s.ad6media.fr/?d=1669723284230&r=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.135.94.16 Sarlat-la-Canéda, France, ASN16276 (OVH, FR),
Reverse DNS: ip16.ip-5-135-94.eu
Software: nginx /
Resource Hash: 4e710e01936f0a44c245a12bc7832748f7305f935376a3b2429ff095233fc1cd

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:25 GMT
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 08:55:58 GMT
server: nginx
etag: W/"6062e79e-161d"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=864000
expires: Fri, 09 Dec 2022 12:01:25 GMT

GET
H/1.1 200
OK menu-bg.jpg
www.pokemonfanblog.mastertopforum.org/ 953 B
1 KB 307ms
153ms Image
image/jpeg 31.170.105.177
BKVG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.pokemonfanblog.mastertopforum.org/menu-bg.jpg
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/stile.css
Protocol: HTTP/1.1
Server: 31.170.105.177 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS: s5.mastertopforum.eu
Software: Apache/2.2.15 /
Resource Hash: 64c9c3dc28715f6c6f758a51c2d8bc1815b33f86af8cebaf8993ac84a6433e4c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/stile.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 12:09:57 GMT
Last-Modified: Sat, 09 Oct 2004 12:22:36 GMT
Server: Apache/2.2.15
ETag: "2aa359-3b9-3e602c85d1b00"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 953

GET
H/1.1 200
OK note.jpg
www.pokemonfanblog.mastertopforum.org/ 2 KB
2 KB 313ms
156ms Image
image/jpeg 31.170.105.177
BKVG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.pokemonfanblog.mastertopforum.org/note.jpg
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/stile.css
Protocol: HTTP/1.1
Server: 31.170.105.177 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS: s5.mastertopforum.eu
Software: Apache/2.2.15 /
Resource Hash: 39733976b1c0177f00c66e25fe4ecd2a9fa9515a2d873193094a857f671162d4

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/stile.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 12:09:57 GMT
Last-Modified: Sat, 09 Oct 2004 12:22:50 GMT
Server: Apache/2.2.15
ETag: "2aa363-70b-3e602c932ba80"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 1803

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B96E 37 KB
13 KB 324ms
314ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0619060941749983&output=html&adk=1812271804&adf=3025194257&lmt=1669723285&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2Fnoforum.php&ea=0&pra=7&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&aspe=0&asro=0&dt=1669723285296&bpp=5&bdt=1379&idt=5&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=171794653032&frm=20&pv=1&ga_vid=1897128727.1669723285&ga_sid=1669723285&ga_hid=1764834597&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C42531706%2C44776004%2C31070923%2C44777813&oid=2&pvsid=4191938444186702&tmod=957906275&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=50

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69cef1ed452e54ba8580427a673d6e04af249d8ea28be95b1f31ff0bc6e263b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pokemonfanblog.mastertopforum.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 13514
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 12:01:25 GMT
expires: Tue, 29 Nov 2022 12:01:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 38DF 3 KB
1 KB 426ms
73ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0619060941749983&output=html&h=280&slotname=2188020745&adk=2320542684&adf=1965096578&pi=t.ma~as.2188020745&w=1200&fwrn=4&fwrnh=100&lmt=1669723285&rafmt=1&format=1200x280&url=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2Fnoforum.php&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1669723284607&bpp=12&bdt=690&idt=524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=171794653032&frm=20&pv=2&ga_vid=1897128727.1669723285&ga_sid=1669723285&ga_hid=1764834597&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C42531706%2C44776004%2C31070923%2C44777813&oid=2&pvsid=4191938444186702&tmod=957906275&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Fcg0qYE8vd&p=http%3A//www.pokemonfanblog.mastertopforum.org&dtd=608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 05:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24702
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Dec 2022 05:09:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 38DF 18 KB
8 KB 420ms
67ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 05:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24702
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Dec 2022 05:09:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 38DF 154 KB
48 KB 107ms
104ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 29 Nov 2022 12:01:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 38DF 0
0 137ms
135ms Fetch
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CP2PUlfSFY-fLIY_kxtYPyKaayAqcge-wXILzt52dAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTA2MTkwNjA5NDE3NDk5ODPIAQmoAwGqBJoCT9AKRK6aJkIRoKLg0UPBK0XQbT-VXiLkI2NMJfV3C_sXxFYapAaLbIREbSOM9yUgsgVsoERZgvQTDRUVlkeQ5UQK06dmnEvVQ9PWsOAEm9Hj1YM_o5dwzHPFT7KRepdKpkzoB0DzIZ5wW5QM-07Rdx_rhRNZDHndrz6Qk0i80o89DAxt_VXyJigjOZiQDEZX2CVJmBa3I6CXIci0EGGqjrXOtD_lA3SUKhOntmFfjgSkgBjfiUIka8KvnZ03SEjC-Xj1S_OKk2jezYOqefprT7g2Vrrttj1c_HBhna90sJJ4H_pv8DSzgo1ZdCWR6bhOQdKaw3x-Xz-oHxSmLd73oHaF9ccaHjhGtnX0pk6IONups-mcdTeGU2QWgAb_472zzoOJ212gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0wNjE5MDYwOTQxNzQ5OTgzGAA&sigh=2VeeSGs-CyU&uach_m=[UACH]&cid=CAQSGwDq26N9ifaC0H5zL_gUfvxo2TtxI_OMWUz4vhgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0619060941749983&output=html&h=280&slotname=2188020745&adk=2320542684&adf=1965096578&pi=t.ma~as.2188020745&w=1200&fwrn=4&fwrnh=100&lmt=1669723285&rafmt=1&format=1200x280&url=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2Fnoforum.php&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1669723284607&bpp=12&bdt=690&idt=524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=171794653032&frm=20&pv=2&ga_vid=1897128727.1669723285&ga_sid=1669723285&ga_hid=1764834597&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C42531706%2C44776004%2C31070923%2C44777813&oid=2&pvsid=4191938444186702&tmod=957906275&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Fcg0qYE8vd&p=http%3A//www.pokemonfanblog.mastertopforum.org&dtd=608
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 29 Nov 2022 12:01:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 29 Nov 2022 12:01:25 GMT

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 38DF 0
0 398ms
63ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kMCIEs36RLAJmALiIp0XAgAAAPUQT14D7eCdEJT0hWO5s2lFs9Kj9DWOJAASAAA&wp=Y4X0lQAIZecE0bIPAAaTSDCaPCJ7ANkqGh8R2w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 188033
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 1C72 127 KB
44 KB 421ms
85ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Y4X0lQAIZecE0bIPAAaTSDCaPCJ7ANkqGh8R2w&u=%7CZNq05Gxqr80fP1eRLSAiFIwGscQJmI8M0JGEE4Dskvc%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEblbnwQa_69I05eubcfOx4_aMd7nqOCC42G6IfP9O15z4HqPsTJm-4-78ZQWFx-qIKnr5RxmN6Lao0bitGU5WLTFNdeo51jlx5VEGHjhp9sXwliipN52bmQ3LN6SeWQVwLel3ZpOZ6Vh_ELfsA-kGtX-ij_Cf43GxKv1FMBA4mMPcA0zS14po-TLX7TIWKws-AZpzfDWStz8GlzY0GeMwWIUQWtSkl3i2vG0qK761lV-BwttZKCAoPsegJWfpJDhoNOyKTT7ButgOzPKPl-RKSdeYYRts3OYdEEsoWugGirhz9Bhsy9UGeDmDs0R3MhwR2n3x9Ks8Nke3-Rzqua9EmeOshongQIRqewLTuzdUCC-iDJ2j09Q8_SOiZOaLFg2SOm5BmGuaZ_rCUDiGWKAYTRs1NL3hjct3nUapXhhJ03zrZfapuVMHQANnvTqBPW0dtdRO_JPIm4aoFHulLLv05I2l2_k4Y2FZJabDjbP0udWmzVzdrDjtJy8GdQccVtPf0aYVzTB7Q7j3si8yPmDR5gbL1lIfiCefk9J7sH1iW1vapoDATbMUKGyOfYzke14DI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC_rAlfSFY-fLIY_kxtYPyKaayAqcge-wXILzt52dAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTA2MTkwNjA5NDE3NDk5ODPIAQmoAwGqBJ0CT9AKRK6aJkIRoKLg0UPBK0XQbT-VXiLkI2NMJfV3C_sXxFYapAaLbIREbSOM9yUgsgVsoERZgvQTDRUVlkeQ5UQK06dmnEvVQ9PWsOAEm9Hj1YM_o5dwzHPFT7KRepdKpkzoB0DzIZ5wW5QM-07Rdx_rhRNZDHndrz6Qk0i80o89DAxt_VXyJigjOZiQDEZX2CVJmBa3I6CXIci0EGGqjrXOtD_lA3SUKhOntmFfjgSkgBjfiUIka8KvnZ03SEjC-Xj1S_OKk2jezYOqefprT7g2Vrrttj1c_HBhna90sJJ4H_pv8DSzgo1ZdCWR6bhOQdKaw3w8XR86tOYvLR1-zfpuj07ZqQRuv1vsYtV7QlJgDfewbZ5QwmTVhMakgAb_472zzoOJ212gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bttEJZ-sq20aysGkKs00IfaKY1Q%26client%3Dca-pub-0619060941749983%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

