himitsu-no-pettoakad.foroactivo.com Open in urlscan Pro
94.23.76.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://himitsu-no-pettoakad.foroactivo.com/
Effective URL:
https://himitsu-no-pettoakad.foroactivo.com/
Submission: On December 04 via api (December 4th 2023, 1:52:00 am UTC) from US — Scanned from NO

Summary HTTP 369 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 81 IPs in 13 countries across 56 domains to perform 369 HTTP transactions. The main IP is 94.23.76.111, located in Lisbon, Portugal and belongs to OVH, FR. The main domain is himitsu-no-pettoakad.foroactivo.com.
TLS certificate: Issued by R3 on November 26th 2023. Valid for: 3 months.

This is the only time himitsu-no-pettoakad.foroactivo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	94.23.159.185 94.23.159.185	16276 (OVH) (OVH)
5	94.23.76.111 94.23.76.111	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
10	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:225e:c00:1c:96c8:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:303... 2606:4700:3038::6815:eb4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
60	146.75.120.193 146.75.120.193	54113 (FASTLY) (FASTLY)
5	162.19.58.157 162.19.58.157	16276 (OVH) (OVH)
6	212.63.223.227 212.63.223.227	30880 (SPACEDUMP...) (SPACEDUMP-AS This ASN is located on STHIX at Tulegatan Stokab)
1	2606:4700:303... 2606:4700:3032::6815:1f9f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.19.88.68 162.19.88.68	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
50	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
15	2606:4700:20:... 2606:4700:20::681a:e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
4	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	3.20.201.250 3.20.201.250	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1 9	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5 12	35.156.210.91 35.156.210.91	16509 (AMAZON-02) (AMAZON-02)
2 2	188.42.34.64 188.42.34.64	7979 (SERVERS-COM) (SERVERS-COM)
12	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	3.139.153.231 3.139.153.231	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	54.228.143.85 54.228.143.85	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:22b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.173.144.137 69.173.144.137	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2602:803:c003... 2602:803:c003:200::45	26667 (RUBICONPR...) (RUBICONPROJECT)
3	145.40.97.66 145.40.97.66	54825 (PACKET) (PACKET)
1 4	167.235.184.171 167.235.184.171	24940 (HETZNER-AS) (HETZNER-AS)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.106.140.18 185.106.140.18	7979 (SERVERS-COM) (SERVERS-COM)
1	185.86.138.124 185.86.138.124	201081 (SMARTADSE...) (SMARTADSERVER)
3	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::681a:a19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.126.176.240 3.126.176.240	16509 (AMAZON-02) (AMAZON-02)
1 4	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
3	185.106.33.48 185.106.33.48	200478 (TABOOLA-AS) (TABOOLA-AS)
8	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
9	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
9	2a05:d018:d29... 2a05:d018:d29:3602:c677:cda8:fdd8:5f9a	16509 (AMAZON-02) (AMAZON-02)
7	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
18	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
3	184.30.16.195 184.30.16.195	16625 (AKAMAI-AS) (AKAMAI-AS)
9	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2602:803:c003... 2602:803:c003:200::57	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	89.149.192.75 89.149.192.75	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2a02:2638:3::6 2a02:2638:3::6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2606:4700::68... 2606:4700::6813:9e13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:310... 2a02:26f0:3100::1735:2a09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2.18.160.23 2.18.160.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	131.153.158.209 131.153.158.209	60558 (SECUREDSE...) (SECUREDSERVERS-EU)
2	141.95.33.120 141.95.33.120	16276 (OVH) (OVH)
1	2606:4700:e2:... 2606:4700:e2::ac40:8413	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
2 3	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	185.86.138.155 185.86.138.155	201081 (SMARTADSE...) (SMARTADSERVER)
2	35.157.123.207 35.157.123.207	16509 (AMAZON-02) (AMAZON-02)
4 4	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
1 1	54.38.197.123 54.38.197.123	16276 (OVH) (OVH)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1	8.2.110.114 8.2.110.114	46636 (NATCOWEB) (NATCOWEB)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 1	8.2.110.113 8.2.110.113	46636 (NATCOWEB) (NATCOWEB)
2	209.192.201.180 209.192.201.180	() ()
1	2a02:6ea0:c70... 2a02:6ea0:c700::19	() ()
1	2a02:6ea0:c70... 2a02:6ea0:c700::22	() ()
369	81

1 94.23.159.185 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)

himitsu-no-pettoakad.foroactivo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 94.23.76.111 (Lisbon, Portugal)

ASN16276 (OVH, FR)

himitsu-no-pettoakad.foroactivo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

illiweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect.topicit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:c00:1c:96c8:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

ac.audiencerun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3038::6815:eb4c (United States)

ASN13335 (CLOUDFLARENET, US)

2img.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.19.58.157 (France)

ASN16276 (OVH, FR)
PTR: ns3096589.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 212.63.223.227 (Sweden)

ASN30880 (SPACEDUMP-AS This ASN is located on STHIX at Tulegatan Stokab, SE)

images2.imgbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:1f9f (United States)

ASN13335 (CLOUDFLARENET, US)

i.servimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.88.68 (France)

ASN16276 (OVH, FR)
PTR: ns3221377.ip-162-19-88.eu

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:20::681a:e5 (United States)

ASN13335 (CLOUDFLARENET, US)

ac.aruncdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.20.201.250 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-201-250.us-east-2.compute.amazonaws.com

d.audiencerun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 35.156.210.91 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-210-91.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.34.64 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.139.153.231 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-139-153-231.us-east-2.compute.amazonaws.com

pbs.prd.audiencerun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.228.143.85 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-143-85.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::45 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 167.235.184.171 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.171.184.235.167.clients.your-server.de

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.124 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:a19 (United States)

ASN13335 (CLOUDFLARENET, US)

rtb.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.176.240 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-176-240.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.211.12 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

il-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a05:d018:d29:3602:c677:cda8:fdd8:5f9a (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::57 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.149.192.75 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ssp-sync.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9e13 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100::1735:2a09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.160.23 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 131.153.158.209 (Amsterdam, Netherlands)

ASN60558 (SECUREDSERVERS-EU, US)

id.a-mx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8413 (United States)

ASN13335 (CLOUDFLARENET, US)

adxbid.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.86.138.155 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.123.207 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-123-207.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.5.132 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.197.123 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)

us.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.110.113 (United States) 1 redirects

ASN46636 (NATCOWEB, US)

as.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.192.201.180 (None, )

ASN- ()

user-sync.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::19 (None, )

ASN- ()

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::22 (None, )

ASN- ()

vpaid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
76	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1020 trc.taboola.com — Cisco Umbrella Rank: 648 15.taboola.com — Cisco Umbrella Rank: 5769 images.taboola.com — Cisco Umbrella Rank: 1870 vidstat.taboola.com — Cisco Umbrella Rank: 3027 il-trc-events.taboola.com — Cisco Umbrella Rank: 21434 imprammp.taboola.com — Cisco Umbrella Rank: 15008 am-match.taboola.com — Cisco Umbrella Rank: 15404 wf.taboola.com — Cisco Umbrella Rank: 3217 am-vid-events.taboola.com — Cisco Umbrella Rank: 14680 vidstatb.taboola.com — Cisco Umbrella Rank: 5135 pips.taboola.com — Cisco Umbrella Rank: 1659 cds.taboola.com — Cisco Umbrella Rank: 1860	2 MB
60	imgur.com i.imgur.com — Cisco Umbrella Rank: 7364	2 MB
30	rubiconproject.com prebid-server.rubiconproject.com — Cisco Umbrella Rank: 788 fastlane.rubiconproject.com — Cisco Umbrella Rank: 537 eus.rubiconproject.com — Cisco Umbrella Rank: 588 token.rubiconproject.com — Cisco Umbrella Rank: 461 beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 10017	135 KB
17	audiencerun.com ac.audiencerun.com — Cisco Umbrella Rank: 275733 d.audiencerun.com — Cisco Umbrella Rank: 45019 pbs.prd.audiencerun.com — Cisco Umbrella Rank: 260867	21 KB
16	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474 ups.analytics.yahoo.com — Cisco Umbrella Rank: 307	4 KB
15	aruncdn.com ac.aruncdn.com — Cisco Umbrella Rank: 166971	458 KB
14	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 776 gum.criteo.com — Cisco Umbrella Rank: 424 ssp-sync.criteo.com — Cisco Umbrella Rank: 1274 mug.criteo.com — Cisco Umbrella Rank: 2811	10 KB
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	89 KB
12	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 336	3 KB
9	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	1 KB
7	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	3 MB
7	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	40 KB
7	illiweb.com illiweb.com — Cisco Umbrella Rank: 263682	34 KB
6	smartadserver.com 3 redirects prg.smartadserver.com — Cisco Umbrella Rank: 1657 ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1332 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622	4 KB
6	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504 ads.pubmatic.com — Cisco Umbrella Rank: 544 image6.pubmatic.com — Cisco Umbrella Rank: 793	18 KB
6	imgbox.com images2.imgbox.com — Cisco Umbrella Rank: 60009	128 KB
6	foroactivo.com 1 redirects himitsu-no-pettoakad.foroactivo.com	91 KB
5	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 acdn.adnxs.com — Cisco Umbrella Rank: 610	20 KB
5	ibb.co i.ibb.co — Cisco Umbrella Rank: 12045	112 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 560	2 KB
4	admixer.net 1 redirects inv-nets.admixer.net — Cisco Umbrella Rank: 2137	5 KB
4	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 751 assets.a-mo.net — Cisco Umbrella Rank: 1553	3 KB
3	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480 ssum.casalemedia.com	2 KB
3	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1054 match.sharethrough.com — Cisco Umbrella Rank: 495	240 B
3	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 714	526 B
3	adxpremium.services rtb.adxpremium.services — Cisco Umbrella Rank: 9875 user-sync.adxpremium.services	3 KB
3	media.net 1 redirects prebid.media.net — Cisco Umbrella Rank: 1498 hbx.media.net — Cisco Umbrella Rank: 1215 contextual.media.net — Cisco Umbrella Rank: 665	10 KB
3	360yield.com ad.360yield.com — Cisco Umbrella Rank: 666	584 B
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 1628 mp.4dex.io — Cisco Umbrella Rank: 2346	25 KB
3	topicit.net connect.topicit.net — Cisco Umbrella Rank: 512626	5 KB
3	2img.net 2img.net — Cisco Umbrella Rank: 228139	5 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	43 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 ajax.googleapis.com — Cisco Umbrella Rank: 340 imasdk.googleapis.com — Cisco Umbrella Rank: 487	220 KB
2	vidoomy.com vid.vidoomy.com vpaid.vidoomy.com	19 KB
2	openx.net 2 redirects eu-u.openx.net — Cisco Umbrella Rank: 2473	755 B
2	ck-ie.com 1 redirects us.ck-ie.com — Cisco Umbrella Rank: 3209 as.ck-ie.com — Cisco Umbrella Rank: 8046	613 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 425	988 B
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1601	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6765	515 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	675 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	148 KB
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 372	140 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940	295 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 1072	467 B
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 10154	281 B
1	adxbid.info adxbid.info — Cisco Umbrella Rank: 11675	3 KB
1	a-mx.com id.a-mx.com — Cisco Umbrella Rank: 1702	287 B
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1586	63 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	64 KB
1	adpone.com rtb.adpone.com — Cisco Umbrella Rank: 22777	935 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	1 KB
1	gstatic.com fonts.gstatic.com	35 KB
1	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 19131	4 KB
1	servimg.com i.servimg.com — Cisco Umbrella Rank: 240301	2 KB
0	lijit.com Failed ap.lijit.com Failed
369	56