0642381b1589d1ddd8c874400727d12b1d1c7df90bf4ec640b9a6a8e31824249

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 12:01:25 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=L6cp98o5JBkRnzbuYDIuisWctpCXF_R-Y4WPDex-1CyavqYscoUwE24mYEwC0XrW8ObiOyWGQ09PS5liH7vbGutAe5ualb0ClwpLvjlJONkYKRXrgRvb6CHZwKGMUbcid7oU_1da9VOqD92U5du14oIHPfU-xFAGJcQk3Rw3NAf2ygKLWHFhCjIXFo7IjbYUzuewBP2Tb2BfYBOQYIlSTDTHxKJH0id91mg0KDM9kJpKWNpFf06BzzI7DY2D2u8Yl5gk1IHUVY99nAZn"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 16378776
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 / Show response
awghk956qa.s.ad6media.fr/ 2 KB
2 KB 192ms
191ms Script
application/javascript 87.98.153.73
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://awghk956qa.s.ad6media.fr/?d=1669723285851&if=0&r=&wl=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2Fnoforum.php&c=1&bd=1&ke=104b00d5b4dd5545f3833d04754d262c&ket=6687&bdi=1600x1200|1600|1200|1600|1200|1600|1113|0|0|14|0|en-US&bdt=1&bdifs=0
Requested by: Host: c.ad6media.fr
URL: https://c.ad6media.fr/sl.js?21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 732296dbf7ebeeb9bf4d4836720d8f0bd7f6760821b5bb8e80dd660339ce7084

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: application/javascript
date: Tue, 29 Nov 2022 12:01:25 GMT
server: nginx
timing-allow-origin: *
report-to: { "url": "https://report.s.ad6media.fr/reports", "max_age": 10886400, "include_subdomains":true }
p3p: policyref="https://www.ad6media.fr/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI"

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 150 KB
51 KB 303ms
171ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/reactive_library_fy2021.js?bust=31070923

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

618c11ffdc14e284decbebe76f52c73d94a357960a356e96679ad3bb88c19f80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52279
x-xss-protection: 0
server: cafe
etag: 13187783935460254048
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Nov 2022 12:01:26 GMT

GET
H2 200 fo4.js Show response
c.ad6media.fr/ 154 KB
29 KB 296ms
296ms Script
application/javascript 5.135.94.16
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.ad6media.fr/fo4.js?125
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.135.94.16 Sarlat-la-Canéda, France, ASN16276 (OVH, FR),
Reverse DNS: ip16.ip-5-135-94.eu
Software: nginx /
Resource Hash: c8f44882b903653ad64d8a946d3c5d3ed878848b6fe1936141568cccf1ed8445

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 08:55:58 GMT
server: nginx
etag: W/"6062e79e-268ce"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=864000
expires: Fri, 09 Dec 2022 12:01:26 GMT

GET
DATA 200
OK truncated
/ Frame 38DF 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc568b7355831ff248d5681264d2d22484b29cdde2f47ff1acb7a8bf99d18bd1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 1C72 2 KB
1 KB 508ms
59ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y4X0lQAIZecE0bIPAAaTSDCaPCJ7ANkqGh8R2w&u=%7CZNq05Gxqr80fP1eRLSAiFIwGscQJmI8M0JGEE4Dskvc%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEblbnwQa_69I05eubcfOx4_aMd7nqOCC42G6IfP9O15z4HqPsTJm-4-78ZQWFx-qIKnr5RxmN6Lao0bitGU5WLTFNdeo51jlx5VEGHjhp9sXwliipN52bmQ3LN6SeWQVwLel3ZpOZ6Vh_ELfsA-kGtX-ij_Cf43GxKv1FMBA4mMPcA0zS14po-TLX7TIWKws-AZpzfDWStz8GlzY0GeMwWIUQWtSkl3i2vG0qK761lV-BwttZKCAoPsegJWfpJDhoNOyKTT7ButgOzPKPl-RKSdeYYRts3OYdEEsoWugGirhz9Bhsy9UGeDmDs0R3MhwR2n3x9Ks8Nke3-Rzqua9EmeOshongQIRqewLTuzdUCC-iDJ2j09Q8_SOiZOaLFg2SOm5BmGuaZ_rCUDiGWKAYTRs1NL3hjct3nUapXhhJ03zrZfapuVMHQANnvTqBPW0dtdRO_JPIm4aoFHulLLv05I2l2_k4Y2FZJabDjbP0udWmzVzdrDjtJy8GdQccVtPf0aYVzTB7Q7j3si8yPmDR5gbL1lIfiCefk9J7sH1iW1vapoDATbMUKGyOfYzke14DI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC_rAlfSFY-fLIY_kxtYPyKaayAqcge-wXILzt52dAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTA2MTkwNjA5NDE3NDk5ODPIAQmoAwGqBJ0CT9AKRK6aJkIRoKLg0UPBK0XQbT-VXiLkI2NMJfV3C_sXxFYapAaLbIREbSOM9yUgsgVsoERZgvQTDRUVlkeQ5UQK06dmnEvVQ9PWsOAEm9Hj1YM_o5dwzHPFT7KRepdKpkzoB0DzIZ5wW5QM-07Rdx_rhRNZDHndrz6Qk0i80o89DAxt_VXyJigjOZiQDEZX2CVJmBa3I6CXIci0EGGqjrXOtD_lA3SUKhOntmFfjgSkgBjfiUIka8KvnZ03SEjC-Xj1S_OKk2jezYOqefprT7g2Vrrttj1c_HBhna90sJJ4H_pv8DSzgo1ZdCWR6bhOQdKaw3w8XR86tOYvLR1-zfpuj07ZqQRuv1vsYtV7QlJgDfewbZ5QwmTVhMakgAb_472zzoOJ212gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bttEJZ-sq20aysGkKs00IfaKY1Q%26client%3Dca-pub-0619060941749983%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Nov 2023 12:01:26 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 1C72 2 KB
1 KB 509ms
61ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Nov 2023 12:01:26 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 1C72 308 B
636 B 531ms
87ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 24 Nov 2023 12:01:26 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 1C72 293 B
621 B 532ms
89ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 24 Nov 2023 12:01:26 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 1C72 43 B
348 B 510ms
67ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=wgNiOyuHXTUQ4DM9lhgpApbajIGMLZRFdXcnnclbZYxsg6iFv4AvivOTeHA4Q7dM0DdiWNFlob56wk1rcAVP9uCWAnTlEYCFMlIN8wWhY-PMjUZENQD4bqG5shUt3KCWs5RWOsJIjMxSAX5S445OcwGDoNbjYy6iZqrUMc3PsVkv6TDLB4ueGWFhojrN7vUKaYJ9aJvjhgSu8fgjNntsCFW-Yjb_bRG7ot-BfLX1z0wQkVwEmYAZkUxf1BCd5HLwcduoBhA6Ge2QwG74a6JvaqkGg1HiW5HWIPDTN7G-0S1ixdvwOE5s0kzhKxiyEBkunnGCFI8T8xhzrhJQnr2mOSmnG5_ho2Z8efyUhiIpDxaaNPKPB83EJwtHYr9Xia3zx1sKp88LUq4O3MHeKMgO6CX4Uk-AVFesuJxT7i6eEciqHwfC

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 12:01:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3742443
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 1C72 12 KB
5 KB 460ms
40ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2351519
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KlDLf4MPHHr7CVQLBL6zlhucdyiXI2InuA3karZwh6W%2FVpRViV4BuQzr4Hst%2FIi0n0pT6e7sbHMkLG6hRs6xRVYXPDLEFrrMxtc%2B6R1qgW44dNA9gMO58oAGUvMQV2gsJiImxGjd2YMvK%2F916jo1%2FLLY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 771b304e29dbb3ce-MIA
expires: Sun, 19 Nov 2023 12:01:26 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 1C72 12 KB
6 KB 481ms
62ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Nov 2023 12:01:26 GMT

GET
H2 200 3901e7f1076548768dd426f395d925f6_museosans_500.woff
static.criteo.net/design/dt/ Frame 1C72 27 KB
27 KB 482ms
69ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/3901e7f1076548768dd426f395d925f6_museosans_500.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

6b8c59ac0a5085a730ea4a6742a18f078bfc3848ccb082f629fff11b576c6901

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 11 Nov 2021 21:18:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"618d88a8-6a5c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Nov 2023 12:01:26 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 1C72 68 KB
68 KB 630ms
233ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?m=0&partner=29575&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F29575%2F220208%2F553642094790450a9ecbefd6f4f4b120_img_horizontal_2.jpg&v=3&s=e6mvyI6uZ156XRLhs3u6rWah

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

3ebafa9ebd3306f8e0a84f09d783f22569af1a54fb5f8b44a42119b8cf1572bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29531498
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 69664
expires: Mon, 06 Nov 2023 07:13:05 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 1C72 68 KB
68 KB 488ms
92ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?m=0&partner=29575&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F29575%2F220208%2Fa7f42ecb64e54490a33e14f1ea8091a8_img_horizontal_1.jpg&v=3&s=Hyn0SmhgabxqQKUbWciLTl6_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

f7de7ce1663943b74cb796e483ed616bcc7be5eb1d6c6d0b426cedb89ecead34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29448816
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 69492
expires: Sun, 05 Nov 2023 08:15:03 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 1C72 47 KB
47 KB 490ms
93ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?m=0&partner=29575&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F29575%2F220208%2F57cfea0f0beb4ff08bd2f5dd139b30fa_img_horizontal_3.jpg&v=3&s=Fcr1HU9IIdhwN-UnSz2z-DBd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

b1c9cd11079b102dbefe943c36b36b4ec2b6e634d6122e7c5bebae27e5f4f0b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29570281
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48192
expires: Mon, 06 Nov 2023 17:59:27 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 1C72 3 KB
3 KB 527ms
131ms Image
image/png 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?h=556&m=0&partner=29575&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F29575%2F220208%2F6f267085407b479abea6dabd06925155_1-bistromd-logo-white.png&v=3&w=2396&s=2tFN94_sZ2kyFcjRTm5itCxi