	Domain	Requested by
60	i.imgur.com	himitsu-no-pettoakad.foroactivo.com
18	eus.rubiconproject.com	imprammp.taboola.com am-match.taboola.com eus.rubiconproject.com himitsu-no-pettoakad.foroactivo.com ac.aruncdn.com
18	cdn.taboola.com	himitsu-no-pettoakad.foroactivo.com cdn.taboola.com
15	ac.aruncdn.com	ac.audiencerun.com himitsu-no-pettoakad.foroactivo.com d.audiencerun.com ac.aruncdn.com
12	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
12	x.bidswitch.net	5 redirects imprammp.taboola.com am-match.taboola.com
11	pagead2.googlesyndication.com	himitsu-no-pettoakad.foroactivo.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	token.rubiconproject.com	eus.rubiconproject.com
9	pr-bh.ybp.yahoo.com	imprammp.taboola.com am-match.taboola.com
9	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com
9	trc.taboola.com	cdn.taboola.com himitsu-no-pettoakad.foroactivo.com
8	gum.criteo.com	1 redirects cdn.taboola.com static.criteo.net ac.aruncdn.com
8	d.audiencerun.com	ac.audiencerun.com himitsu-no-pettoakad.foroactivo.com ac.aruncdn.com
7	s0.2mdn.net	himitsu-no-pettoakad.foroactivo.com s0.2mdn.net
7	ups.analytics.yahoo.com	imprammp.taboola.com am-match.taboola.com
7	pbs.prd.audiencerun.com	ac.aruncdn.com himitsu-no-pettoakad.foroactivo.com prebid.a-mo.net
7	illiweb.com	himitsu-no-pettoakad.foroactivo.com
6	wf.taboola.com	vidstat.taboola.com
6	am-match.taboola.com	vidstat.taboola.com
6	images.taboola.com	himitsu-no-pettoakad.foroactivo.com
6	images2.imgbox.com	himitsu-no-pettoakad.foroactivo.com
6	himitsu-no-pettoakad.foroactivo.com	1 redirects himitsu-no-pettoakad.foroactivo.com
5	i.ibb.co	himitsu-no-pettoakad.foroactivo.com
4	c1.adform.net	4 redirects
4	rtb-csync.smartadserver.com	2 redirects
4	ib.adnxs.com	1 redirects ac.aruncdn.com acdn.adnxs.com
4	inv-nets.admixer.net	1 redirects ac.aruncdn.com
4	bidder.criteo.com	static.criteo.net ac.aruncdn.com
3	cds.taboola.com	cdn.taboola.com
3	pips.taboola.com	cdn.taboola.com
3	vidstatb.taboola.com	himitsu-no-pettoakad.foroactivo.com
3	ads.pubmatic.com	ac.aruncdn.com adxbid.info
3	imprammp.taboola.com	vidstat.taboola.com
3	il-trc-events.taboola.com	himitsu-no-pettoakad.foroactivo.com
3	onetag-sys.com	ac.aruncdn.com
3	prebid.a-mo.net	ac.aruncdn.com
3	ad.360yield.com	ac.aruncdn.com himitsu-no-pettoakad.foroactivo.com
3	connect.topicit.net	himitsu-no-pettoakad.foroactivo.com connect.topicit.net
3	2img.net	himitsu-no-pettoakad.foroactivo.com
3	static.criteo.net	himitsu-no-pettoakad.foroactivo.com
2	user-sync.adxpremium.services	adxbid.info
2	eu-u.openx.net	2 redirects
2	match.sharethrough.com
2	ssum-sec.casalemedia.com	1 redirects
2	id5-sync.com	ac.aruncdn.com
2	googleads4.g.doubleclick.net	himitsu-no-pettoakad.foroactivo.com
2	tpc.googlesyndication.com	himitsu-no-pettoakad.foroactivo.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	himitsu-no-pettoakad.foroactivo.com pagead2.googlesyndication.com
2	image6.pubmatic.com	ads.pubmatic.com
2	am-vid-events.taboola.com	himitsu-no-pettoakad.foroactivo.com
2	script.4dex.io	ac.aruncdn.com script.4dex.io
2	15.taboola.com	cdn.taboola.com
2	ads.betweendigital.com	2 redirects
2	www.google.de	himitsu-no-pettoakad.foroactivo.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ac.audiencerun.com	himitsu-no-pettoakad.foroactivo.com ac.audiencerun.com
2	www.googletagmanager.com	himitsu-no-pettoakad.foroactivo.com www.googletagmanager.com
1	vpaid.vidoomy.com	vid.vidoomy.com
1	ssum.casalemedia.com	1 redirects
1	vid.vidoomy.com	adxbid.info
1	as.ck-ie.com	1 redirects
1	eb2.3lift.com	adxbid.info
1	lb.eu-1-id5-sync.com	ac.aruncdn.com
1	cm.g.doubleclick.net
1	us.ck-ie.com
1	t.adx.opera.com
1	a4p.adpartner.pro	1 redirects
1	acdn.adnxs.com	ac.aruncdn.com
1	contextual.media.net	ac.aruncdn.com
1	adxbid.info	ac.aruncdn.com
1	id.a-mx.com	ac.aruncdn.com
1	mug.criteo.com
1	hbx.media.net	1 redirects
1	code.createjs.com	s0.2mdn.net
1	www.googletagservices.com	s0.2mdn.net
1	assets.a-mo.net	prebid.a-mo.net
1	ssp-sync.criteo.com	ac.aruncdn.com
1	ssbsync-global.smartadserver.com	1 redirects
1	beacon-ams3.rubiconproject.com	himitsu-no-pettoakad.foroactivo.com
1	btlr.sharethrough.com	ac.aruncdn.com
1	rtb.adpone.com	ac.aruncdn.com
1	prg.smartadserver.com	ac.aruncdn.com
1	rtb.adxpremium.services	ac.aruncdn.com
1	prebid.media.net	ac.aruncdn.com
1	fastlane.rubiconproject.com	ac.aruncdn.com
1	prebid-server.rubiconproject.com	ac.aruncdn.com
1	mp.4dex.io	ac.aruncdn.com
1	hbopenbid.pubmatic.com	ac.aruncdn.com
1	cdn.jsdelivr.net	ac.aruncdn.com
1	www.google.com	himitsu-no-pettoakad.foroactivo.com
1	imasdk.googleapis.com	ac.audiencerun.com
1	region1.analytics.google.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	i.postimg.cc	himitsu-no-pettoakad.foroactivo.com
1	i.servimg.com	himitsu-no-pettoakad.foroactivo.com
1	ajax.googleapis.com	himitsu-no-pettoakad.foroactivo.com
1	fonts.googleapis.com	himitsu-no-pettoakad.foroactivo.com
0	ap.lijit.com Failed	adxbid.info
369	99

This site contains links to these domains. Also see Links.

Domain
anita-codes.tumblr.com
asistencia.foroactivo.com
dixinmortal.vampire-legend.net
sourcecode.foroactivo.com
thecaptainknowsbest.tumblr.com
creativecommons.org
www.foroactivo.com
hp-avada-kedavra.foroactivo.com
odisseyrpg.foroactivo.com
xdescendantsx.foroactivo.com
hayateschool.foroactivo.com
jujutsukaisen.foroactivo.com
asteriarpg.foroactivo.com
bokunoheroacademia.foroactivo.com
eternalspiritgods.foroactivo.com
blueberry.foroactivo.com
www.pokemon-ysiel.com
renegaderpg.foroactivo.com
solararpg.foroactivo.com
nborn.foroactivo.com
marvel-dynasty.foroactivo.com
ikigai-rp.foroactivo.com
pokemon-vjola.foroactivo.com
fate-uprising.foroactivo.com
tokyorevengers-rol.foroactivo.com
dc-new-frontier.foroactivo.com
goddessofdelirium.foroactivo.com
digimon-newage.foroactivo.com
pokemonhisuirpg.foroactivo.com
phiada-island.foroactivo.com
afterlife-hotel.foroactivo.com
paragons-rpg.foroactivo.com
afeastforcrows.foroactivo.com
op-rebirth.foroactivo.com
twitter.com
www.facebook.com
discord.gg
www.audiencerun.com

Subject Issuer	Validity	Valid
m91.maxns.net R3	`2023-11-26` - `2024-02-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
illiweb.com Cloudflare Inc ECC CA-3	`2023-05-16` - `2024-05-15`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.audiencerun.com Amazon RSA 2048 M02	`2023-06-27` - `2024-07-26`	a year	crt.sh
2img.net Cloudflare Inc ECC CA-3	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
ibb.co R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh
*.imgbox.com GoGetSSL RSA DV CA	`2023-10-20` - `2024-11-19`	a year	crt.sh
servimg.com Cloudflare Inc ECC CA-3	`2023-05-17` - `2024-05-16`	a year	crt.sh
postimg.cc R3	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
topicit.net Cloudflare Inc ECC CA-3	`2023-06-04` - `2024-06-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
aruncdn.com GTS CA 1P5	`2023-11-15` - `2024-02-13`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.prd.audiencerun.com Amazon RSA 2048 M02	`2023-03-01` - `2024-03-29`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.a-mo.net R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
*.admixer.net Sectigo ECC Domain Validation Secure Server CA	`2022-11-21` - `2023-12-22`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.adxpremium.services Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-05`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
id.a-mx.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-12` - `2024-11-10`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
adxbid.info E1	`2023-10-07` - `2024-01-05`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.adx.opera.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-22` - `2024-06-20`	a year	crt.sh
ck-ie.com Go Daddy Secure Certificate Authority - G2	`2022-11-12` - `2023-12-14`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-10-06`	a year	crt.sh

This page contains 40 frames:

Primary Page: https://himitsu-no-pettoakad.foroactivo.com/
Frame ID: 3384D9BB908537F7505DBA48FB01AE17
Requests: 178 HTTP requests in this frame

Frame: https://connect.topicit.net/button/light?id=topicit-connect-0&redirect=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F&lang=es&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2Ftopicit%2Findex.php%2Fconnect&version=1
Frame ID: 1B756411FA3C94F8671C9A813793C004
Requests: 2 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/forforumotion-es/loader.js
Frame ID: DAD54AC57AC95C8D06E2E7C95B4A927D
Requests: 23 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/forforumotion-es/loader.js
Frame ID: 68534595A5BF4EDF17FA7FFDCEC154FF
Requests: 21 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/forforumotion-es/loader.js
Frame ID: 67FBEAB75D2D58EF5DA2603D669A851B
Requests: 24 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8015557&crid=4660541&dast=V8FSACLAbMfGGwvB6KcBKY-cJgeT0U4SwAAABgYED8AEltNhPHyrJxy1aT5Vq0sEzcwplr4datbLPFyuVceVa-ISAZ52Ti3ExsbsHGY1yLhrvVWmJaLdwi22Kx3A1WztHEZgURNxkOn4OBqOh6W-wOp9nzBixoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3--UAAAAA4AHAUUcPhB9AAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAA0AB1L4GgE8ODHm6vAwqu8vi8Hr9AQDgAQIEAIAABgkAgfGVEgAQnnUnAAAAAAAAAABY_P___8cA0HMqlgFgAb3aA-DBB8ADkQLIIowAAAAAyP5Toh6ZpBNULKoAABCkWwG4AgAQwChjOLUbBgAAAEBM2aafJlcspNaYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEJu64VpgmD0wtX8AgIArPkFBABgo24AAN4EwAk5LGg6HT7XvV7odDtNn9db7ncLXqbT3-F1mOwyv-Xv8Jietr9d43f7RYegFYPB6ijEYjNYDYajwW52AAAAAO78____4ynb9NPkioXU0gMiFsPMZnItVr7lZDGxzDwL08rhcHkWg-HIOZg5tudpW6qa0h4Lq0_ETYbD52AgKrreFrvDafbcz4QtRqvJZLMczpaLyWA4Go5G-zMQi-UATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGBo5HBvLwuNWLowTt2gxmLiFM4dhLZqZXK7VaLNYWFZr0etj-thmE9tmuEWCAR57EVykE5nfcvNbXm-_6em3u1Wei1iiOVmkE9llX7EYZjaTa7HyLSeLiWXmWZhWDofLsxgMR87BzLEvjRyOjWXhcSsXxolbtBhM3MKZw7AWzUwu12q0WSwsq7Xo9TF9bLOJbTPcN3aDxWw12i0m-8ZusJitRrvFZN9hMj1Tn7PRbyv5PSZb67aWSmxOg8JlsHh_n4u0GW3cjC6ZsdvZmcTZkPZgjPj9fr_f7_f7_X5xwmtQeA4e1W4aNI3Xl-Nmt954DwZFLBGcLtKJ6GU8XcQSydMinSh3i4VxYTKsHBbTcrSYDEe7iWswmQyWo91kNVtYxBKl6SKd6CXqP3qI3XAuWa3mitFwrpgNVwkAAAAAAAAAwBJMM90EAAAAwMkghsvJZLdcAA_xf7oAAAAAAAAAAHa5_4yF2ae3VRZr7DEI81tufsvr7Tc9_Xa3ynNlAA_U5Mw284wg1mq1rAEAAAhgAwAACOCmG28CMxg5-4Ckijxwo9YL-RXEaDFY7B-ACrFWq-XzxVqtlsD___9_!&cmcv=&pix=undefined&cb=1701654713780&uv=3363&tms=1701654713780&abt=adxsub-out_vA!adxsub-out_vB!ufm&ru=https://himitsu-no-pettoakad.foroactivo.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=533b1e2c-6529-4a2b-8f5a-7e661ee9e3e7&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 375AF868B077A20FA7FD026A4AA382D2
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8FSACLAbMfGGwvB6KcBKY-cJgeT0U4SwAAABgYED8AEltNhPHyrJxy1aT5Vq0sEzcwplr4datbLPFyuVceVa-ISAZ52Ti3ExsbsHGY1yLhrvVWmJaLdwi22Kx3A1WztHEZgURNxkOn4OBqOh6W-wOp9nzBixoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3--UAAAAA4AHAUUcPhB9AAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAA0AB1L4GgE8ODHm6vAwqu8vi8Hr9AQDgAQIEAIAABgkAgfGVEgAQnnUnAAAAAAAAAABY_P___8cA0HMqlgFgAb3aA-DBB8ADkQLIIowAAAAAyP5Toh6ZpBNULKoAABCkWwG4AgAQwChjOLUbBgAAAEBM2aafJlcspNaYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEJu64VpgmD0wtX8AgIArPkFBABgo24AAN4EwAk5LGg6HT7XvV7odDtNn9db7ncLXqbT3-F1mOwyv-Xv8Jietr9d43f7RYegFYPB6ijEYjNYDYajwW52AAAAAO78____4ynb9NPkioXU0gMiFsPMZnItVr7lZDGxzDwL08rhcHkWg-HIOZg5tudpW6qa0h4Lq0_ETYbD52AgKrreFrvDafbcz4QtRqvJZLMczpaLyWA4Go5G-zMQi-UATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGBo5HBvLwuNWLowTt2gxmLiFM4dhLZqZXK7VaLNYWFZr0etj-thmE9tmuEWCAR57EVykE5nfcvNbXm-_6em3u1Wei1iiOVmkE9llX7EYZjaTa7HyLSeLiWXmWZhWDofLsxgMR87BzLEvjRyOjWXhcSsXxolbtBhM3MKZw7AWzUwu12q0WSwsq7Xo9TF9bLOJbTPcN3aDxWw12i0m-8ZusJitRrvFZN9hMj1Tn7PRbyv5PSZb67aWSmxOg8JlsHh_n4u0GW3cjC6ZsdvZmcTZkPZgjPj9fr_f7_f7_X5xwmtQeA4e1W4aNI3Xl-Nmt954DwZFLBGcLtKJ6GU8XcQSydMinSh3i4VxYTKsHBbTcrSYDEe7iWswmQyWo91kNVtYxBKl6SKd6CXqP3qI3XAuWa3mitFwrpgNVwkAAAAAAAAAwBJMM90EAAAAwMkghsvJZLdcAA_xf7oAAAAAAAAAAHa5_4yF2ae3VRZr7DEI81tufsvr7Tc9_Xa3ynNlAA_U5Mw284wg1mq1rAEAAAhgAwAACOCmG28CMxg5-4Ckijxwo9YL-RXEaDFY7B-ACrFWq-XzxVqtlsD___9_!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 846118B8E35DA797E6BF997166368DB1
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: E53C6B74C85D85814FAEEAF46DCA2CC1
Requests: 3 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8xb4CLAaE5XTldv-EfxMIy-nK7f4J_y4AAABgYED8AMmtFi6Px2RxCye2kVs0W-7WytFmsRauRibfzLjxeFw2IyC51cLl8ZgsbuHENnKLZsvdWjnaLNbC1cjkmxk3Ho_LZgUUMxgML6vBQFR0vS12h9PseevWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8MmBIU-Xl0Fld1kcXq8_AAAAAIAAAAAAIAEgML5SAgDCs-7E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAkDPkrxsLfTHnMYNIgV4RRgAAAABk_ylRj0zSCSoWVf7___utAFwBAAhglDGU-syiOyjxFgYAAABATNmmnyZXLKTWmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCbuuFaYJg9MLV_AICAKz5BQQAYKNuAADeBMAJOSxoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3-0WHoBWDweooxGIzWA2Go8FudgAAAADu_P___-Mp2_TT5IqF1NIDIpbdZjcaDhcz02wxcyyHk-VgNBgOVs7VcDRazryHPKBTNZYfvaUPxQwGw8tqMBAVXW-L3eE0e966-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYrEcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGPO0Wi4mSzWypVp4xaNLCu3xGUyuTWzicU22LgszuFyLXp9TB_bbGLbDLdIMMBjL5KnRTrROHejwWA4Wdk2zt1iOZmZTC7PcDayGVcTw8gym4glmpNFOpFd9hXLbrMbDYeLmWm2mDmWw8lyMBoMByvnajgaLWf-mnM0Gm4mi7VyZdq4RSPLyi1xmUxuzWxisQ02LotzuFyLXh_Txzab2DbDfWM3WMxWo91ism_sBovZarRbTPYdJtMz9Tkb_baS32OytW5rqcTmNChcBov397lIm9HGzeiSGbudnUmcDWkPxojf7_f7_X6_3-8XJ7wGhefgUe2mQdN4fTluduuN92BQxBLBRTqR-S03v-X19puefrtb5bmIJUrTRTrRS8QSwekinYhextNF_UcPsRvOJavVXDEazhWz4SoBAAAAAAAAAFiCaaabAAAAADgZxHA5mezW6SAGw-VitFgugIf4P10AAAAAAAAAALvcf8bC7NPbKos19hiE-S03v-X19puefrtb5bkygAdqcmabfUYQa7Va1gAAAASwAQAABHDTjTeBGUzc_____zgAAAAycugBAACI7wOSKvLAjVov5FcQm8Vqtn8AKsRarVa3G2u1WgENZLeYbXYT-P___w8!&cmcv=&pix=undefined&cb=1701654713903&uv=3363&tms=1701654713903&abt=adxsub-out_vA!adxsub-out_vB!ufm&ru=https://himitsu-no-pettoakad.foroactivo.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=75aeccdb-8b6d-4697-9431-85dd7f8cccef&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: DC4ECA5EE1536F0F93763AFDB82B1EF7
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8xb4CLAaE5XTldv-EfxMIy-nK7f4J_y4AAABgYED8AMmtFi6Px2RxCye2kVs0W-7WytFmsRauRibfzLjxeFw2IyC51cLl8ZgsbuHENnKLZsvdWjnaLNbC1cjkmxk3Ho_LZgUUMxgML6vBQFR0vS12h9PseevWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8MmBIU-Xl0Fld1kcXq8_AAAAAIAAAAAAIAEgML5SAgDCs-7E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAkDPkrxsLfTHnMYNIgV4RRgAAAABk_ylRj0zSCSoWVf7___utAFwBAAhglDGU-syiOyjxFgYAAABATNmmnyZXLKTWmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCbuuFaYJg9MLV_AICAKz5BQQAYKNuAADeBMAJOSxoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3-0WHoBWDweooxGIzWA2Go8FudgAAAADu_P___-Mp2_TT5IqF1NIDIpbdZjcaDhcz02wxcyyHk-VgNBgOVs7VcDRazryHPKBTNZYfvaUPxQwGw8tqMBAVXW-L3eE0e966-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYrEcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGPO0Wi4mSzWypVp4xaNLCu3xGUyuTWzicU22LgszuFyLXp9TB_bbGLbDLdIMMBjL5KnRTrROHejwWA4Wdk2zt1iOZmZTC7PcDayGVcTw8gym4glmpNFOpFd9hXLbrMbDYeLmWm2mDmWw8lyMBoMByvnajgaLWf-mnM0Gm4mi7VyZdq4RSPLyi1xmUxuzWxisQ02LotzuFyLXh_Txzab2DbDfWM3WMxWo91ism_sBovZarRbTPYdJtMz9Tkb_baS32OytW5rqcTmNChcBov397lIm9HGzeiSGbudnUmcDWkPxojf7_f7_X6_3-8XJ7wGhefgUe2mQdN4fTluduuN92BQxBLBRTqR-S03v-X19puefrtb5bmIJUrTRTrRS8QSwekinYhextNF_UcPsRvOJavVXDEazhWz4SoBAAAAAAAAAFiCaaabAAAAADgZxHA5mezW6SAGw-VitFgugIf4P10AAAAAAAAAALvcf8bC7NPbKos19hiE-S03v-X19puefrtb5bkygAdqcmabfUYQa7Va1gAAAASwAQAABHDTjTeBGUzc_____zgAAAAycugBAACI7wOSKvLAjVov5FcQm8Vqtn8AKsRarVa3G2u1WgENZLeYbXYT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: FBD7A26634654ACA33B03A40A635870A
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 0A5BC0B5D1A33836C3416773C563D7D7
Requests: 3 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8015557&crid=4660561&dast=V8i4MCLAbkIMwtdRtP_RDIQZhb6jae-ikAAABgYED8AAlNNr7lbDZcKyarxVq0mNjcypFjsVbMJs6Ry2MxzRwjIyAZ32AxGmwma9XEOXGLVs7FWjlyzdyymWuwcRknDpdtMgUUMxgML6vBQFR0vS12h9PseWvWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPAA46oiC8AMIABABAAAAQAIAAAAAhYAK_xYELgAAAABgACiA2tcA8MmBIU-Xl0Fld1kcXq8_AAA8QIAAABDAIAEgML5SAgDCs-4EAAAAAAAAAACL_____xgAek7FMgAsoFd7ADz4AHggUrBahBEAAAAA2X9K1COTdIKKRRUAAIJ0KwBXAAACGGUMq3DCAAAAAIgp2_TT5IqF1BqzQA-L32922DV-t8sAAAAAAAAAAJj5P_OPRshtvTBNEIxeuJpfQACANb-AAABs1A0AwJsAOCGHBU2nw-e61wudbqfp83rL_W7By3T6O7wOk13mt_wdHtPT9rdr_G6_6BC0YjBYHYVYbAarwXA02M0OAAAAwJ3___9_PGWbfppcsZBaekBos3IuloOVbeQyLhbG1XKwMSwcNuNqshquZq6R92yAPxiZBkUG9aGYwWB4WQ0GoqLrbbE7nGbPWzM_E7YYrSaTzXI4Wy4mg-FoOBrtz0AslgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgwjKcjFy7kVs2c1jcotnI4RZODJu1auZyrIbL0WCzMKxFr4_pY5tNbJvlFgkGeOxFcJFOZH7LzW95vf2mp9_uVnkuYonmZJFOZJd9abNyLpaDlW3kMi4WxtVysDEsHDbjarIarmaukb9hGU5Grt3ILZs5LG7RbORwCyeGzVo1czlWw-VosFkY1qLXx_SxzSa2zXLf2A0Ws9Vot9jsG7vBYrYa7RabfYfJ9Ex9zka_reT3mGyt21oqsTkNCpfB4v19LtJmtHEzumTGbmdnEmdD2oMx4vf7_X6_3-_3-8UJr0HhOXhUu2nQNF5fjpvdeuM9GBSxRHC6SCeil_F0EUskT4t0ohwsVqPhwuXwDFemlXNksRg2w-HG5JnYjJPVwmMRS5Smi3Sil6j_6CF2w7lktZorRsO5YjZcJQAAAAAAAAAASzDNdBMAAAAAJ4MYLieT3XIBPMT_6QIAAAAAAAAA2OX-MxZmn95WWayxxyDMb7n5La-33_T0290qz5UBPFCTM9vMM4JYq9WyBgAAIIANAAAggJtuvAnMYOTsA5Iq8sCNWi_8B6BCrNVq-XyxVqsl8P___x8!&cmcv=&pix=undefined&cb=1701654714049&uv=3363&tms=1701654714049&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!iiqrc_vB!t45!u2822_vA!ufm&ru=https://himitsu-no-pettoakad.foroactivo.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=42c79668-1251-41bf-9d11-16b9decb4f1d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: DEA98DA083E77967FF6E9D750ECED72F
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8i4MCLAbkIMwtdRtP_RDIQZhb6jae-ikAAABgYED8AAlNNr7lbDZcKyarxVq0mNjcypFjsVbMJs6Ry2MxzRwjIyAZ32AxGmwma9XEOXGLVs7FWjlyzdyymWuwcRknDpdtMgUUMxgML6vBQFR0vS12h9PseWvWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPAA46oiC8AMIABABAAAAQAIAAAAAhYAK_xYELgAAAABgACiA2tcA8MmBIU-Xl0Fld1kcXq8_AAA8QIAAABDAIAEgML5SAgDCs-4EAAAAAAAAAACL_____xgAek7FMgAsoFd7ADz4AHggUrBahBEAAAAA2X9K1COTdIKKRRUAAIJ0KwBXAAACGGUMq3DCAAAAAIgp2_TT5IqF1BqzQA-L32922DV-t8sAAAAAAAAAAJj5P_OPRshtvTBNEIxeuJpfQACANb-AAABs1A0AwJsAOCGHBU2nw-e61wudbqfp83rL_W7By3T6O7wOk13mt_wdHtPT9rdr_G6_6BC0YjBYHYVYbAarwXA02M0OAAAAwJ3___9_PGWbfppcsZBaekBos3IuloOVbeQyLhbG1XKwMSwcNuNqshquZq6R92yAPxiZBkUG9aGYwWB4WQ0GoqLrbbE7nGbPWzM_E7YYrSaTzXI4Wy4mg-FoOBrtz0AslgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgwjKcjFy7kVs2c1jcotnI4RZODJu1auZyrIbL0WCzMKxFr4_pY5tNbJvlFgkGeOxFcJFOZH7LzW95vf2mp9_uVnkuYonmZJFOZJd9abNyLpaDlW3kMi4WxtVysDEsHDbjarIarmaukb9hGU5Grt3ILZs5LG7RbORwCyeGzVo1czlWw-VosFkY1qLXx_SxzSa2zXLf2A0Ws9Vot9jsG7vBYrYa7RabfYfJ9Ex9zka_reT3mGyt21oqsTkNCpfB4v19LtJmtHEzumTGbmdnEmdD2oMx4vf7_X6_3-_3-8UJr0HhOXhUu2nQNF5fjpvdeuM9GBSxRHC6SCeil_F0EUskT4t0ohwsVqPhwuXwDFemlXNksRg2w-HG5JnYjJPVwmMRS5Smi3Sil6j_6CF2w7lktZorRsO5YjZcJQAAAAAAAAAASzDNdBMAAAAAJ4MYLieT3XIBPMT_6QIAAAAAAAAA2OX-MxZmn95WWayxxyDMb7n5La-33_T0290qz5UBPFCTM9vMM4JYq9WyBgAAIIANAAAggJtuvAnMYOTsA5Iq8sCNWi_8B6BCrNVq-XyxVqsl8P___x8!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: DE601B2466CD4183BE2F13B073C29B88
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: AB009C714B811DD27CF897BBB893CE14
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 7BE1FF41E01217A679477C64F5221374
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8FSACLAbMfGGwvB6KcBKY-cJgeT0U4SwAAABgYED8AEltNhPHyrJxy1aT5Vq0sEzcwplr4datbLPFyuVceVa-ISAZ52Ti3ExsbsHGY1yLhrvVWmJaLdwi22Kx3A1WztHEZgURNxkOn4OBqOh6W-wOp9nzBixoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3--UAAAAA4AHAUUcPhB9AAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAA0AB1L4GgE8ODHm6vAwqu8vi8Hr9AQDgAQIEAIAABgkAgfGVEgAQnnUnAAAAAAAAAABY_P___8cA0HMqlgFgAb3aA-DBB8ADkQLIIowAAAAAyP5Toh6ZpBNULKoAABCkWwG4AgAQwChjOLUbBgAAAEBM2aafJlcspNaYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEJu64VpgmD0wtX8AgIArPkFBABgo24AAN4EwAk5LGg6HT7XvV7odDtNn9db7ncLXqbT3-F1mOwyv-Xv8Jietr9d43f7RYegFYPB6ijEYjNYDYajwW52AAAAAO78____4ynb9NPkioXU0gMiFsPMZnItVr7lZDGxzDwL08rhcHkWg-HIOZg5tudpW6qa0h4Lq0_ETYbD52AgKrreFrvDafbcz4QtRqvJZLMczpaLyWA4Go5G-zMQi-UATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGBo5HBvLwuNWLowTt2gxmLiFM4dhLZqZXK7VaLNYWFZr0etj-thmE9tmuEWCAR57EVykE5nfcvNbXm-_6em3u1Wei1iiOVmkE9llX7EYZjaTa7HyLSeLiWXmWZhWDofLsxgMR87BzLEvjRyOjWXhcSsXxolbtBhM3MKZw7AWzUwu12q0WSwsq7Xo9TF9bLOJbTPcN3aDxWw12i0m-8ZusJitRrvFZN9hMj1Tn7PRbyv5PSZb67aWSmxOg8JlsHh_n4u0GW3cjC6ZsdvZmcTZkPZgjPj9fr_f7_f7_X5xwmtQeA4e1W4aNI3Xl-Nmt954DwZFLBGcLtKJ6GU8XcQSydMinSh3i4VxYTKsHBbTcrSYDEe7iWswmQyWo91kNVtYxBKl6SKd6CXqP3qI3XAuWa3mitFwrpgNVwkAAAAAAAAAwBJMM90EAAAAwMkghsvJZLdcAA_xf7oAAAAAAAAAAHa5_4yF2ae3VRZr7DEI81tufsvr7Tc9_Xa3ynNlAA_U5Mw284wg1mq1rAEAAAhgAwAACOCmG28CMxg5-4Ckijxwo9YL-RXEaDFY7B-ACrFWq-XzxVqtlsD___9_!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 8564AAD4E3E51F447515C84D290AC594
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpbs.prd.audiencerun.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 78ACFC70EAEABD34EA7EC3E5394D6BF8
Requests: 2 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8xb4CLAaE5XTldv-EfxMIy-nK7f4J_y4AAABgYED8AMmtFi6Px2RxCye2kVs0W-7WytFmsRauRibfzLjxeFw2IyC51cLl8ZgsbuHENnKLZsvdWjnaLNbC1cjkmxk3Ho_LZgUUMxgML6vBQFR0vS12h9PseevWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8MmBIU-Xl0Fld1kcXq8_AAAAAIAAAAAAIAEgML5SAgDCs-7E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAkDPkrxsLfTHnMYNIgV4RRgAAAABk_ylRj0zSCSoWVf7___utAFwBAAhglDGU-syiOyjxFgYAAABATNmmnyZXLKTWmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCbuuFaYJg9MLV_AICAKz5BQQAYKNuAADeBMAJOSxoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3-0WHoBWDweooxGIzWA2Go8FudgAAAADu_P___-Mp2_TT5IqF1NIDIpbdZjcaDhcz02wxcyyHk-VgNBgOVs7VcDRazryHPKBTNZYfvaUPxQwGw8tqMBAVXW-L3eE0e966-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYrEcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGPO0Wi4mSzWypVp4xaNLCu3xGUyuTWzicU22LgszuFyLXp9TB_bbGLbDLdIMMBjL5KnRTrROHejwWA4Wdk2zt1iOZmZTC7PcDayGVcTw8gym4glmpNFOpFd9hXLbrMbDYeLmWm2mDmWw8lyMBoMByvnajgaLWf-mnM0Gm4mi7VyZdq4RSPLyi1xmUxuzWxisQ02LotzuFyLXh_Txzab2DbDfWM3WMxWo91ism_sBovZarRbTPYdJtMz9Tkb_baS32OytW5rqcTmNChcBov397lIm9HGzeiSGbudnUmcDWkPxojf7_f7_X6_3-8XJ7wGhefgUe2mQdN4fTluduuN92BQxBLBRTqR-S03v-X19puefrtb5bmIJUrTRTrRS8QSwekinYhextNF_UcPsRvOJavVXDEazhWz4SoBAAAAAAAAAFiCaaabAAAAADgZxHA5mezW6SAGw-VitFgugIf4P10AAAAAAAAAALvcf8bC7NPbKos19hiE-S03v-X19puefrtb5bkygAdqcmabfUYQa7Va1gAAAASwAQAABHDTjTeBGUzc_____zgAAAAycugBAACI7wOSKvLAjVov5FcQm8Vqtn8AKsRarVa3G2u1WgENZLeYbXYT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: CEB964CBAA888293B7FB82D2448073CB
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: D7695BA7EFFFDBCCC4B37C923AA3C3F2
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: B0AF29B7C4EDCE666496417B05AEF4AC
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8i4MCLAbkIMwtdRtP_RDIQZhb6jae-ikAAABgYED8AAlNNr7lbDZcKyarxVq0mNjcypFjsVbMJs6Ry2MxzRwjIyAZ32AxGmwma9XEOXGLVs7FWjlyzdyymWuwcRknDpdtMgUUMxgML6vBQFR0vS12h9PseWvWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPAA46oiC8AMIABABAAAAQAIAAAAAhYAK_xYELgAAAABgACiA2tcA8MmBIU-Xl0Fld1kcXq8_AAA8QIAAABDAIAEgML5SAgDCs-4EAAAAAAAAAACL_____xgAek7FMgAsoFd7ADz4AHggUrBahBEAAAAA2X9K1COTdIKKRRUAAIJ0KwBXAAACGGUMq3DCAAAAAIgp2_TT5IqF1BqzQA-L32922DV-t8sAAAAAAAAAAJj5P_OPRshtvTBNEIxeuJpfQACANb-AAABs1A0AwJsAOCGHBU2nw-e61wudbqfp83rL_W7By3T6O7wOk13mt_wdHtPT9rdr_G6_6BC0YjBYHYVYbAarwXA02M0OAAAAwJ3___9_PGWbfppcsZBaekBos3IuloOVbeQyLhbG1XKwMSwcNuNqshquZq6R92yAPxiZBkUG9aGYwWB4WQ0GoqLrbbE7nGbPWzM_E7YYrSaTzXI4Wy4mg-FoOBrtz0AslgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgwjKcjFy7kVs2c1jcotnI4RZODJu1auZyrIbL0WCzMKxFr4_pY5tNbJvlFgkGeOxFcJFOZH7LzW95vf2mp9_uVnkuYonmZJFOZJd9abNyLpaDlW3kMi4WxtVysDEsHDbjarIarmaukb9hGU5Grt3ILZs5LG7RbORwCyeGzVo1czlWw-VosFkY1qLXx_SxzSa2zXLf2A0Ws9Vot9jsG7vBYrYa7RabfYfJ9Ex9zka_reT3mGyt21oqsTkNCpfB4v19LtJmtHEzumTGbmdnEmdD2oMx4vf7_X6_3-_3-8UJr0HhOXhUu2nQNF5fjpvdeuM9GBSxRHC6SCeil_F0EUskT4t0ohwsVqPhwuXwDFemlXNksRg2w-HG5JnYjJPVwmMRS5Smi3Sil6j_6CF2w7lktZorRsO5YjZcJQAAAAAAAAAASzDNdBMAAAAAJ4MYLieT3XIBPMT_6QIAAAAAAAAA2OX-MxZmn95WWayxxyDMb7n5La-33_T0290qz5UBPFCTM9vMM4JYq9WyBgAAIIANAAAggJtuvAnMYOTsA5Iq8sCNWi_8B6BCrNVq-XyxVqsl8P___x8!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 5BD7A74487AF6356C6917ED2BF7ABDE0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHfi88DEOKAs84FGPORk_4BMAE&v=APEucNVY4q97Sw5mc57ZgMVpQCwu8NKJM5K73MEFenRR2FYG8XP6FIebV3cjJGOlGGJkj8bJYvujTC1Sv-c7Lunz-v2L5r3Tqrba0jhAtXj5QYj9DGtkzOqOCBAKmmuzTNzFcZUmtYlnX-HUic38FKGskLVkBVErCRHRJAIY06OKHgIr3zviMcQ
Frame ID: 9761E8B476AC1F65F67CBF474A444A95
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 138DC0E6B6DA6A6A1764051F41FA44C9
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: A9A6DA9A7CD58E0A8AD3AA6FDAD105BC
Requests: 3 HTTP requests in this frame