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

7ea9c103dcd1b10392b8ef378a941914233e9fce02f6c4749503b2449a016724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=27095420
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2893
expires: Mon, 09 Oct 2023 02:31:47 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 1C72 0
128 B 458ms
63ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=L6cp98o5JBkRnzbuYDIuisWctpCXF_R-Y4WPDex-1CyavqYscoUwE24mYEwC0XrW8ObiOyWGQ09PS5liH7vbGutAe5ualb0ClwpLvjlJONkYKRXrgRvb6CHZwKGMUbcid7oU_1da9VOqD92U5du14oIHPfU-xFAGJcQk3Rw3NAf2ygKLWHFhCjIXFo7IjbYUzuewBP2Tb2BfYBOQYIlSTDTHxKJH0id91mg0KDM9kJpKWNpFf06BzzI7DY2D2u8Yl5gk1IHUVY99nAZn&sds=2&rev=83599&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 29 Nov 2022 12:01:26 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1C72 2 KB
1 KB 62ms
61ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Nov 2023 12:01:26 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 1C72 2 KB
1 KB 71ms
70ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Nov 2023 12:01:26 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 221ms
81ms Script
application/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.pokemonfanblog.mastertopforum.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame C656 10 KB
4 KB 93ms
92ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pokemonfanblog.mastertopforum.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 55536
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 20:35:50 GMT
etag: 10353107486223812946
expires: Mon, 12 Dec 2022 20:35:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 81139.jpeg
style.ad6.fr/img/m/ Frame D7E5 55 KB
55 KB 689ms
282ms Image
image/jpeg 5.135.94.16
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://style.ad6.fr/img/m/81139.jpeg?&subid=S22112913012596841523641327766
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.135.94.16 Sarlat-la-Canéda, France, ASN16276 (OVH, FR),
Reverse DNS: ip16.ip-5-135-94.eu
Software: nginx /
Resource Hash: 7dc7aad1a0cfc1a83d7e738bd95a263396b23cbdb29c73886d96c7554d19c188

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
last-modified: Wed, 23 Nov 2022 10:05:31 GMT
server: nginx
etag: "637df06b-db33"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 56115
expires: Thu, 29 Dec 2022 12:01:26 GMT

GET
H2 200 104b00d5b4dd5545f3833d04754d262c
awghk956qa.s.ad6media.fr/p/54374/27766/13/0/0/0/0/3.181/0/0/0/58/0/1301259684152364/64728/0/ Frame D7E5 43 B
314 B 155ms
155ms Image
image/gif 87.98.153.73
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://awghk956qa.s.ad6media.fr/p/54374/27766/13/0/0/0/0/3.181/0/0/0/58/0/1301259684152364/64728/0/104b00d5b4dd5545f3833d04754d262c?&ref=www.pokemonfanblog.mastertopforum.org&t=v
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 29 Nov 2022 12:01:26 GMT
server: nginx
report-to: { "url": "https://report.s.ad6media.fr/reports", "max_age": 10886400, "include_subdomains":true }
p3p: policyref="https://www.ad6media.fr/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI"

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C656 0
0 149ms
137ms Fetch
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cd_TOlfSFY5zHIp6XvPIP5IGtsAWcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTA2MTkwNjA5NDE3NDk5ODPIAQmoAwGqBJoCT9DdgWCt7Fy4RJyHi0pSDxzpf6EOC4XFk4KRmk8hmBss4e99hepkXOXlzl5OEPMea_-41DnonYtttuN2tGip3J_k6XsobeeTf_uQRlEGUWbZ90Kz1qCTfO6YB03CNICYy1DixQoI-I4jMSjPGL_Ekl00kyz99b69Fa3m4onzJaokUqZMGkxypZsy0IDSbl6MaeMI3-aSaTD-pewleuQidDqthHlcj5FZFm4grFEEHQcqiMxmDhYwTnw0uY9ISfnAglbQtIqErWH6Z5NxACKMftkBC5qvKIEHpxWP4UsZcj8Fz8vbbgm5roIxANIfthgjSgNw-bW47lGmcUDTazCBFLb6SiDDq0rf_h_eO72UbOTNr1wemPurSR-5gAb_472zzoOJ212gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0wNjE5MDYwOTQxNzQ5OTgzGAA&sigh=sv7RNcYc904&uach_m=[UACH]&cid=CAQSGwDq26N9yzgrSo1OaXAzMLd4EHIT2kLWh-YpIxgBIBM

Requested by

Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 29 Nov 2022 12:01:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame C656 0
0 76ms
66ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kMCIEs36RO0HfOIinRcCAAAAHOgwwF8x1GUQlfSFYykioXDvzHsxDH4_ABIAAA&wp=Y4X0lQAIo5wITwueAAtA5AKG8wwpi12c-852pg

Requested by

Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 310857
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 1CEA 127 KB
44 KB 83ms
82ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Y4X0lQAIo5wITwueAAtA5AKG8wwpi12c-852pg&u=%7CZNq05Gxqr81QkBJwDfAx32OhDXVFhR34GKLi6Wzxy3o%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEadMnLNV8y2A8SbTebqeNpCT4vYV7ni5IPFxZGVRxUNAApYGMRxBLQ27avLiELWr71NcjxNa86OeAFTakoWutcsqyz8YjlPUjeCWqu5W6C2j_yfL33jKOadKjfVgsk-lJ7JvFLu5VucwsBsX7MOrttjBbbGwvP7Y0NTE1nGqcaKzcMLJMzY0NefPnJp5DgJ3SQi1s848EWU8p8AFQaPKjH97H9R_pL-3eJGcqvTur-vbwwYo5FouIRDN6LCILWtR9eujDn5oJCOyC3EmeGIf3biKuhE6xqc-Lotfa8tSvy-RMMpCdwc2LFMvQ9vXsUuyCTF87-eP_5R46b5FFsbkuPWzxDGLVe_E38f5OKkNgkj5Gvd09_Ycj8cEANMEdAG1uGGv7XnoEK4xqSuiCpO4zyjLu10LXGC9bBOd4lo1i5tun5n87NhsCbOEurAPb5FmZtPixqYmpIrg1Hdrqv7ohYmuPKWm43WiKeYYjxDzEMO5JMM4uM9lVZYqnflMyrpJ0myyqlzKzlAgHoWwQWB4qWFfN_rI4QfaeKtd0nC-AvrUP_BVfwuie0H&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeMYjlfSFY5zHIp6XvPIP5IGtsAWcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTA2MTkwNjA5NDE3NDk5ODPIAQmoAwGqBJ0CT9DdgWCt7Fy4RJyHi0pSDxzpf6EOC4XFk4KRmk8hmBss4e99hepkXOXlzl5OEPMea_-41DnonYtttuN2tGip3J_k6XsobeeTf_uQRlEGUWbZ90Kz1qCTfO6YB03CNICYy1DixQoI-I4jMSjPGL_Ekl00kyz99b69Fa3m4onzJaokUqZMGkxypZsy0IDSbl6MaeMI3-aSaTD-pewleuQidDqthHlcj5FZFm4grFEEHQcqiMxmDhYwTnw0uY9ISfnAglbQtIqErWH6Z5NxACKMftkBC5qvKIEHpxWP4UsZcj8Fz8vbbgm5roIxANIfthgjSgNw-bX67HE02rJaa_MIeToRMKkAHHb39zHG_yZnFm0EEUIygFJ92B96QVCZgAb_472zzoOJ212gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ZFcjHUT8VfXUJxuRUnNouylBRhg%26client%3Dca-pub-0619060941749983%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

bc8584d9da09ca0f8e3329bd974dfa9176ef8cf3015f275d4fc98daef86b4635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 12:01:25 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=gWJQY8o5JBkRnzbuv0QHegDDDAnkfnsGTz5fHIkhU2QHity5U4hwiluE8GT3AOj7sH9YFWUaV3uJGqkPmslu_Y23vEuI655eAy1DCql-sJFzNuwb80dFWPCXQiyn4qBWUhtjhuqIfHY1UEXQ1ubn4e2TpL0jjMSTsvVhZ2v4MXeC4ud_5OBGveGCh0rmhlkOC5_vlcugvw35lafdYxv4y49iZZ8yXNx_9E3H99606FZj0ZEzb8BhkccGqCCrqd4LmEEPENb4zV1701P5"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 19205693
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C656 3 KB
1 KB 226ms
71ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 05:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24702
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Dec 2022 05:09:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C656 18 KB
7 KB 226ms
72ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 05:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24702
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Dec 2022 05:09:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C656 154 KB
47 KB 90ms
89ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 29 Nov 2022 12:01:26 GMT