Frame: https://ssp-sync.criteo.com/user-sync/iframe?gdprapplies=&gdpr=&ccpa=&redir=https%3A%2F%2Fpbs.prd.audiencerun.com%2F%2Fsetuid%3Fbidder%3Dcriteo%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24%7BCRITEO_USER_ID%7D&profile=230
Frame ID: FBAC191477DB2DC94F464099595E80EF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=no
Frame ID: FDA56E965ECE3272A84FC56C4F1B694D
Requests: 3 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&s=pbs&cb=https%3A%2F%2Fpbs.prd.audiencerun.com%2F%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: 246469B2EF61929FF82A4E65A1B915BC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 30D0DAFDABF2BCBD4F5170E5F9321B6E
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fpbs.prd.audiencerun.com%2F%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=
Frame ID: 64A74D9F5825510C487DDC0F9A2D6FDF
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6543346977231339520/728x90/728x90.html?ev=01_250
Frame ID: 8A459A3C18FBFEEDAFED490BCB490D79
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=himitsu-no-pettoakad.foroactivo.com
Frame ID: 4028F723A43ED9E8CABD4E15A04BA3DC
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1701654713698
Frame ID: 7BE3398DB7C5FB2F2F43BB7C339E262E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7D0B14D353E137DD65A6968ABCB46CFA
Requests: 3 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 6E2162223AF438D6506DD4824D14C2C0
Requests: 1 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 7C3FC67754F017E3C249735F97E92D9A
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157365
Frame ID: 5D3FD6C68A0B1A1F7DA355001B02F706
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8N8428&prvid=2034%2C2033%2C2030%2C2073%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C446%2C404%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 2273C5FC72A7ADAD3BCB2FFC34036D4E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C3B22A80BC95DE1CC09AAC8B587634AF
Requests: 3 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Frame ID: 409CBF7EF7E3667F344E1CD53800C098
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 401E1588DA3097DD9B99796737643C65
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Himitsu No Pettoakademi

Page URL History Show full URLs

http://himitsu-no-pettoakad.foroactivo.com/ HTTP 301
https://himitsu-no-pettoakad.foroactivo.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

twemoji(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

369
Requests

96 %
HTTPS

41 %
IPv6

56
Domains

99
Subdomains

81
IPs

13
Countries

8817 kB
Transfer

18819 kB
Size

51
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: https://anita-codes.tumblr.com/post/618247858394644480/lorem-ipsum
Title: Ana Codes

Search URL Search Domain Scan URL

URL: http://asistencia.foroactivo.com/
Title: ForoActivo

Search URL Search Domain Scan URL

URL: http://dixinmortal.vampire-legend.net/
Title: Dixinmortal

Search URL Search Domain Scan URL

URL: http://sourcecode.foroactivo.com/
Title: Source Code

Search URL Search Domain Scan URL

URL: http://thecaptainknowsbest.tumblr.com/
Title: The Captain Knows Best

Search URL Search Domain Scan URL

URL: http://creativecommons.org/licenses/by-nc-nd/4.0/
Title: Licencia de Creative Commons

Search URL Search Domain Scan URL

URL: https://www.foroactivo.com/crear-un-foro/phpbb3
Title: Crear foro

Search URL Search Domain Scan URL

URL: https://www.foroactivo.com/phpbb
Title: phpBB

Search URL Search Domain Scan URL

URL: https://asistencia.foroactivo.com/
Title: Foro gratis de asistencia

Search URL Search Domain Scan URL

URL: https://www.foroactivo.com/
Title: foro gratis

Search URL Search Domain Scan URL

URL: http://hp-avada-kedavra.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://odisseyrpg.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://xdescendantsx.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://hayateschool.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://jujutsukaisen.foroactivo.com/

Search URL Search Domain Scan URL

URL: http://asteriarpg.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://bokunoheroacademia.foroactivo.com/

Search URL Search Domain Scan URL

URL: http://eternalspiritgods.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://blueberry.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://www.pokemon-ysiel.com/

Search URL Search Domain Scan URL

URL: https://renegaderpg.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://solararpg.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://nborn.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://marvel-dynasty.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://ikigai-rp.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://asteriarpg.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://pokemon-vjola.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://fate-uprising.foroactivo.com/

Search URL Search Domain Scan URL

URL: http://tokyorevengers-rol.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://dc-new-frontier.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://goddessofdelirium.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://digimon-newage.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://pokemonhisuirpg.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://phiada-island.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://afterlife-hotel.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://paragons-rpg.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://afeastforcrows.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://op-rebirth.foroactivo.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/pettoakademi

Search URL Search Domain Scan URL

URL: https://www.facebook.com/himitsu.pettoakademi.9

Search URL Search Domain Scan URL

URL: https://discord.gg/PPDumuKp9M

Search URL Search Domain Scan URL

URL: https://www.audiencerun.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://himitsu-no-pettoakad.foroactivo.com/ HTTP 301
https://himitsu-no-pettoakad.foroactivo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 133

https://x.bidswitch.net/sync?ssp=audiencerun&user_id=1656d30b8ed9ce506458129&gdpr=0 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=audiencerun&user_id=1656d30b8ed9ce506458129&gdpr=0 HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Daudiencerun%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Daudiencerun%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=-332173210402499968 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=4ffd4c54-498c-5252-a649-a7c0c3249779&ssp=audiencerun&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
https://d.audiencerun.com/bsw_sync?userid=2ecd5c3e-8199-4990-9cb1-2e17fbb28830&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 283

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fpbs.prd.audiencerun.com%2F%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5Bssb_sync_pid%5D HTTP 302
https://pbs.prd.audiencerun.com//setuid?bidder=smartadserver&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=6037653639839682426

Request Chain 311

https://ib.adnxs.com/getuid?https%3A%2F%2Fpbs.prd.audiencerun.com%2F%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://pbs.prd.audiencerun.com//setuid?bidder=appnexus&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=9166068716408060964

Request Chain 320

https://inv-nets.admixer.net/adxcm.aspx?gdpr=&gdpr_consent=&us_privacy=&redir=1&rurl=https%3A%2F%2Fpbs.prd.audiencerun.com%2F%2Fsetuid%3Fbidder%3Dadmixer%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%24visitor_cookie%24%24 HTTP 302
https://pbs.prd.audiencerun.com/setuid?bidder=admixer&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=b3d1626bfcc447ecbab432f3553405fc

Request Chain 321

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fpbs.prd.audiencerun.com%2F%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
https://pbs.prd.audiencerun.com//setuid?bidder=medianet&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=0000EEA

Request Chain 325

https://gum.criteo.com/sid/json?origin=publishertag&domain=foroactivo.com&sn=ChromeSyncframe&so=0&topUrl=himitsu-no-pettoakad.foroactivo.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=TGOcPXxqS0gvQ2ZmWXdBUTZsekhrUm1BOUh5N3M4MExCUXlEMWRGWUZjdVhYTWRpWE5YNk5UanZ5MFZFL2t2V0x6ZWkrLzZTOUR5VXdLREt6ZlFvUTNUUG1YKzFXTmZEaFhSS01lRjJmVk9lS1pNTk1jSDJubE9NWHVMTzh2aDhtSFVyNXkwOU44dUVxS1UwUjluNTJIczlMcENOUThFQlZKUzZDVjQyWW82dWthTTd3Z0s0WndOVVArZVpibkFqb0tuaHZ0ZTJoc1NyaXJ3d0kzeEpscVR5U0oydU5CWVZvckg1Zm9MbVlsdGFkcm15YzdOMExUN3dwQlBxT3BURCtSMzZzYVJ0cVV3TVZFYzdnUStLVzdSdkRsQT09fA&cppv=2

Request Chain 339

https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1

Request Chain 340

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6037653639839682426&gdpr=0&gdpr_consent=

Request Chain 342

https://x.bidswitch.net/sync?ssp=admixer&user_id=b3d1626bfcc447ecbab432f3553405fc&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=admixer HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=admixer HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=5856528034461342552&ssp=admixer HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=2ecd5c3e-8199-4990-9cb1-2e17fbb28830&gdpr=&consent=&gdpr_pd=

Request Chain 343

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=1b414717-3584-4e45-96bd-38ae204ff78a

Request Chain 345

https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=928034344544434121&gdpr=0&gdpr_consent=

Request Chain 347

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjAzNzY1MzYzOTgzOTY4MjQyNg==&gdpr=0&gdpr_consent=

Request Chain 348

https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://eu-u.openx.net/w/1.0/cm?cc=1&id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=14282b71-15a3-0b4d-1b8d-e542b54d4cc0&gdpr=0&gdpr_consent=

Request Chain 356

https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=029b5ff53c6197f7b5d637743481d5fe4c687501cfd9f303a8e7df46cf0c061d

Request Chain 364

https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZW0wvc2hKWPN-pPGz4foFQAA%264477

369 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
himitsu-no-pettoakad.foroactivo.com/
Redirect Chain

http://himitsu-no-pettoakad.foroactivo.com/
https://himitsu-no-pettoakad.foroactivo.com/

143 KB
21 KB

516ms
369ms

Document
text/html

94.23.76.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.23.76.111 Lisbon, Portugal, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

d043f3842d074cc8d55b17d3fcb2194a800414e963774f73dfd26a95e8d3b2f2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Mon, 04 Dec 2023 01:51:51 GMT
expires: Mon, 04 Dec 2023 00:00:00 GMT
last-modified: Mon, 04 Dec 2023 01:51:51 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
vary: User-Agent
x-content-type-options: nosniff
x-xss-protection: 1

Redirect headers

content-length: 0
date: Mon, 04 Dec 2023 01:51:50 GMT
location: https://himitsu-no-pettoakad.foroactivo.com/

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
885 B 241ms
81ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Great+Vibes&display=swap

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a3eb37cd27db163117bdd65f24555708748528618164b4f2464990dc6042e70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 01:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 01:51:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 01:51:51 GMT

GET
H2 200 79-ltr.css
himitsu-no-pettoakad.foroactivo.com/ 214 KB
68 KB 363ms
354ms Stylesheet
text/css 94.23.76.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsu-no-pettoakad.foroactivo.com/79-ltr.css

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.23.76.111 Lisbon, Portugal, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

23a7269c5481935300311b9ae4eed210173a799e399811916c55e81bf5f4cca0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:51 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 00:00:00 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-cache-ma: MISS
content-length: 68958
x-xss-protection: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
93 KB 231ms
72ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:24:01 GMT
x-content-type-options: nosniff
age: 376070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94840
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 17:24:01 GMT

GET
H2 200 es.js Show response
illiweb.com/rs3/80/frm/lang/ 72 KB
18 KB 141ms
48ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/80/frm/lang/es.js

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

170dac8117b815860285989688107dfc6dc0a383a4f65627973d299c10e23956

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 852902
cf-polished: origSize=73814
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: EXPIRED
cf-bgj: minify
last-modified: Tue, 16 May 2023 15:02:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fBZ8jkXcWYAxc%2FSieKh4IAJwPOYcxUQAFKvSUdCu1httXYgmhX%2Bu9Mol7ptPi4x%2Bs6EVauNUFHkTCLOksK2aCDX0XzDya9Kf2DzARwbHrQ6dKcorv10f3m%2BsQR8FyRHmo8wZgcL7EcCkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: EXPIRED
cf-ray: 8300681b5b7856cc-OSL
expires: Sat, 23 Nov 2024 04:56:49 GMT

GET
H2 200 99189.js Show response
himitsu-no-pettoakad.foroactivo.com/ 3 KB
2 KB 96ms
89ms Script
application/x-javascript 94.23.76.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsu-no-pettoakad.foroactivo.com/99189.js

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.23.76.111 Lisbon, Portugal, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

21590d1a4164ea6eae62920b6ecd2a89fd0c7a3e6bd2342022395b6cd87ab9a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Jan 1970 00:03:09 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-cache-ma: HIT
content-length: 1605
x-xss-protection: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 14342.js Show response
himitsu-no-pettoakad.foroactivo.com/ 102 B
367 B 96ms
90ms Script
application/x-javascript 94.23.76.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsu-no-pettoakad.foroactivo.com/14342.js

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.23.76.111 Lisbon, Portugal, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

2eaa8adb8e774a9d7b39bf515ea41e6a93f3363e66050b922729a1e93fba2ac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Feb 2021 20:45:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-cache-ma: HIT
content-length: 111
x-xss-protection: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 129 KB
42 KB 254ms
126ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-20336"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 05 Dec 2023 01:51:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 252ms
89ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-144386270-1

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

53140700ea3e59b792bb4c001a0b868891c6c797accbb0727d4ca70038cd2b1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69004
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Dec 2023 01:51:51 GMT

GET
H2 200 jquery.cookie.js Show response
illiweb.com/rs3/80/frm/jquery/cookie/ 1011 B
813 B 137ms
47ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/80/frm/jquery/cookie/jquery.cookie.js

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 771794
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: EXPIRED
cf-bgj: minify
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dUvao3RU9rVX8cMNGE9XM91jLn4tJWicQFDRdxaqiNVgJiPuyqZLQaZCGgbYGOEV%2FPNHkhC3AuDLUYVBvAZBlZBhT0GMeRYWniMK9TwhwwFIyWdr%2Fb7HtvM%2BPhthxepEfboYkZseusFbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: EXPIRED
cf-ray: 8300681b5b7956cc-OSL
expires: Sun, 24 Nov 2024 03:28:37 GMT

GET
H2 200 tag.js Show response
ac.audiencerun.com/j/ 12 KB
5 KB 240ms
65ms Script
application/javascript 2600:9000:225e:c00:1c:96c8:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ac.audiencerun.com/j/tag.js
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c00:1c:96c8:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75f4bd359fa1c3ec6d502058278a9a79ab115b23f290796bc3a2794c42a8123c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: 6JH7zSbHgGFp0zrMUJ.Ee8mf9Zs4SsNF
content-encoding: gzip
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
date: Sun, 03 Dec 2023 09:47:30 GMT
last-modified: Wed, 22 Nov 2023 16:58:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 57863
x-amz-server-side-encryption: AES256
etag: W/"4af05c8d0006f47f3c3eae65f42724a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,public
x-amz-cf-id: Gu5ptzGwtdssTBb6yxzGTsjG-f7nlQn-AVixeE858EshKct79MXssg==

GET
H2 200 tooltipster.js Show response
illiweb.com/rs3/80/frm/mentions/ 17 KB
5 KB 135ms
46ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/80/frm/mentions/tooltipster.js

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a56d8fd2c346648167ab574f3be9f54f3a96707aeddcdd3ceabd3ac1201b8057

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 669915
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: EXPIRED
cf-bgj: minify
last-modified: Tue, 27 Aug 2019 14:00:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bU5LmSMpTyJNo2zlD%2FotraicwZkaU%2BgvROIYQwY%2Bk%2BROE6qpohJA0Zg087FDxHWvI2XKGsUOsLt4P%2F42doH1r0mOJ0U6skxVjez7OmFjQXFXgmf44FPGlDiDxxR%2F3xOCzMM6MoGg%2FR34A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: EXPIRED
cf-ray: 8300681b5b7c56cc-OSL
expires: Mon, 25 Nov 2024 07:46:36 GMT

GET
H2 200 init.js Show response
illiweb.com/rs3/80/frm/mentions/ 2 KB
1 KB 136ms
47ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/80/frm/mentions/init.js

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cce595b201da3285768c8375124b2976eafacaa8002781d478ee1f9d69dc8c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 949001
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: EXPIRED
cf-bgj: minify
last-modified: Wed, 22 Mar 2023 14:29:57 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WMv5geyvBeIAC%2FgrDBWM5NbUkF%2BBWn%2FFZ0E2bzAhongHeW0nEotfpG6O5A10lMCZos78JJ5%2BshrEY3Wu6PYKgjHd1GMtAs8XS3QxR7eQ2dR3FuojfFCA5ur3%2FoTM%2F4zPhXVbwt9OjbEow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: EXPIRED
cf-ray: 8300681b5b7a56cc-OSL
expires: Fri, 22 Nov 2024 02:15:10 GMT

GET
H2 200 tooltipster.css
illiweb.com/rs3/80/frm/mentions/ 6 KB
2 KB 133ms
45ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/80/frm/mentions/tooltipster.css

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2393ec9a6d20fc58d60f8d9140fd7ccdd709ec1ab00036dce2847901c2ba92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 507683
cf-polished: origSize=6667
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: EXPIRED
cf-bgj: minify
last-modified: Tue, 27 Aug 2019 14:00:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uC2pQAWQuTpsh5jRfP1%2F9m2nFIJeZjWCBtxZeRr0ZRfeLtm1b6qxpw9xfKclN5wTl0TCc8Le8PyFf%2FqEvkw5yTPJYLm0ZHUiO20P7Aq6ipxkzo83vAD3FjpsQpR5MZq%2BORjkeXI%2FMj9XFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: EXPIRED
cf-ray: 8300681b5b7656cc-OSL
expires: Wed, 27 Nov 2024 04:50:28 GMT

GET
H2 200 twemoji.min.js Show response
illiweb.com/rs3/80/frm/twemoji/ 17 KB
4 KB 133ms
46ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/80/frm/twemoji/twemoji.min.js

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cafa97c620f0e83a82d4068ef5164f36687061a1045a3d5a1f721cfb8ca0b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1026628
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: EXPIRED
last-modified: Tue, 10 Jan 2023 08:34:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zvv%2FGP5gpBGa8%2FGPAgJ8Yo%2Boc4S84O07P2ZRdJWu4wevckSB%2FSvAk%2BtrLws8%2BGDsfHuS95JGka5dV%2FWetsFXHppg5KmI1CIUEBLOl9AkE8mAWEzR2fpLjqsErMq6jJWS21yWdNFqb7XLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: EXPIRED
cf-ray: 8300681b5b7b56cc-OSL
expires: Thu, 21 Nov 2024 04:41:23 GMT

GET
H2 200 empty.gif
2img.net/i/fa/ 42 B
653 B 145ms
45ms Image
image/gif 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/empty.gif

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 935620
alt-svc: h3=":443"; ma=86400
content-length: 42
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-2a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6j3jm5YeE4fggcMk%2BVe1vBS45U8W3uI1kaw28iLLDsjr99Vnmghx6jpnVI5JfCcCIQLZtUGSiMfVo%2BYJzrk6IA0DmM1nh9SFB7ai6d9faUHrfaRvvkH%2BxzUHWI%2BxYiPNR3pBn7v%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8300681b6e5556c7-OSL
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.marquee.min.js Show response
illiweb.com/rs3/80/frm/jquery/marquee/ 4 KB
2 KB 46ms
45ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/80/frm/jquery/marquee/jquery.marquee.min.js