GET
H2 200 e415b53e2fa2455db9024e67a8095ff7_tradegothicltstd-bdcn20.woff
static.criteo.net/design/dt/ Frame 1C72 16 KB
17 KB 99ms
83ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e415b53e2fa2455db9024e67a8095ff7_tradegothicltstd-bdcn20.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

32a0c85e2263187f149c3f876096efd80271d477c5f308c084b27e6ff101e998

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 11 Nov 2021 21:16:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"618d8813-41d8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Nov 2023 12:01:26 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 1CEA 2 KB
1 KB 74ms
70ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y4X0lQAIo5wITwueAAtA5AKG8wwpi12c-852pg&u=%7CZNq05Gxqr81QkBJwDfAx32OhDXVFhR34GKLi6Wzxy3o%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEadMnLNV8y2A8SbTebqeNpCT4vYV7ni5IPFxZGVRxUNAApYGMRxBLQ27avLiELWr71NcjxNa86OeAFTakoWutcsqyz8YjlPUjeCWqu5W6C2j_yfL33jKOadKjfVgsk-lJ7JvFLu5VucwsBsX7MOrttjBbbGwvP7Y0NTE1nGqcaKzcMLJMzY0NefPnJp5DgJ3SQi1s848EWU8p8AFQaPKjH97H9R_pL-3eJGcqvTur-vbwwYo5FouIRDN6LCILWtR9eujDn5oJCOyC3EmeGIf3biKuhE6xqc-Lotfa8tSvy-RMMpCdwc2LFMvQ9vXsUuyCTF87-eP_5R46b5FFsbkuPWzxDGLVe_E38f5OKkNgkj5Gvd09_Ycj8cEANMEdAG1uGGv7XnoEK4xqSuiCpO4zyjLu10LXGC9bBOd4lo1i5tun5n87NhsCbOEurAPb5FmZtPixqYmpIrg1Hdrqv7ohYmuPKWm43WiKeYYjxDzEMO5JMM4uM9lVZYqnflMyrpJ0myyqlzKzlAgHoWwQWB4qWFfN_rI4QfaeKtd0nC-AvrUP_BVfwuie0H&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeMYjlfSFY5zHIp6XvPIP5IGtsAWcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTA2MTkwNjA5NDE3NDk5ODPIAQmoAwGqBJ0CT9DdgWCt7Fy4RJyHi0pSDxzpf6EOC4XFk4KRmk8hmBss4e99hepkXOXlzl5OEPMea_-41DnonYtttuN2tGip3J_k6XsobeeTf_uQRlEGUWbZ90Kz1qCTfO6YB03CNICYy1DixQoI-I4jMSjPGL_Ekl00kyz99b69Fa3m4onzJaokUqZMGkxypZsy0IDSbl6MaeMI3-aSaTD-pewleuQidDqthHlcj5FZFm4grFEEHQcqiMxmDhYwTnw0uY9ISfnAglbQtIqErWH6Z5NxACKMftkBC5qvKIEHpxWP4UsZcj8Fz8vbbgm5roIxANIfthgjSgNw-bX67HE02rJaa_MIeToRMKkAHHb39zHG_yZnFm0EEUIygFJ92B96QVCZgAb_472zzoOJ212gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ZFcjHUT8VfXUJxuRUnNouylBRhg%26client%3Dca-pub-0619060941749983%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Nov 2023 12:01:26 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 1CEA 2 KB
1 KB 62ms
59ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Nov 2023 12:01:26 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 1CEA 308 B
636 B 72ms
70ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 24 Nov 2023 12:01:26 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 1CEA 293 B
621 B 61ms
60ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 24 Nov 2023 12:01:26 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 1CEA 43 B
347 B 76ms
75ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=5hn6fukslyxDP4K70Y4zP-EMHKTej-y1gmqO0_1a_U7KpMflU6wHuSXsM9c2yZ0lgEVONZxdLLOKw2Y8ybim7hXts08qq-xBo-hUCdUdYCcabvUet-UUoMOJ_SLCbidtdtEjioYsp3CaaxJrwoZflQT8yVRgqj-Dn_x3WylEz-CfttIrd1v_KUZ4iSUjHu6MkHJdnFC4zljPj_y_9VxmSSzgH2JZ4nQEFSEpbVG6xgNs85YPXGZAZJkks9PRhQ5B54VNBlVhGSa5tjkDesregTiJRRGHEmUfiVoIXxIYG3rzh4JvgEtnBEsOcjS33_4z3ueIdoB0y-MDlGUg9hIV4CSUelneC6cJOZDkAeqDHOwtUphBgg08CU2GPc5nNf5blFSWr8kO3fbTT2LK0pfNdEba6kJ-eQ66PW_AeVoOAg1tYlkT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 12:01:25 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1708091
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 1CEA 12 KB
5 KB 86ms
41ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2351519
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZV7GsveS26wT8XrjtI%2FiBsVEF9NOmeEE8NIlZGdHsAr63YtwJlmhsv82HA484t0tTeWELw5yiDVoQNs5C8YGsoC5ukfAcctTABDYK7u%2BkYrZc58%2FCZPGb4u4SJ4bZwgLoeSB7ddpDpjNd1mAKVLeiVAx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 771b304f6cbab3cb-MIA
expires: Sun, 19 Nov 2023 12:01:26 GMT

GET
H2 200 3901e7f1076548768dd426f395d925f6_museosans_500.woff
static.criteo.net/design/dt/ Frame 1CEA 27 KB
27 KB 95ms
79ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/3901e7f1076548768dd426f395d925f6_museosans_500.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

6b8c59ac0a5085a730ea4a6742a18f078bfc3848ccb082f629fff11b576c6901

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 11 Nov 2021 21:18:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"618d88a8-6a5c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Nov 2023 12:01:26 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 1CEA 12 KB
6 KB 67ms
63ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Nov 2023 12:01:26 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 1CEA 68 KB
68 KB 103ms
92ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

3ebafa9ebd3306f8e0a84f09d783f22569af1a54fb5f8b44a42119b8cf1572bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29531498
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 69664
expires: Mon, 06 Nov 2023 07:13:05 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 1CEA 68 KB
68 KB 107ms
96ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

f7de7ce1663943b74cb796e483ed616bcc7be5eb1d6c6d0b426cedb89ecead34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29448816
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 69492
expires: Sun, 05 Nov 2023 08:15:03 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 1CEA 47 KB
47 KB 75ms
64ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

b1c9cd11079b102dbefe943c36b36b4ec2b6e634d6122e7c5bebae27e5f4f0b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29570281
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48192
expires: Mon, 06 Nov 2023 17:59:27 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 1CEA 3 KB
3 KB 68ms
60ms Image
image/png 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?h=244&m=0&partner=29575&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F29575%2F220208%2F6f267085407b479abea6dabd06925155_1-bistromd-logo-white.png&v=3&w=2006&s=DIurTwmjEWit09vXdwki-SeM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

7ea9c103dcd1b10392b8ef378a941914233e9fce02f6c4749503b2449a016724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29774706
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2893
expires: Thu, 09 Nov 2023 02:46:33 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 1CEA 0
127 B 63ms
56ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=gWJQY8o5JBkRnzbuv0QHegDDDAnkfnsGTz5fHIkhU2QHity5U4hwiluE8GT3AOj7sH9YFWUaV3uJGqkPmslu_Y23vEuI655eAy1DCql-sJFzNuwb80dFWPCXQiyn4qBWUhtjhuqIfHY1UEXQ1ubn4e2TpL0jjMSTsvVhZ2v4MXeC4ud_5OBGveGCh0rmhlkOC5_vlcugvw35lafdYxv4y49iZZ8yXNx_9E3H99606FZj0ZEzb8BhkccGqCCrqd4LmEEPENb4zV1701P5&sds=2&rev=83599&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 29 Nov 2022 12:01:26 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1CEA 2 KB
1 KB 69ms
61ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Nov 2023 12:01:26 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 1CEA 2 KB
1 KB 66ms
60ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Nov 2023 12:01:26 GMT

GET
H/1.1 200
OK fes.png
style2.ad6.fr/img/fe/ 2 KB
2 KB 592ms
141ms Image
image/png 178.32.120.35
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://style2.ad6.fr/img/fe/fes.png
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.1
Server: 178.32.120.35 , France, ASN16276 (OVH, FR),
Reverse DNS: ip35.ip-178-32-120.eu
Software: nginx /
Resource Hash: 67a24a05747c9eecc7baa5f9e806b4aa6c7dec809b11e079b778fd6e69b80cee

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:27 GMT
last-modified: Tue, 26 Apr 2016 16:26:36 GMT
server: nginx
etag: "571f96bc-6ba"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1722
expires: Thu, 29 Dec 2022 12:01:27 GMT

GET
H2 200 e415b53e2fa2455db9024e67a8095ff7_tradegothicltstd-bdcn20.woff
static.criteo.net/design/dt/ Frame 1CEA 16 KB
17 KB 69ms
59ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e415b53e2fa2455db9024e67a8095ff7_tradegothicltstd-bdcn20.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

32a0c85e2263187f149c3f876096efd80271d477c5f308c084b27e6ff101e998

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 11 Nov 2021 21:16:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"618d8813-41d8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Nov 2023 12:01:27 GMT

GET
DATA 200
OK truncated
/ Frame C656 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f1a90518e5e835cbcd0884abd8db08d410ef792cf8416fc1f2f2498dfd662ab