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfbed761248e93343233a74b2cd5b0457d0efc8fde33faa7516625d38d8e06e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 596467
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-cache-ne: EXPIRED
last-modified: Tue, 27 Aug 2019 14:00:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQCMB7VvT7d1KoMMoD46JPAb5RBdrfJ7x8Age0xI6wyTGoXyRSWxKdtBoYmb%2FPTBmrM2xzQS69odHqHDP8XPGEZQRkxmj38D5cJHI578l6fQi3A5%2FZZwOr8isyOgBM%2BY%2B7Hft3bKVTTneA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache-pr: EXPIRED
cf-ray: 8300681b5b7f56cc-OSL
expires: Tue, 26 Nov 2024 04:10:44 GMT

GET
H2 200 4vDfd1S.png
i.imgur.com/ 56 KB
56 KB 266ms
128ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/4vDfd1S.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

aa63335d72f22466c8d843a511863c2ab70b45f78762327f25f7f476c5691b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 2937904
x-cache: Miss from cloudfront, HIT, HIT
content-length: 57295
x-served-by: cache-iad-kiad7000048-IAD, cache-fra-etou8220037-FRA
last-modified: Fri, 16 Oct 2020 23:03:28 GMT
server: cat factory 1.0
x-timer: S1701654712.157310,VS0,VE2
etag: "aecc687262b71979aabd942decc2dd01"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: WqyHk-cYMegUcnM0FP2m73GMek7y5X8yx6cQKr8G-bhKdwwGwj8p2Q==
x-cache-hits: 11, 1

GET
H2 200 YlZ9XGi.png
i.imgur.com/ 10 KB
10 KB 266ms
128ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/YlZ9XGi.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8d4be1d589e2c38e01e13bbe021e7602ab71d68ccf87b4b7262256ee2e2dbd8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD55-P2
age: 3401918
x-cache: Miss from cloudfront, HIT, HIT
content-length: 10071
x-served-by: cache-iad-kiad7000068-IAD, cache-fra-etou8220037-FRA
last-modified: Thu, 04 Feb 2021 00:10:24 GMT
server: cat factory 1.0
x-timer: S1701654712.157299,VS0,VE2
etag: "19bf5454345fea8e7adad76792f58128"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: hT8V86PNolRxoHhqkZgSfCjOakS2dEV36Dr7071c5nsWi9u0rlqYYw==
x-cache-hits: 8, 1

GET
H2 200 r4JWTTP.png
i.imgur.com/ 10 KB
10 KB 202ms
64ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/r4JWTTP.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

469004ca5a4d49ab926a8298197c697a03c86ac8e0000c42da0684daf33541d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 1574359
x-cache: Miss from cloudfront, HIT, HIT
content-length: 9955
x-served-by: cache-iad-kiad7000086-IAD, cache-fra-etou8220037-FRA
last-modified: Thu, 04 Feb 2021 00:10:24 GMT
server: cat factory 1.0
x-timer: S1701654712.098182,VS0,VE1
etag: "940f9f6c6b3b0569a5c204bd3d2cab2e"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: pY5LY8qZXoad87vgwssp_e09umenedPTlgI6nna5lH272F9w3oIeMg==
x-cache-hits: 7, 1

GET
H2 200 2NbXtta.png
i.imgur.com/ 3 KB
3 KB 263ms
125ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/2NbXtta.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

daeb8763e702f11617be99418d2cfea9976ac0a101bc2b89151853035c70a831

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 2330823
x-cache: Miss from cloudfront, HIT, HIT
content-length: 3234
x-served-by: cache-iad-kjyo7100107-IAD, cache-fra-etou8220037-FRA
last-modified: Mon, 12 Apr 2021 18:50:04 GMT
server: cat factory 1.0
x-timer: S1701654712.098764,VS0,VE1
etag: "cc60d4657c0b8fa9c187c2d32a93c4ed"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: F6ZdrTWyQqbskaqX3Ua0MIIKw8dj7g3ITDJuFQO8At8XClYwm7dedg==
x-cache-hits: 1, 1

GET
H2 200 kQc0zif.png
i.imgur.com/ 9 KB
10 KB 265ms
127ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/kQc0zif.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

4535a0abb189fb1cde60b84eac5b4068cf2b89ddba532b84ebb040483c972328

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 3979767
x-cache: Miss from cloudfront, HIT, HIT
content-length: 9574
x-served-by: cache-iad-kiad7000154-IAD, cache-fra-etou8220037-FRA
last-modified: Thu, 04 Feb 2021 00:10:24 GMT
server: cat factory 1.0
x-timer: S1701654712.157522,VS0,VE1
etag: "e93af32feceb857ee3357089a12209e6"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 9a6hINILbb4ucMXwWyTxDlfANFaBasWvvpLkqz8pr-09xDBV8MKz9Q==
x-cache-hits: 11, 1

GET
H2 200 WlSKNWC.jpg
i.imgur.com/ 6 KB
6 KB 266ms
129ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/WlSKNWC.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8b59a2c4101fa80d34d331a5830264d467fcd7210668bd10d126c0b814493114

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 3979767
x-cache: Miss from cloudfront, MISS, HIT
content-length: 6338
x-served-by: cache-iad-kiad7000158-IAD, cache-fra-etou8220037-FRA
last-modified: Mon, 04 Jul 2022 09:15:10 GMT
server: cat factory 1.0
x-timer: S1701654712.157625,VS0,VE1
etag: "4844ec5bccc977667a2628bf46426afb"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: N44hXTKxfM9zcF-3J65zc14FhTUs572f3Io6bNXkE0ITumJ4GoMLJQ==
x-cache-hits: 0, 1

GET
H2 200 TlUNPyn.png
i.imgur.com/ 9 KB
9 KB 162ms
128ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/TlUNPyn.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

88f0eb774054ae3e030e172c9d1533a0d673ebb497af9fc7411432ea327255e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: PHL50-C1
age: 3153040
x-cache: Miss from cloudfront, HIT, HIT
content-length: 8949
x-served-by: cache-iad-kjyo7100095-IAD, cache-fra-etou8220037-FRA
last-modified: Thu, 04 Feb 2021 00:10:25 GMT
server: cat factory 1.0
x-timer: S1701654712.157299,VS0,VE2
etag: "397c35a0e5e9082c8fe6ae3ab71b438b"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: n8yS14VtXRScAIa3_7kfRzrF0EKE6nUgCcbW8DoAKHoicC8vTtbykw==
x-cache-hits: 2, 1

GET
H2 200 Tmz22vz.jpg
i.imgur.com/ 7 KB
8 KB 161ms
127ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/Tmz22vz.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

aa2cd7eb141f2f18d9cc574e9adf46249d102910d083515e2632db19f3e9ddbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 3498137
x-cache: Miss from cloudfront, HIT, HIT
content-length: 7604
x-served-by: cache-iad-kjyo7100056-IAD, cache-fra-etou8220037-FRA
last-modified: Thu, 15 Apr 2021 17:19:43 GMT
server: cat factory 1.0
x-timer: S1701654712.157043,VS0,VE1
etag: "c5eb341c05cd5416735c065e8e14eebe"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ChZOsQvPjVO3nGJ6Fezi2gxYypcMH6BGzyx7SBaasFr_HC2628OoAw==
x-cache-hits: 1, 1

GET
H2 200 w6WGTHw.jpg
i.imgur.com/ 1 KB
1 KB 118ms
117ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/w6WGTHw.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

25ea7f3e5d1f671e9ba9dc1bfdcdf03e60643b12fbb6f1cdd4d8f2800e166dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 2632639
x-cache: Miss from cloudfront, HIT, HIT
content-length: 1075
x-served-by: cache-iad-kjyo7100044-IAD, cache-fra-etou8220037-FRA
last-modified: Sun, 18 Mar 2018 11:23:28 GMT
server: cat factory 1.0
x-timer: S1701654712.157177,VS0,VE1
etag: "86143b566c67ff2504bf521797eed700"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: fkz0syRoTGsuoCOM73v77Fg8_bN9XinhchovFBjtjoj8-vupYe-IcQ==
x-cache-hits: 127, 1

GET
H2 200 40x40.gif
i.ibb.co/dK5jxsk/ 68 KB
68 KB 210ms
67ms Image
image/gif 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/dK5jxsk/40x40.gif
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: 113d66123f3bf0754707d0c2375820e261d1606fe15f1fd25f7a264ecd76224d

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
last-modified: Sat, 13 Feb 2021 04:20:24 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 69733
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK cYJxhDKB_o.png
images2.imgbox.com/81/3d/ 3 KB
4 KB 222ms
72ms Image
image/png 212.63.223.227
SPACEDUMP-AS This...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.imgbox.com/81/3d/cYJxhDKB_o.png
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.63.223.227 , Sweden, ASN30880 (SPACEDUMP-AS This ASN is located on STHIX at Tulegatan Stokab, SE),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: fc4c51f62d031c721c987fc0777f5a67e8f85b6f4addca9afb51dccf75a05b8a

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
last-modified: Wed, 01 Dec 2021 20:37:13 GMT
server: nginx/1.22.1
etag: "d5c-5d21ba3867040"
x-cache: HIT
content-type: image/png
cache-control: max-age=10659391
x-whom: srv1583
accept-ranges: bytes
content-length: 3420
expires: Mon, 26 Feb 2024 06:18:38 GMT

GET
H2 200 id2CngE.png
i.imgur.com/ 4 KB
5 KB 121ms
120ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/id2CngE.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

2279000e9df9c4fbb34f60a679b8db45bf4dd5cef2977e6815ffec76573d02c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: MIA3-C4
age: 1659239
x-cache: Miss from cloudfront, HIT, HIT
content-length: 4365
x-served-by: cache-iad-kjyo7100066-IAD, cache-fra-etou8220037-FRA
last-modified: Tue, 02 Feb 2021 11:41:01 GMT
server: cat factory 1.0
x-timer: S1701654712.157627,VS0,VE2
etag: "4c531e383a72a2d60fefccada0bcd1db"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Y2NlAwQLRfPLzkSkJm8I7LsYBMT8sfcrAljH3YL4mKZpwAfINOnI-Q==
x-cache-hits: 12, 1

GET
H2 200 oX9vZQ6.png
i.imgur.com/ 4 KB
4 KB 119ms
118ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/oX9vZQ6.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

5b2e7e4019134af0bdaa2d142cb3a9026b4c3448c933d42fd14e6ef462726ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 3491811
x-cache: Miss from cloudfront, HIT, HIT
content-length: 3956
x-served-by: cache-iad-kcgs7200032-IAD, cache-fra-etou8220037-FRA
last-modified: Fri, 30 Oct 2020 16:06:03 GMT
server: cat factory 1.0
x-timer: S1701654712.156904,VS0,VE2
etag: "6e83696e001d2a18f034d336187a8241"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: PnBkPf8ZYxu2RWTzxyL7Rg41Lfw9WzkdFasI8_OqwmlZUJXmTaXSOg==
x-cache-hits: 79, 1

GET
H2 200 Boton-40.jpg
i.ibb.co/nDd2yss/ 17 KB
17 KB 107ms
67ms Image
image/jpeg 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/nDd2yss/Boton-40.jpg
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: 815108801b3216cafa1073e5c36bd5eaa7c65e9ae52c9089d9a32ededbbd9585

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
last-modified: Wed, 09 Jan 2019 18:28:55 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 17458
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK uCqxRFEl_o.png
images2.imgbox.com/06/5e/ 4 KB
4 KB 187ms
67ms Image
image/png 212.63.223.227
SPACEDUMP-AS This...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.imgbox.com/06/5e/uCqxRFEl_o.png
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.63.223.227 , Sweden, ASN30880 (SPACEDUMP-AS This ASN is located on STHIX at Tulegatan Stokab, SE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 6707d832b84afe0b72624ad981e7af390e60a85b91093022eb8c21529a2a395f

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
last-modified: Sun, 03 Apr 2022 20:28:19 GMT
server: nginx/1.14.2
etag: "fe4-5dbc5da2d5ec0"
x-cache: HIT
content-type: image/png
cache-control: max-age=10448558
x-whom: srv1535
accept-ranges: bytes
content-length: 4068
expires: Mon, 29 Jan 2024 22:10:34 GMT

GET
H2 200 4040.jpg
i.ibb.co/RcGRw5b/ 2 KB
2 KB 107ms
68ms Image
image/jpeg 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/RcGRw5b/4040.jpg
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: 2396627a6c90096ad303fb9e1771cf24b07fdf0d5699a074201df41dba5ae6f7

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
last-modified: Tue, 12 Oct 2021 02:34:20 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 1764
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vkZPpg2s_o.jpg
images2.imgbox.com/bf/65/ 30 KB
30 KB 205ms
68ms Image
image/jpeg 212.63.223.227
SPACEDUMP-AS This...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.imgbox.com/bf/65/vkZPpg2s_o.jpg
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.63.223.227 , Sweden, ASN30880 (SPACEDUMP-AS This ASN is located on STHIX at Tulegatan Stokab, SE),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 6d7b739be649a2a82b5ef5288c9637fe3e942438ce73ebe2a0e713c95285307b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
last-modified: Tue, 03 Aug 2021 13:17:17 GMT
server: nginx/1.22.1
etag: "77bc-5c8a7813e7140"
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=10504642
x-whom: srv1583
accept-ranges: bytes
content-length: 30652
expires: Sat, 24 Feb 2024 10:36:00 GMT

GET
H2 200 9ujoFTu.png
i.imgur.com/ 6 KB
6 KB 117ms
116ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/9ujoFTu.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

ef0f536366caaabe5cff71d77506da2a32a72322afd06010ce463c74faf7ebba

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: MIA3-P4
age: 2789821
x-cache: Miss from cloudfront, HIT, HIT
content-length: 6004
x-served-by: cache-iad-kjyo7100153-IAD, cache-fra-etou8220037-FRA
last-modified: Mon, 29 Dec 2014 03:28:12 GMT
server: cat factory 1.0
x-timer: S1701654712.156893,VS0,VE1
etag: "e8e17d6c2ca6829c2bfe3bd31a4e2b9c"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 9p4dGykaLUWHcQU5nzjRATxQg81qQ82ERvyp4ZMrEsN-zxOULMHHkg==
x-cache-hits: 1, 1

GET
H2 200 yRnr02a.png
i.imgur.com/ 4 KB
4 KB 119ms
118ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/yRnr02a.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

0241319c992caff49d7fd2a9bd5016746cc347f5b48d8c7f46dae3e657fc6fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 3501611
x-cache: Miss from cloudfront, HIT, HIT
content-length: 4106
x-served-by: cache-iad-kcgs7200160-IAD, cache-fra-etou8220037-FRA
last-modified: Sun, 01 Sep 2019 19:08:05 GMT
server: cat factory 1.0
x-timer: S1701654712.156889,VS0,VE2
etag: "2d7a9c11b980f783fed6db2c7f96465d"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 2Ix1Pu2jUKBvxuslP0C6UgN3v0E4OEqBHRsKFTGBjho1JsdYvZyaDg==
x-cache-hits: 46, 1

GET
H2 200 IPgglki.jpg
i.imgur.com/ 3 KB
3 KB 119ms
118ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/IPgglki.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

ced37a1b083d25fd3dbdc30bf935d8d1be7970b4bf3f4b2082f368287f2ed10d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 4629120
x-cache: Miss from cloudfront, HIT, HIT
content-length: 2823
x-served-by: cache-iad-kiad7000087-IAD, cache-fra-etou8220037-FRA
last-modified: Mon, 25 Jul 2022 12:21:04 GMT
server: cat factory 1.0
x-timer: S1701654712.156892,VS0,VE2
etag: "1c95c73178809f455bccd6bc4b17dd50"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: y2Lbn_qoEw1FwKA0UV3WDSWqmrXDI6FW4MtSPMBI9Xcvqc77Y0EcEQ==
x-cache-hits: 212, 1

GET
H2 200 I0bsWkf.png
i.imgur.com/ 3 KB
4 KB 118ms
117ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/I0bsWkf.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

6de5097f93bba9c2a0f9c6d54074d590dc060b150862293699b8ae7a676a76ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 4043923
x-cache: Miss from cloudfront, HIT, HIT
content-length: 3510
x-served-by: cache-iad-kjyo7100146-IAD, cache-fra-etou8220037-FRA
last-modified: Tue, 15 Mar 2022 22:18:46 GMT
server: cat factory 1.0
x-timer: S1701654712.156876,VS0,VE1
etag: "3657106d871061b7e57e5820e402a3b2"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: DVXNzydXs4WEd_Sqp_4CvSrL46SPrFdgQeqwd8x-RGp12NT27LosQw==
x-cache-hits: 7, 1

GET
H2 200 0a8LzwD.jpg
i.imgur.com/ 6 KB
6 KB 117ms
117ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/0a8LzwD.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e23c14cb03cd0b8f3fb4c91f1d649a2cb075953f35c9b63bd5d2753ce57b97d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 2306322
x-cache: Miss from cloudfront, HIT, HIT
content-length: 6238
x-served-by: cache-iad-kiad7000035-IAD, cache-fra-etou8220037-FRA
last-modified: Sat, 10 Oct 2020 02:31:08 GMT
server: cat factory 1.0
x-timer: S1701654712.156851,VS0,VE1
etag: "1690e31971f4bc5c48fa326c47055d03"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 06gFHU8fzTuOfkrEY4FJYkNhP7_uQkUmA0zl3Sb99MDvJBiX21k98Q==
x-cache-hits: 313, 1

GET
H2 200 40x4010.jpg
i.servimg.com/u/f56/20/43/72/05/ 1 KB
2 KB 149ms
48ms Image
image/jpeg 2606:4700:3032::6815:1f9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f56/20/43/72/05/40x4010.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1f9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57d26105ee459ccaed87b824a6228eef4118e9da46ec23cd22e8ab6ee41fa4c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 260793
alt-svc: h3=":443"; ma=86400
content-length: 1399
x-xss-protection: 1; mode=block
last-modified: Wed, 31 Aug 2022 00:41:49 GMT
server: cloudflare
etag: "630eae4d-577"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4AYutBw8jtUhW1WIT6v1gvsIY0jZIgDq7sTB126x2hRVjhaVmDwQi2hepc07aMVeKrG1Nen5L0ilsE2kfphY%2BfNn%2BNPI40yDWMX%2F%2BFE3OlT1cX2vTgtibwbUyoU%2BFYzhX34Y7VCZLZXdgN7d"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8300681efcb2b50f-OSL
expires: Wed, 27 Nov 2024 02:19:51 GMT

GET
H2 200 B50.jpg
i.ibb.co/X3gx205/ 21 KB
21 KB 227ms
226ms Image
image/jpeg 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/X3gx205/B50.jpg
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: 410927534a422aa92916a920f685e329a00b27bd1b4669d1ecd6754f416219f1

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
last-modified: Sun, 20 Mar 2022 01:47:24 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 21248
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK shEDevbS_o.gif
images2.imgbox.com/e7/4d/ 57 KB
57 KB 201ms
158ms Image
image/gif 212.63.223.227
SPACEDUMP-AS This...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.imgbox.com/e7/4d/shEDevbS_o.gif
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.63.223.227 , Sweden, ASN30880 (SPACEDUMP-AS This ASN is located on STHIX at Tulegatan Stokab, SE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 451868198730c374ded8c6f6d5d71e0bea2345827fe6f84bc3dc6d7134a5c729

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
last-modified: Mon, 10 Jul 2023 06:44:32 GMT
server: nginx/1.18.0
etag: "e4a8-6001c509fd400"
x-cache: HIT
content-type: image/gif
cache-control: max-age=10385519
x-whom: srv1535
accept-ranges: bytes
content-length: 58536
expires: Sun, 11 Feb 2024 00:03:27 GMT

GET
H2 200 FNBd8xo.png
i.imgur.com/ 3 KB
4 KB 70ms
70ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/FNBd8xo.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

bd3e01f5d8c7069bc19cc62a89142a300d49d804b192eca0e1ac5e58ba1dcd90

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: PHL50-C1
age: 2825034
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 3541
x-served-by: cache-iad-kiad7000153-IAD, cache-fra-etou8220037-FRA
last-modified: Thu, 27 Apr 2023 14:53:05 GMT
server: cat factory 1.0
x-timer: S1701654712.165695,VS0,VE1
etag: "8f978902762ff3c2764b2f0b88772c2d"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: yZ7IW0ZBjMlCvfdSKNMqzqLYUBdPe_6YAo6hGVk285v16veg-Z2R7w==
x-cache-hits: 204, 1

GET
H2 200 a%3E%20%3Ca%20target=
i.imgur.com/VFKPXQS.jpeg%20/%3E%3C/ 3 KB
3 KB 70ms
70ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/VFKPXQS.jpeg%20/%3E%3C/a%3E%20%3Ca%20target=

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8db79afe7f603aa2fe395de1d165976882126efe16f386432d2ca40c3452f669

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 376918
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 3108
x-served-by: cache-iad-kjyo7100060-IAD, cache-fra-etou8220037-FRA
last-modified: Sat, 12 Aug 2023 21:37:00 GMT
server: cat factory 1.0
x-timer: S1701654712.165693,VS0,VE1
etag: "0c27902bc45aacecee52c8a245abca26"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: IbizPJjLWiU3SnfJW90Uh6-9tQcZhDvGfMAMKDZvPosBTxKgxVwUIw==
x-cache-hits: 9, 1

GET
H2 200 40x40.png
i.postimg.cc/MpKHMRMT/ 4 KB
4 KB 224ms
69ms Image
image/png 162.19.88.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/MpKHMRMT/40x40.png
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221377.ip-162-19-88.eu
Software: nginx /
Resource Hash: 58f412f37d574b4f0cf761101884a6c5a9643cdaf19c2df85a967144c195396e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
last-modified: Sun, 14 Jun 2020 19:57:33 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 4206
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pNczTiQ.jpg
i.imgur.com/ 3 KB
3 KB 78ms
78ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/pNczTiQ.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

0a7e2d37c4e795bfbbb48fc63f1131a5283df54218e0500f84b5cfb171ca0055

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 2918212
x-cache: Miss from cloudfront, HIT, HIT
content-length: 2943
x-served-by: cache-iad-kjyo7100069-IAD, cache-fra-etou8220037-FRA
last-modified: Sat, 12 Feb 2022 19:06:32 GMT
server: cat factory 1.0
x-timer: S1701654712.172039,VS0,VE1
etag: "6e34879e832eaf84261add9385e327c2"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: T9DGUQejdf4De9_sLvkDPtRDdSWx-9c9X1CR8dcVOTa45mvRgvMWXA==
x-cache-hits: 10, 1

GET
H/1.1 200
OK 4CeZnmi2_o.png
images2.imgbox.com/03/78/ 32 KB
32 KB 247ms
178ms Image
image/png 212.63.223.227
SPACEDUMP-AS This...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.imgbox.com/03/78/4CeZnmi2_o.png
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.63.223.227 , Sweden, ASN30880 (SPACEDUMP-AS This ASN is located on STHIX at Tulegatan Stokab, SE),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 20fab67bc698fee846ed5177e20b2fd0f792feef6b9e100a9117d0882a93fde5

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
last-modified: Sat, 19 Nov 2022 02:28:07 GMT
server: nginx/1.22.1
etag: "7f8d-5edc99294fbc0"
x-cache: HIT
content-type: image/png
cache-control: max-age=10683601
x-whom: srv1583
accept-ranges: bytes
content-length: 32653
expires: Mon, 26 Feb 2024 13:02:09 GMT

GET
H2 200 afi-40x40.png
i.ibb.co/NNfwM9b/ 3 KB
4 KB 186ms
185ms Image
image/png 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/NNfwM9b/afi-40x40.png
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: 2cf91454ac9591276ce2591caa9374a593482dc8f3c6b9d801790f73aa6486ce

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
last-modified: Tue, 31 Jan 2023 17:27:32 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3484
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 404
Not Found CN9S2wXU_o.png
images2.imgbox.com/da/73/ 0
0 264ms
152ms Image
text/html 212.63.223.227
SPACEDUMP-AS This...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.imgbox.com/da/73/CN9S2wXU_o.png
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.63.223.227 , Sweden, ASN30880 (SPACEDUMP-AS This ASN is located on STHIX at Tulegatan Stokab, SE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 gIjRTfQ.png
i.imgur.com/ 5 KB
6 KB 130ms
127ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/gIjRTfQ.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

90502c79d6c644699f8a5fff55cb5af1bddbfc970d4268bd7a8e8021a3152905

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 2890049
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 5269
x-served-by: cache-iad-kcgs7200037-IAD, cache-fra-etou8220037-FRA
last-modified: Tue, 09 May 2023 11:20:52 GMT
server: cat factory 1.0
x-timer: S1701654712.191133,VS0,VE2
etag: "54ca6524eda4a180d6debf35e42074e2"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: kiLqBcI5-kpek0qrEc-gNXtK9mHuwuexM313y6aBcl9SPcHhzt3-0Q==
x-cache-hits: 4, 1

GET
H2 200 ps5wvdI.png
i.imgur.com/ 4 KB
4 KB 129ms
125ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/ps5wvdI.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

c048de27eaa61b04063bc24d32978ef8b939ebd989a9f085855059920ec7baa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: MIA3-C4
age: 1500742
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 3781
x-served-by: cache-iad-kiad7000166-IAD, cache-fra-etou8220037-FRA
last-modified: Sat, 05 Aug 2023 19:01:03 GMT
server: cat factory 1.0
x-timer: S1701654712.191128,VS0,VE1
etag: "7dfa822495bd2d8889ae16b1097f2eed"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: oIkO6-USrBz2sT_s812B2RZQ5nuSmLAFBjdQ33v7jJcs2oXvXBTR1Q==
x-cache-hits: 39, 1

GET
H2 200 AQaK39F.png
i.imgur.com/ 4 KB
4 KB 130ms
126ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/AQaK39F.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

18820c7b322c66b1e7647c1d0d5d2f9c6c6faf47c370bda60677dfa4b54ace67

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 3138042
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 4006
x-served-by: cache-iad-kiad7000142-IAD, cache-fra-etou8220037-FRA
last-modified: Wed, 19 Apr 2023 19:08:31 GMT
server: cat factory 1.0
x-timer: S1701654712.191367,VS0,VE1
etag: "b94e304d109f4f3a68dd908db19975f8"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 9BJ4SRLqqpwMW1hMkFy0DBQefHRwllYaf_otxzG9HX9F61iU7W10NQ==
x-cache-hits: 44, 1

GET
H2 200 NVe5IPF.png
i.imgur.com/ 5 KB
5 KB 130ms
127ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/NVe5IPF.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