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 38DF 42 B
64 B 260ms
125ms Fetch
image/gif 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMLDMcjMO883irGi8n9qeywbGEDnzAU3jhCXROsRnN8wqOFzVK1GW750g5GkhEZrNWzFdVv5Ko6eEkWYO-iYKGIoF9&sig=Cg0ArKJSzPhBI_TUeB1VEAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2320542684&rs=2&la=1&cr=0&vs=4&r=v&rst=1669723285227&rpt=1020&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 12:01:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 1C72 0
127 B 60ms
58ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 29 Nov 2022 12:01:26 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 1
awghk956qa.s.ad6media.fr/tv/55532/104b00d5b4dd5545f3833d04754d262c/ 43 B
120 B 145ms
145ms Image
image/gif 87.98.153.73
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://awghk956qa.s.ad6media.fr/tv/55532/104b00d5b4dd5545f3833d04754d262c/1
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

server: nginx
date: Tue, 29 Nov 2022 12:01:27 GMT
content-type: image/gif

GET
H2

200

/
www.newbalance.com/ Frame E9CF
Redirect Chain

https://awghk956qa.s.ad6media.fr/p/54374/27766/13/0/0/0/0/3.181/0/0/0/58/0/1301259684152364/64728/0/104b00d5b4dd5545f3833d04754d262c?&ref=www.pokemonfanblog.mastertopforum.org&t=c
https://ad.admitad.com/g/8k3zba1fs4832cbddfa7d22535e02e/?&subid=S22112913012596841523641327766&
https://new-balance-athletics-inc.sjv.io/c/1310690/1417140/16502?subid1=3bf64fe5a1c75c3f6218b27641058e51&sharedid=957691
https://www.ojrq.net/p/?return=https%3A%2F%2Fnew-balance-athletics-inc.sjv.io%2Fc%2F1310690%2F1417140%2F16502%3Fsubid1%3D3bf64fe5a1c75c3f6218b27641058e51%26sharedid%3D957691%26level%3D1%26srcref%3D...
https://new-balance-athletics-inc.sjv.io/c/1310690/1417140/16502?subid1=3bf64fe5a1c75c3f6218b27641058e51&sharedid=957691&level=1&srcref=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2F&brwsr=8...
https://www.newbalance.com/?irclickid=U5qTgZ36FxyNTBtzQhw-3zc1UkA0cxRsvUhfwk0&utm_source=Impact&utm_medium=Affiliate&utm_campaign=1310690&utm_term=1417140&Ecid=af_1310690&irgwc=1

0
0

620ms
285ms

Document
text/html

23.33.238.122
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newbalance.com/?irclickid=U5qTgZ36FxyNTBtzQhw-3zc1UkA0cxRsvUhfwk0&utm_source=Impact&utm_medium=Affiliate&utm_campaign=1310690&utm_term=1417140&Ecid=af_1310690&irgwc=1

Requested by

Host: c.ad6media.fr
URL: https://c.ad6media.fr/fo4.js?125

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.33.238.122 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-33-238-122.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.pokemonfanblog.mastertopforum.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 771b305d19b21916-EWR
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
content-type: text/html;charset=UTF-8
date: Tue, 29 Nov 2022 12:01:29 GMT
expires: Thu, 01 Dec 1994 16:00:00 GMT
link: <https://a13265720009.cdn-pci.optimizely.com>;rel="preconnect",<https://cdn.cookielaw.org>;rel="preconnect",<https://static.ads-twitter.com>;rel="preconnect",<https://collect.tealiumiq.com>;rel="preconnect",<https://t.channeladvisor.com>;rel="preconnect",<https://connect.facebook.net>;rel="preconnect",<https://cdn.mouseflow.com>;rel="preconnect",<https://static.criteo.net>;rel="preconnect" <https://js-cdn.dynatrace.com>;rel="preconnect",<https://tags.tiqcdn.com>;rel="preconnect",<https://cdn.cquotient.com>;rel="preconnect",<https://fast.fonts.net>;rel="preconnect"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
server-timing: edge; dur=29 origin; dur=176 cdn-cache; desc=MISS
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,2
x-content-type-options: nosniff
x-dw-request-base-id: tpQxP4mhhWMBAAB_

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
date: Tue, 29 Nov 2022 12:01:28 GMT
expires: Tue, 29 Nov 2022 12:01:28 GMT
location: https://www.newbalance.com?irclickid=U5qTgZ36FxyNTBtzQhw-3zc1UkA0cxRsvUhfwk0&utm_source=Impact&utm_medium=Affiliate&utm_campaign=1310690&utm_term=1417140&Ecid=af_1310690&irgwc=1
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
pragma: no-cache
via: 1.1 google

GET
H2 200 ea
awghk956qa.s.ad6media.fr/fot/1301259684152364/ 43 B
120 B 145ms
144ms Image
image/gif 87.98.153.73
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://awghk956qa.s.ad6media.fr/fot/1301259684152364/ea
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

server: nginx
date: Tue, 29 Nov 2022 12:01:27 GMT
content-type: image/gif

POST
H2 200 all
csm.us.criteo.net/ Frame 1CEA 0
127 B 58ms
58ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 29 Nov 2022 12:01:27 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C656 42 B
64 B 124ms
124ms Fetch
image/gif 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstl3fxGf7-_DqxgVQdDi4sUR916s7OouHQ0eNTYi126IYSzJgx0vtwgaTZKsvC-WfwnneMlo3eFVjCpqpXJNP-IerHJ&sig=Cg0ArKJSzC02jedzNQnzEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=454,1000,1000,1000,1000&tos=454,546,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1669723286355&rpt=726&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 12:01:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 1C72 68 KB
68 KB 61ms
59ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

3ebafa9ebd3306f8e0a84f09d783f22569af1a54fb5f8b44a42119b8cf1572bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29531496
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 69664
expires: Mon, 06 Nov 2023 07:13:05 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 1CEA 68 KB
68 KB 61ms
60ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

3ebafa9ebd3306f8e0a84f09d783f22569af1a54fb5f8b44a42119b8cf1572bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29531496
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 69664
expires: Mon, 06 Nov 2023 07:13:05 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 1C72 68 KB
68 KB 66ms
64ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

f7de7ce1663943b74cb796e483ed616bcc7be5eb1d6c6d0b426cedb89ecead34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29448812
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 69492
expires: Sun, 05 Nov 2023 08:15:03 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 1CEA 68 KB
68 KB 60ms
60ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

f7de7ce1663943b74cb796e483ed616bcc7be5eb1d6c6d0b426cedb89ecead34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29448812
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 69492
expires: Sun, 05 Nov 2023 08:15:03 GMT

GET
H2 200 / Show response
awghk956qa.s.ad6media.fr/ 2 KB
2 KB 209ms
154ms Script
application/javascript 87.98.153.73
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://awghk956qa.s.ad6media.fr/?ke=104b00d5b4dd5545f3833d04754d262c&fon=2&bdi=1600x1200|1600|1200|1600|1200|1600|1113|0|0|14|0|en-US
Requested by: Host: c.ad6media.fr
URL: https://c.ad6media.fr/fo4.js?125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: f35772a10e0dfae35c56137873d280dd13bd53c3f17242f0c3e53ee53938b9f1

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: application/javascript
date: Tue, 29 Nov 2022 12:01:31 GMT
server: nginx
timing-allow-origin: *
report-to: { "url": "https://report.s.ad6media.fr/reports", "max_age": 10886400, "include_subdomains":true }
p3p: policyref="https://www.ad6media.fr/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI"

GET
H2 200 5
awghk956qa.s.ad6media.fr/tv/55532/104b00d5b4dd5545f3833d04754d262c/ 43 B
120 B 172ms
117ms Image
image/gif 87.98.153.73
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://awghk956qa.s.ad6media.fr/tv/55532/104b00d5b4dd5545f3833d04754d262c/5
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

server: nginx
date: Tue, 29 Nov 2022 12:01:31 GMT
content-type: image/gif

GET
H2 200 104b00d5b4dd5545f3833d04754d262c
awghk956qa.s.ad6media.fr/suv/6687/ 43 B
263 B 208ms
149ms Image
image/gif 87.98.153.73
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://awghk956qa.s.ad6media.fr/suv/6687/104b00d5b4dd5545f3833d04754d262c
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Tue, 29 Nov 2022 12:01:31 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
server: nginx
p3p: policyref="https://www.ad6media.fr/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI"

GET
H2 200 78868.png
style.ad6.fr/img/m/ Frame 4631 12 KB
12 KB 237ms
126ms Image
image/png 5.135.94.16
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://style.ad6.fr/img/m/78868.png?
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.135.94.16 Sarlat-la-Canéda, France, ASN16276 (OVH, FR),
Reverse DNS: ip16.ip-5-135-94.eu
Software: nginx /
Resource Hash: 06bcdfa7c0dfcec2445d9ec845e25e6c624dccf5d47f50b0ee2312e0e68fa977

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:32 GMT
last-modified: Fri, 18 Nov 2022 09:02:02 GMT
server: nginx
etag: "63774a0a-30ed"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12525
expires: Thu, 29 Dec 2022 12:01:32 GMT

GET
H2 200 104b00d5b4dd5545f3833d04754d262c
awghk956qa.s.ad6media.fr/p/53678/27766/13/0/0/0/0/2.4009/0/0/0/58/0/1301315887152362/63872/0/ Frame 4631 43 B
314 B 245ms
136ms Image
image/gif 87.98.153.73
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://awghk956qa.s.ad6media.fr/p/53678/27766/13/0/0/0/0/2.4009/0/0/0/58/0/1301315887152362/63872/0/104b00d5b4dd5545f3833d04754d262c?&ref=www.pokemonfanblog.mastertopforum.org&t=v
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 29 Nov 2022 12:01:32 GMT
server: nginx
report-to: { "url": "https://report.s.ad6media.fr/reports", "max_age": 10886400, "include_subdomains":true }
p3p: policyref="https://www.ad6media.fr/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI"

GET
H2

200

/
atlantapalms.com/ Frame 097B
Redirect Chain

https://awghk956qa.s.ad6media.fr/p/53678/27766/13/0/0/0/0/2.4009/0/0/0/58/0/1301315887152362/63872/0/104b00d5b4dd5545f3833d04754d262c?&ref=www.pokemonfanblog.mastertopforum.org&t=c
https://track.flexlinkspro.com/g.ashx?foid=156372.1010968.4611686018427589219&trid=1314262.228867&foc=11&fot=9999&fos=2&
https://atlantapalms.com/?rfsn=6929388.95a026&utm_source=refersion&utm_medium=influencers&utm_campaign=6929388.95a026&subid=156372.1010968.4611686018427589219FOF54016310368355782

0
0

517ms
129ms

Document
text/html

23.227.38.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://atlantapalms.com/?rfsn=6929388.95a026&utm_source=refersion&utm_medium=influencers&utm_campaign=6929388.95a026&subid=156372.1010968.4611686018427589219FOF54016310368355782

Requested by

Host: c.ad6media.fr
URL: https://c.ad6media.fr/fo4.js?125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pokemonfanblog.mastertopforum.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 771b307acb3b0291-MIA
content-encoding: br
content-language: en
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Tue, 29 Nov 2022 12:01:33 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMcH6TOZn8IubzhzfaYmvAga53dvjZ2Bg6uz6eMMdeLUCap61ftMoTZ9j%2FP2kRP5XtNIFu80Hy8U9kgU9FxGmb34ahurOq5iYMXb94NPRjbhL0sLqRj7eiHtsVSVbueNoVk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=38, db;dur=28, asn;desc="9009", edge;desc="MIA", country;desc="US" cfRequestDuration;dur=159.999847, earlyhints
strict-transport-security: max-age=7889238
vary: Accept
x-alternate-cache-key: cacheable:8f772db5dfbcfedf54c3a72af7b32d34
x-cache: hit, server
x-content-type-options: nosniff
x-dc: gcp-us-east1,us-east1,gcp-us-east1
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-request-id: 03c6f6ea-1cfb-487a-b367-88204037f6c9
x-shardid: 169
x-shopid: 51487768746
x-shopify-stage: production
x-sorting-hat-podid: 169
x-sorting-hat-shopid: 51487768746
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 771b3077a99f09e2-MIA
content-type: text/html; charset=utf-8
date: Tue, 29 Nov 2022 12:01:33 GMT
location: https://atlantapalms.com/?rfsn=6929388.95a026&utm_source=refersion&utm_medium=influencers&utm_campaign=6929388.95a026&subid=156372.1010968.4611686018427589219FOF54016310368355782
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H2 200 ea
awghk956qa.s.ad6media.fr/fot/1301315887152362/ 43 B
120 B 147ms
146ms Image
image/gif 87.98.153.73
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://awghk956qa.s.ad6media.fr/fot/1301315887152362/ea
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

server: nginx
date: Tue, 29 Nov 2022 12:01:33 GMT
content-type: image/gif

GET
H2 200 img
pix.us.criteo.net/img/ Frame 1C72 47 KB
47 KB 104ms
88ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

b1c9cd11079b102dbefe943c36b36b4ec2b6e634d6122e7c5bebae27e5f4f0b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29570274
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48192
expires: Mon, 06 Nov 2023 17:59:27 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 1CEA 47 KB
47 KB 71ms
70ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

b1c9cd11079b102dbefe943c36b36b4ec2b6e634d6122e7c5bebae27e5f4f0b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29570274
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48192
expires: Mon, 06 Nov 2023 17:59:27 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 1C72 0
127 B 64ms
62ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 29 Nov 2022 12:01:33 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 all
csm.us.criteo.net/ Frame 1CEA 0
127 B 80ms
63ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 29 Nov 2022 12:01:33 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
632 B 538ms
83ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10100979&ea=time&et=custom&ec=track&el=10&ev=2689&gdpr=0&gdpr_consent=

Requested by

Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 12:01:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 29 Nov 2022 12:01:36 GMT

GET
H2 200 / Show response
awghk956qa.s.ad6media.fr/ 2 KB
2 KB 170ms
169ms Script
application/javascript 87.98.153.73
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://awghk956qa.s.ad6media.fr/?ke=104b00d5b4dd5545f3833d04754d262c&fon=3&bdi=1600x1200|1600|1200|1600|1200|1600|1113|0|0|14|0|en-US
Requested by: Host: c.ad6media.fr
URL: https://c.ad6media.fr/fo4.js?125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1fab69b3bceb20fe24e4d2043a7923a22f2d9cd128262b2409234eb36788bf25

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: application/javascript
date: Tue, 29 Nov 2022 12:01:36 GMT
server: nginx
timing-allow-origin: *
report-to: { "url": "https://report.s.ad6media.fr/reports", "max_age": 10886400, "include_subdomains":true }
p3p: policyref="https://www.ad6media.fr/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI"

GET
H2 200 10
awghk956qa.s.ad6media.fr/tv/55532/104b00d5b4dd5545f3833d04754d262c/ 43 B
120 B 146ms
145ms Image
image/gif 87.98.153.73
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://awghk956qa.s.ad6media.fr/tv/55532/104b00d5b4dd5545f3833d04754d262c/10
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

server: nginx
date: Tue, 29 Nov 2022 12:01:36 GMT
content-type: image/gif

GET
H2 200 73792.png
style.ad6.fr/img/m/ Frame 793D 12 KB
12 KB 209ms
145ms Image
image/png 5.135.94.16
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://style.ad6.fr/img/m/73792.png?&u1=S22112913013654191523651327766
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.135.94.16 Sarlat-la-Canéda, France, ASN16276 (OVH, FR),
Reverse DNS: ip16.ip-5-135-94.eu
Software: nginx /
Resource Hash: ad5b48ce480f859afb080f29c31d6199380eeafb56b335451ae5d1b7aedab312

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:01:37 GMT
last-modified: Wed, 26 Oct 2022 15:12:21 GMT
server: nginx
etag: "63594e55-3047"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12359
expires: Thu, 29 Dec 2022 12:01:37 GMT

GET
H2 200 104b00d5b4dd5545f3833d04754d262c
awghk956qa.s.ad6media.fr/p/51934/27766/13/0/0/0/0/2.4007/0/0/0/58/0/1301365419152365/61394/0/ Frame 793D 43 B
314 B 202ms
154ms Image
image/gif 87.98.153.73
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://awghk956qa.s.ad6media.fr/p/51934/27766/13/0/0/0/0/2.4007/0/0/0/58/0/1301365419152365/61394/0/104b00d5b4dd5545f3833d04754d262c?&ref=www.pokemonfanblog.mastertopforum.org&t=v
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 29 Nov 2022 12:01:37 GMT
server: nginx
report-to: { "url": "https://report.s.ad6media.fr/reports", "max_age": 10886400, "include_subdomains":true }
p3p: policyref="https://www.ad6media.fr/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI"

GET
H2

200

/
sneakerthrone.com/ Frame BA8D
Redirect Chain

https://awghk956qa.s.ad6media.fr/p/51934/27766/13/0/0/0/0/2.4007/0/0/0/58/0/1301365419152365/61394/0/104b00d5b4dd5545f3833d04754d262c?&ref=www.pokemonfanblog.mastertopforum.org&t=c
https://click.linksynergy.com/fs-bin/click?id=3ETukusvEm0&offerid=1177654.3&type=3&u1=S22112913013654191523651327766&
https://sneakerthrone.com/?utm_source=Rakuten&utm_medium=affiliate&utm_content=Ad6+Media&utm_campaign=3&ranMID=49414&ranEAID=3ETukusvEm0&ranSiteID=3ETukusvEm0-P8jbOfCFmfA8EXrl0h3Usw

0
0

787ms
651ms

Document
text/html

23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sneakerthrone.com/?utm_source=Rakuten&utm_medium=affiliate&utm_content=Ad6+Media&utm_campaign=3&ranMID=49414&ranEAID=3ETukusvEm0&ranSiteID=3ETukusvEm0-P8jbOfCFmfA8EXrl0h3Usw

Requested by

Host: c.ad6media.fr
URL: https://c.ad6media.fr/fo4.js?125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pokemonfanblog.mastertopforum.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 771b309a5e060a2a-MIA
content-encoding: br
content-language: en
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Tue, 29 Nov 2022 12:01:39 GMT
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin, <//cdn.shopify.com/s/files/1/2114/6025/files/Sneaker-Throne-Home-Hero-BFCM-Extended-Desktop.jpg?v=1669673252&width=3000>; as="image"; rel="preload"; imagesrcset="//cdn.shopify.com/s/files/1/2114/6025/files/Sneaker-Throne-Home-Hero-BFCM-Extended-Desktop.jpg?v=1669673252&width=600 600w, //cdn.shopify.com/s/files/1/2114/6025/files/Sneaker-Throne-Home-Hero-BFCM-Extended-Desktop.jpg?v=1669673252&width=700 700w, //cdn.shopify.com/s/files/1/2114/6025/files/Sneaker-Throne-Home-Hero-BFCM-Extended-Desktop.jpg?v=1669673252&width=800 800w, //cdn.shopify.com/s/files/1/2114/6025/files/Sneaker-Throne-Home-Hero-BFCM-Extended-Desktop.jpg?v=1669673252&width=1000 1000w, //cdn.shopify.com/s/files/1/2114/6025/files/Sneaker-Throne-Home-Hero-BFCM-Extended-Desktop.jpg?v=1669673252&width=1200 1200w, //cdn.shopify.com/s/files/1/2114/6025/files/Sneaker-Throne-Home-Hero-BFCM-Extended-Desktop.jpg?v=1669673252&width=1400 1400w, //cdn.shopify.com/s/files/1/2114/6025/files/Sneaker-Throne-Home-Hero-BFCM-Extended-Desktop.jpg?v=1669673252&width=1600 1600w, //cdn.shopify.com/s/files/1/2114/6025/files/Sneaker-Throne-Home-Hero-BFCM-Extended-Desktop.jpg?v=1669673252&width=1800 1800w, //cdn.shopify.com/s/files/1/2114/6025/files/Sneaker-Throne-Home-Hero-BFCM-Extended-Desktop.jpg?v=1669673252&width=2000 2000w, //cdn.shopify.com/s/files/1/2114/6025/files/Sneaker-Throne-Home-Hero-BFCM-Extended-Desktop.jpg?v=1669673252&width=2200 2200w, //cdn.shopify.com/s/files/1/2114/6025/files/Sneaker-Throne-Home-Hero-BFCM-Extended-Desktop.jpg?v=1669673252&width=2400 2400w, //cdn.shopify.com/s/files/1/2114/6025/files/Sneaker-Throne-Home-Hero-BFCM-Extended-Desktop.jpg?v=1669673252&width=2600 2600w, //cdn.shopify.com/s/files/1/2114/6025/files/Sneaker-Throne-Home-Hero-BFCM-Extended-Desktop.jpg?v=1669673252&width=2800 2800w, //cdn.shopify.com/s/files/1/2114/6025/files/Sneaker-Throne-Home-Hero-BFCM-Extended-Desktop.jpg?v=1669673252&width=3000 3000w"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZFqyETsj7ZwcUrvLTe07y30aycuNVxnmDGMxWDrojtmaABwK4yQ%2Fo0TviSQ1g1M9oh5m8xbUAgK5g9yEIPgkwkIFiENydUWy1Id6ywKk3lttaKal1j26Sz%2F9Ely3n3OFUh0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=576, db;dur=202, parse;dur=30, asn;desc="9009", edge;desc="MIA", country;desc="US" cfRequestDuration;dur=657.999992, earlyhints
strict-transport-security: max-age=7889238
vary: Accept
x-alternate-cache-key: cacheable:a8d83b5f806456349d8214b0043d50a1
x-cache: miss
x-content-type-options: nosniff
x-dc: gcp-us-east1,us-east1,gcp-us-east1
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-request-id: c357170a-d25b-49a4-a87c-dc6fe5ba388d
x-shardid: 296
x-shopid: 21146025
x-shopify-stage: production
x-sorting-hat-podid: 296
x-sorting-hat-shopid: 21146025
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
connection: close
content-length: 0
date: Tue, 29 Nov 2022 12:01:38 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://sneakerthrone.com?utm_source=Rakuten&utm_medium=affiliate&utm_content=Ad6+Media&utm_campaign=3&ranMID=49414&ranEAID=3ETukusvEm0&ranSiteID=3ETukusvEm0-P8jbOfCFmfA8EXrl0h3Usw
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa OUR BUS STA"
pragma: no-cache
referer: http://www.pokemonfanblog.mastertopforum.org/

GET
H2 200 ea
awghk956qa.s.ad6media.fr/fot/1301365419152365/ 43 B
120 B 145ms
143ms Image
image/gif 87.98.153.73
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://awghk956qa.s.ad6media.fr/fot/1301365419152365/ea
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

server: nginx
date: Tue, 29 Nov 2022 12:01:38 GMT
content-type: image/gif

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
291 B 82ms
81ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10100979&ea=time&et=custom&ec=track&el=10&ev=2689&gdpr=0&gdpr_consent=

Requested by

Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 12:01:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 29 Nov 2022 12:01:41 GMT

GET
H2 200 20
awghk956qa.s.ad6media.fr/tv/55532/104b00d5b4dd5545f3833d04754d262c/ 43 B
120 B 143ms
142ms Image
image/gif 87.98.153.73
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://awghk956qa.s.ad6media.fr/tv/55532/104b00d5b4dd5545f3833d04754d262c/20
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

server: nginx
date: Tue, 29 Nov 2022 12:01:46 GMT
content-type: image/gif

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
291 B 82ms
82ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10100979&ea=time&et=custom&ec=track&el=10&ev=2689&gdpr=0&gdpr_consent=

Requested by

Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 12:01:46 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 29 Nov 2022 12:01:46 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.freestats.org
URL: http://www.freestats.org/plugins/ip2country/flags/us.png

Domain: www.freestats.org
URL: http://www.freestats.org/plugins/ip2country/flags/de.png

Domain: www.freestats.org
URL: http://www.freestats.org/plugins/ip2country/flags/it.png

Domain: www.freestats.org
URL: http://www.freestats.org/plugins/ip2country/flags/fr.png

Domain: www.freestats.org
URL: http://www.freestats.org/plugins/ip2country/flags/es.png

Domain: www.freestats.org
URL: http://www.freestats.org/plugins/ip2country/flags/br.png

Domain: www.freestats.org
URL: http://www.freestats.org/counter.php?i=174&r=&e=http%3A//www.pokemonfanblog.mastertopforum.org/noforum.php&n=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/107.0.5304.121%20Safari/537.36&p=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/107.0.5304.121%20Safari/537.36&g=http%3A//www.pokemonfanblog.mastertopforum.org/noforum.php&l=undefined&sd=24&sw=1600x1200

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.pokemonfanblog.mastertopforum.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0g4ln2p9rk1fo0osghlhqa0i83
.ad6media.fr/	1970-01-20 17:17:31	Name: ui Value: 16385f495275cc945329065
.mastertopforum.org/	1970-01-20 17:10:19	Name: __gads Value: ID=076ec1ba3b603d93-22b0675485d800f4:T=1669723285:RT=1669723285:S=ALNI_MYJ7oh2EN5K5zOIcArH1VErsr2z1Q
.mastertopforum.org/	1970-01-20 17:10:19	Name: __gpi Value: UID=000008beefa5cb73:T=1669723285:RT=1669723285:S=ALNI_MbKB2Rv_I41lNpxFEO1tDd_nhdl4Q
.doubleclick.net/	1970-01-20 17:24:43	Name: IDE Value: AHWqTUksLkCAHrsYtQPwTt5jxN3VlKYmBKLJipZx0e_aF7Fejc41DrHojegxSleEZA0
.mastertopforum.org/	1970-01-20 07:48:45	Name: ad6_pc Value: 1
.ad.admitad.com/	1970-01-20 17:24:43	Name: UID Value: v=3\|id=05ce765aa7b698e2c60ade97381ed43e\|expr=1732795288\|type=0\|business_expr=1672315288
.ad.admitad.com/	1969-12-31 23:59:59	Name: UID2 Value: v=3\|id=05ce765aa7b698e2c60ade97381ed43e\|expr=1732795288\|type=0\|business_expr=1672315288
.ojrq.net/	1970-01-20 17:24:43	Name: brwsr Value: 8e67b531-6fdd-11ed-b665-33114f863c05
.sjv.io/	1970-01-20 17:24:43	Name: brwsr Value: 8e67b531-6fdd-11ed-b665-33114f863c05
new-balance-athletics-inc.sjv.io/	1970-01-20 12:07:55	Name: irld Value: Lze-QJh0NY3xH36eSM71031tRQD70ZF1lL32Rwrnxxfx1%3A14o
www.newbalance.com/	1969-12-31 23:59:59	Name: dwac_4eef82b2a11317de54af2b5132 Value: oYFd2y3NZjqM-YT-n8G4cWrUbjNTu8a6ZTE%3D\|dw-only\|\|\|USD\|false\|US%2FEastern\|true
www.newbalance.com/	1969-12-31 23:59:59	Name: cqcid Value: acSSyEWaPlK2I0bPaIhQa9EmGE
www.newbalance.com/	1969-12-31 23:59:59	Name: cquid Value: \|\|
www.newbalance.com/	1969-12-31 23:59:59	Name: sid Value: oYFd2y3NZjqM-YT-n8G4cWrUbjNTu8a6ZTE
www.newbalance.com/	1970-01-20 12:07:55	Name: dwanonymous_b46d190781ef77bb66faac87f06d52c0 Value: acSSyEWaPlK2I0bPaIhQa9EmGE
www.newbalance.com/	1969-12-31 23:59:59	Name: __cq_dnt Value: 0
www.newbalance.com/	1969-12-31 23:59:59	Name: dw_dnt Value: 0
www.newbalance.com/	1969-12-31 23:59:59	Name: dwsid Value: hhHMdruIk3ecE-Q8sMvMeE1E_57F_jP3ddsGA8Pu_kVIYL3xzaVywsk2FM6ehGgFGbt1yDbI26vI1mA0LsELBg==
.newbalance.com/	1970-01-20 07:48:45	Name: __cf_bm Value: BbvbKLUpxndLAjhMrkaKW74xzfBRlHuvGit3aTNr22E-1669723289-0-AZF/MgsloK7bHps6LshL8spu3TxcUqPu2WnzaJUg/WfUh5kmIjhSkSUS+vkvMiXw+YUJH3AD17jzJx/DQIAhcdM=
.mastertopforum.org/	1970-01-20 07:50:09	Name: ad6fo_plus Value: 1
.yahoo.com/	1970-01-20 16:34:40	Name: A3 Value: d=AQABBKD0hWMCEDNnl0z1Pw1siRTYwRKHArsFEgEBAQFGh2OPYwAAAAAA_eMAAA&S=AQAAAsNwvkD68Eea8sBMXfJn6Xc
.linksynergy.com/	1970-01-20 16:34:19	Name: lsn_statp Value: veVyQ8AAADvzevNMDttQ%3D%3D
.linksynergy.com/	1970-01-20 16:34:19	Name: rmuid Value: f3d838f9-5094-4715-b16a-c9ec7a2a550e
.linksynergy.com/	1970-01-20 17:24:43	Name: lsclick_mid49414 Value: "2022-11-29 12:01:38.467\|3ETukusvEm0-P8jbOfCFmfA8EXrl0h3Usw"

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
javascript	warning	URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php(Line 64) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://ae4p4bar4w.s.ad6media.fr/?d=1669723284231&r=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php(Line 64) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://ae4p4bar4w.s.ad6media.fr/?d=1669723284231&r=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://ae4p4bar4w.s.ad6media.fr/?d=1669723284231&r= Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0619060941749983&output=html&h=280&slotname=2188020745&adk=2320542684&adf=1965096578&pi=t.ma~as.2188020745&w=1200&fwrn=4&fwrnh=100&lmt=1669723285&rafmt=1&format=1200x280&url=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2Fnoforum.php&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1669723284607&bpp=12&bdt=690&idt=524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=171794653032&frm=20&pv=2&ga_vid=1897128727.1669723285&ga_sid=1669723285&ga_hid=1764834597&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C42531706%2C44776004%2C31070923%2C44777813&oid=2&pvsid=4191938444186702&tmod=957906275&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Fcg0qYE8vd&p=http%3A//www.pokemonfanblog.mastertopforum.org&dtd=608 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: http://www.freestats.net/counter.php?i=8&r=&e=http%3A//www.pokemonfanblog.mastertopforum.org/noforum.php&n=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/107.0.5304.121%20Safari/537.36&p=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/107.0.5304.121%20Safari/537.36&g=http%3A//www.pokemonfanblog.mastertopforum.org/noforum.php&l=undefined&sd=24&sw=1600x1200 Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	error	Message: Refused to frame 'https://www.newbalance.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
security	error	Message: Refused to frame 'https://atlantapalms.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".
security	error	Message: Refused to frame 'https://sneakerthrone.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.admitad.com
ads.us.criteo.com
adservice.google.com
ae4p4bar4w.s.ad6media.fr
atlantapalms.com
awghk956qa.s.ad6media.fr
c.ad6media.fr
cat.va.us.criteo.com
cdnjs.cloudflare.com
click.linksynergy.com
csm.us.criteo.net
googleads.g.doubleclick.net
new-balance-athletics-inc.sjv.io
pagead2.googlesyndication.com
partner.googleadservices.com
pix.us.criteo.net
rtb.va.us.criteo.com
sneakerthrone.com
sp.analytics.yahoo.com
static.criteo.net
style.ad6.fr
style2.ad6.fr
tpc.googlesyndication.com
track.flexlinkspro.com
www.freestats.net
www.freestats.org
www.googletagservices.com
www.mastertopforum.eu
www.masterworld.org
www.newbalance.com
www.ojrq.net
www.pokemonfanblog.mastertopforum.org
www.freestats.org
178.32.120.35
23.227.38.32
23.227.38.65
23.33.238.122
2606:4700::6811:180e
2606:4700::6811:a35c
2607:f8b0:4006:80c::2002
2607:f8b0:4006:816::2002
2607:f8b0:4006:817::2002
2607:f8b0:4006:81f::2002
2607:f8b0:4006:824::2001
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::a
31.170.105.177
34.231.8.66
34.95.127.121
35.212.79.71
35.227.211.136
5.135.162.57
5.135.94.16
74.119.119.147
76.13.32.146
79.143.185.233
87.98.153.73
91.194.90.102
0642381b1589d1ddd8c874400727d12b1d1c7df90bf4ec640b9a6a8e31824249
06b81bb7df2632bb5e65f97405f064cc5207cd90ea02aabe600685d1133c4ccc
06bcdfa7c0dfcec2445d9ec845e25e6c624dccf5d47f50b0ee2312e0e68fa977
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
100a79221e013ca1fe205e594222ffc28722f4fadeaac7ee31f9abf842f2d067
1fab69b3bceb20fe24e4d2043a7923a22f2d9cd128262b2409234eb36788bf25
256d36cfaa073735ff47a9937b97986fc838d2a417cad52057fbc7f3ecef23a5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32a0c85e2263187f149c3f876096efd80271d477c5f308c084b27e6ff101e998
35ace17c92ca477853ce11c45e198abd3cb26a41f11a4411a9dea48ec25b478c
39733976b1c0177f00c66e25fe4ecd2a9fa9515a2d873193094a857f671162d4
3ebafa9ebd3306f8e0a84f09d783f22569af1a54fb5f8b44a42119b8cf1572bd
467f1fc56a98e88d57d231446f032a1e3efa853f01409654ab1d90afccfaa5e3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e710e01936f0a44c245a12bc7832748f7305f935376a3b2429ff095233fc1cd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
618c11ffdc14e284decbebe76f52c73d94a357960a356e96679ad3bb88c19f80
64c9c3dc28715f6c6f758a51c2d8bc1815b33f86af8cebaf8993ac84a6433e4c
67a24a05747c9eecc7baa5f9e806b4aa6c7dec809b11e079b778fd6e69b80cee
69cef1ed452e54ba8580427a673d6e04af249d8ea28be95b1f31ff0bc6e263b7
6b8c59ac0a5085a730ea4a6742a18f078bfc3848ccb082f629fff11b576c6901
6cc31cc35cfa43adcc675bd940550fe24aa51b8127144b511ab2cdbda94dffb5
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
732296dbf7ebeeb9bf4d4836720d8f0bd7f6760821b5bb8e80dd660339ce7084
781f95266dcfd8fa8889009f37c8ca55813776b3ffe05405b8d93bd47ee5629c
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7dc7aad1a0cfc1a83d7e738bd95a263396b23cbdb29c73886d96c7554d19c188
7ea9c103dcd1b10392b8ef378a941914233e9fce02f6c4749503b2449a016724
836c8262653ac6979ac5d22114fa40648871ce95f17a45dfdd2db2c25e48e9e5
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9f1a90518e5e835cbcd0884abd8db08d410ef792cf8416fc1f2f2498dfd662ab
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ad5b48ce480f859afb080f29c31d6199380eeafb56b335451ae5d1b7aedab312
b1c9cd11079b102dbefe943c36b36b4ec2b6e634d6122e7c5bebae27e5f4f0b0
bc8584d9da09ca0f8e3329bd974dfa9176ef8cf3015f275d4fc98daef86b4635
c8f44882b903653ad64d8a946d3c5d3ed878848b6fe1936141568cccf1ed8445
c93aa25a43fb8f3fc998fefc3188b4712ba1e34c6e87826141f97aa2e6f05213
cc568b7355831ff248d5681264d2d22484b29cdde2f47ff1acb7a8bf99d18bd1
d68dcf4d66af5d921e7564199d7d61dc161756453aad5b6bda3600ab78d52775
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a669735fa107786f09178de699852a83d5db33483da7865e98a96edbe5f636
f35772a10e0dfae35c56137873d280dd13bd53c3f17242f0c3e53ee53938b9f1
f56e008235182846012e8ded18dc6b683f80c3474e5c8ff19ec205c94aecbc90
f7de7ce1663943b74cb796e483ed616bcc7be5eb1d6c6d0b426cedb89ecead34

www.pokemonfanblog.mastertopforum.org Open in urlscan Pro 31.170.105.177 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

115 Requests

78 %HTTPS

43 %IPv6

24 Domains

32 Subdomains

24 IPs

4 Countries

1512 kBTransfer

2530 kBSize

25 Cookies

12 Outgoing links

Page URL History

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.pokemonfanblog.mastertopforum.org Open in urlscan Pro
31.170.105.177 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

78 %
HTTPS

43 %
IPv6

24
Domains

32
Subdomains

24
IPs

4
Countries

1512 kB
Transfer

2530 kB
Size

25
Cookies

115 HTTP transactions
-1 data transactions