4e93e03dbbcf0f7d5277fcb4ceb52ddbf97f681b27d8473c5d50a94bc59d58db

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 2863075
x-cache: Miss from cloudfront, HIT, HIT
content-length: 4914
x-served-by: cache-iad-kjyo7100134-IAD, cache-fra-etou8220037-FRA
last-modified: Sat, 10 Aug 2019 04:17:30 GMT
server: cat factory 1.0
x-timer: S1701654712.191360,VS0,VE1
etag: "897c1cbb979ba7d806a75ccf8917f7cf"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: BVl9UhOa0RsZTVp6lbNfKtDXaIMpGgoiz2Vr62lwsUXnvH3vWTnkLQ==
x-cache-hits: 7, 1

GET
H2 200 m75hmyG.png
i.imgur.com/ 2 KB
3 KB 196ms
193ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/m75hmyG.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

26661555150026c5e5cddbfcc2886ad4adc50b7dc60051cc277e64e01a0a36e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 258679
x-cache: Miss from cloudfront, HIT, HIT
content-length: 2353
x-served-by: cache-iad-kcgs7200117-IAD, cache-fra-etou8220037-FRA
last-modified: Mon, 12 Apr 2021 19:53:20 GMT
server: cat factory 1.0
x-timer: S1701654712.192066,VS0,VE95
etag: "9b086c505d94f816950074cc513f48fe"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: -pOa6v5b6oJNp4fcWvdNQMYbLc0WkHB-pbT5O3O5o_ZhThECfkyvmw==
x-cache-hits: 6, 1

GET
H2 200 VBGzoWt.png
i.imgur.com/ 15 KB
15 KB 195ms
192ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/VBGzoWt.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

cd780e9b88fa308d53f0a380590222bb405d10ea4d25bfee3f4e59bcb0e23ea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 972675
x-cache: Miss from cloudfront, HIT, HIT
content-length: 14963
x-served-by: cache-iad-kjyo7100141-IAD, cache-fra-etou8220037-FRA
last-modified: Sat, 04 Dec 2021 19:55:24 GMT
server: cat factory 1.0
x-timer: S1701654712.192570,VS0,VE89
etag: "9e6fc1a5ff90a0242bc6e35ddfe15fd3"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: zIbGzB_GfHenYnGr8maFlN92tmHNW2M0Dw02adERGweA2wdJVWH4dA==
x-cache-hits: 15, 1

GET
H2 200 RlwqGnG.png
i.imgur.com/ 3 KB
3 KB 196ms
193ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/RlwqGnG.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

89a351bfca61b83c4ae700e52d90f3f42e22c6fafecbd8476eaf947e78b86c46

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 235904
x-cache: Miss from cloudfront, MISS, HIT
content-length: 3340
x-served-by: cache-iad-kiad7000072-IAD, cache-fra-etou8220037-FRA
last-modified: Mon, 12 Apr 2021 18:50:05 GMT
server: cat factory 1.0
x-timer: S1701654712.192202,VS0,VE102
etag: "0a1b37f1864b0bdf6287560e21e49067"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: y4uNLrmjmCilXhzqo-wVqqjJzClgNEdh7OCa-9XPt83AXf2XAvazIQ==
x-cache-hits: 0, 1

GET
H2 200 LZ2DK4y.png
i.imgur.com/ 20 KB
20 KB 131ms
128ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/LZ2DK4y.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

0809b7553eeeab54f882ba914450839b76ad2f4a68de2db9516ac7bf422b5813

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 2800233
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 20163
x-served-by: cache-iad-kjyo7100125-IAD, cache-fra-etou8220037-FRA
last-modified: Sun, 01 Oct 2023 20:11:11 GMT
server: cat factory 1.0
x-timer: S1701654712.192293,VS0,VE1
etag: "4354173a1b740fb29a5c6d57e04c87af"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: sUCZd1kNqjWgxBVaRrRoKuJgO1e3HahqO6oYeQUC_9YLE6-1YGmpwA==
x-cache-hits: 43, 1

GET
H2 200 A4nPxsF.png
i.imgur.com/ 7 KB
7 KB 131ms
128ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/A4nPxsF.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

6543458fd7e4af449d0baff67e491f8b62ff42b93f85e0e40e45f14c1f235f64

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 1243804
x-cache: Miss from cloudfront, HIT, HIT
content-length: 6679
x-served-by: cache-iad-kjyo7100170-IAD, cache-fra-etou8220037-FRA
last-modified: Tue, 02 Feb 2021 12:09:06 GMT
server: cat factory 1.0
x-timer: S1701654712.192567,VS0,VE1
etag: "6ab136ddf3b4ae6732f3b8e2ca8f3e9b"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5n3PiWi1rmHRgyw5pNsQan3U_tb12I3dOjO4G3OP-5Ch8i3zq-Px_g==
x-cache-hits: 9, 1

GET
H2 200 YvwTYFk.png
i.imgur.com/ 3 KB
4 KB 130ms
127ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/YvwTYFk.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

0cf5431951b9efa0168aa374e03d08568c8a1895d975c0dde21800f700b87cbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 2863075
x-cache: Miss from cloudfront, HIT, HIT
content-length: 3380
x-served-by: cache-iad-kcgs7200152-IAD, cache-fra-etou8220037-FRA
last-modified: Tue, 02 Feb 2021 12:15:46 GMT
server: cat factory 1.0
x-timer: S1701654712.192256,VS0,VE1
etag: "a7761aa5413be6c8a8709a78c98932db"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: wE4j0AvHKxQPeptcfPne-9vS5QN8fQST9d8Y-11isdLu4Vr5GM9ndw==
x-cache-hits: 8, 1

GET
H2 200 Z38NCuc.png
i.imgur.com/ 1 KB
2 KB 194ms
191ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/Z38NCuc.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

eec081c3c9781fe82a08835d244678bd70368cf110878e11ef5e2b213013cdea

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 169143
x-cache: Miss from cloudfront, HIT, MISS
content-length: 1474
x-served-by: cache-iad-kcgs7200072-IAD, cache-fra-etou8220037-FRA
last-modified: Wed, 06 Oct 2021 08:50:31 GMT
server: cat factory 1.0
x-timer: S1701654712.191960,VS0,VE89
etag: "2de28d17aeea73df2e3a9152c78c63fe"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: yuy2nky82zeinevJKJfOjPFxFf-2v2I3Ved_ngvPLY-GEefYryKNQA==
x-cache-hits: 2, 0

GET
H2 200 Xf78uto.jpg
i.imgur.com/ 4 KB
4 KB 195ms
192ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/Xf78uto.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

5fcd53ac7e7b4537bd04b696865d88ce2226c4d901b8ebc764e9c80c9d489b29

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 2863075
x-cache: Miss from cloudfront, HIT, HIT
content-length: 4320
x-served-by: cache-iad-kjyo7100141-IAD, cache-fra-etou8220037-FRA
last-modified: Tue, 02 Feb 2021 20:56:45 GMT
server: cat factory 1.0
x-timer: S1701654712.191946,VS0,VE91
etag: "a3a4d0ff55d962150408b82ee8f610bd"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: T9Q0AOkESpURFFjya6-zJ5ZZbYkwKyd6wS3yMqEalx84sdLkmA6ynw==
x-cache-hits: 18, 1

GET
H2 200 m5qlurF.jpg
i.imgur.com/ 5 KB
5 KB 130ms
127ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/m5qlurF.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

a35932e2c0e04b7871b7f7308f3e5f419f413eb40a4a8f2a1f3a57726b0f1d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 1510409
x-cache: Miss from cloudfront, HIT, HIT
content-length: 4830
x-served-by: cache-iad-kjyo7100118-IAD, cache-fra-etou8220037-FRA
last-modified: Tue, 02 Feb 2021 20:56:45 GMT
server: cat factory 1.0
x-timer: S1701654712.191944,VS0,VE1
etag: "60023b41b0a1a0cd3dc97df2c363c99a"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: AD080slq-5P2L60QCqfDG2VuXx-AmMb36pdsX9w8eMjjbo0ax5mxFg==
x-cache-hits: 4, 1

GET
H2 200 dPyBi7U.jpg
i.imgur.com/ 4 KB
5 KB 195ms
192ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/dPyBi7U.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

622959372b7560110c365481e0b73c2605b538922dcb6e3431339f142019b31f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 144126
x-cache: Miss from cloudfront, MISS, HIT
content-length: 4536
x-served-by: cache-iad-kjyo7100044-IAD, cache-fra-etou8220037-FRA
last-modified: Tue, 02 Feb 2021 21:34:05 GMT
server: cat factory 1.0
x-timer: S1701654712.191929,VS0,VE94
etag: "465cf7fe69738db74be32f2bbed66f81"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: YOvmkyNpgdZqOlpM_vVOM6fyOLsCXsuy2P9RrsG5Z0CNdnsMhccuQg==
x-cache-hits: 0, 1

GET
H2 200 mvtlLuQ.jpg
i.imgur.com/ 4 KB
5 KB 129ms
126ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/mvtlLuQ.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

a90473d5a061978644f9ca9ae5430bc7e04a480eedb7eeec16ea3e719f1ef355

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: MIA3-C4
age: 2810678
x-cache: Miss from cloudfront, MISS, HIT
content-length: 4305
x-served-by: cache-iad-kcgs7200121-IAD, cache-fra-etou8220037-FRA
last-modified: Tue, 02 Feb 2021 20:56:45 GMT
server: cat factory 1.0
x-timer: S1701654712.191917,VS0,VE0
etag: "53125c6efec0af8fa7e4f619953fc566"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Z9baE_8HaM-tvBGeJKsfW6UVpd69LXHZZ2RVr6TXEziq2lv5i4j0ig==
x-cache-hits: 0, 4

GET
H2 200 iH5TrEr.jpg
i.imgur.com/ 4 KB
5 KB 133ms
130ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/iH5TrEr.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

581c23b8cac849d9a9d0744056412890980f0415bb8cbda775a7607566215e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 3112891
x-cache: Miss from cloudfront, HIT, HIT
content-length: 4517
x-served-by: cache-iad-kjyo7100134-IAD, cache-fra-etou8220037-FRA
last-modified: Tue, 02 Feb 2021 20:56:45 GMT
server: cat factory 1.0
x-timer: S1701654712.219545,VS0,VE1
etag: "da01dc44aea464409609d09b2f2ab77f"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ZvadY2osSBfgNVvXckqW3vcyknByuHaBLYlbR4fqFQP6kjsAl8Esrg==
x-cache-hits: 2, 1

GET
H2 200 bp1fOge.jpg
i.imgur.com/ 5 KB
5 KB 133ms
130ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/bp1fOge.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

9bfbe138e8d225b5e5caed65a0fc376e9bb229760db0840d68df82828c0d59b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: MIA3-C4
age: 1574358
x-cache: Miss from cloudfront, HIT, HIT
content-length: 4632
x-served-by: cache-iad-kcgs7200118-IAD, cache-fra-etou8220037-FRA
last-modified: Tue, 02 Feb 2021 20:56:45 GMT
server: cat factory 1.0
x-timer: S1701654712.219550,VS0,VE1
etag: "90b1dfbc0ecefa2a7e4a5e9eadcf6a0e"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: w1VFM4okWFvx65VYwRDZ2Fk6P1HpOuMKgdYgDfGTNNF2rk6Q4SvpqQ==
x-cache-hits: 1, 1

GET
H2 200 XWY9f2O.jpg
i.imgur.com/ 4 KB
4 KB 239ms
237ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/XWY9f2O.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

3216cfcf76503ad8ee4d91995b9ab9cba3ea2275a62f78fdb2e60abf06bb8769

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 183257
x-cache: Miss from cloudfront, HIT, HIT
content-length: 4231
x-served-by: cache-iad-kcgs7200096-IAD, cache-fra-etou8220037-FRA
last-modified: Tue, 02 Feb 2021 21:27:41 GMT
server: cat factory 1.0
x-timer: S1701654712.219560,VS0,VE89
etag: "4de5a14c52ff9155314c233c9ce08c46"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: d94pNedrkyr_LzvllCARlGKH7y-ji5Im4X5cHQFJqFJXTfPI1Saffg==
x-cache-hits: 3, 1

GET
H2 200 A0V7sMc.jpg
i.imgur.com/ 4 KB
5 KB 132ms
129ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/A0V7sMc.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

d8b7aa72523354265a8e7adce3a890882df4fd8181d4852cd41914b9896f93e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 4081736
x-cache: Miss from cloudfront, HIT, HIT
content-length: 4436
x-served-by: cache-iad-kiad7000042-IAD, cache-fra-etou8220037-FRA
last-modified: Tue, 02 Feb 2021 21:27:41 GMT
server: cat factory 1.0
x-timer: S1701654712.219216,VS0,VE1
etag: "3f7fb2a00051b07d31735ff51516101b"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: JT3FpS8xn64x7ZBk-iO48WE1p9mvyxK-hyUADvj0VpRWrFU_b4efXw==
x-cache-hits: 22, 1

GET
H2 200 p1cekk3.jpg
i.imgur.com/ 4 KB
5 KB 134ms
131ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/p1cekk3.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

23be80c5bbf083dc3d43a64b0bf6092f9219e1902cb2ad4f19bfc7cd438dafb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD55-P2
age: 2228653
x-cache: Miss from cloudfront, HIT, HIT
content-length: 4580
x-served-by: cache-iad-kjyo7100048-IAD, cache-fra-etou8220037-FRA
last-modified: Tue, 02 Feb 2021 20:56:45 GMT
server: cat factory 1.0
x-timer: S1701654712.219523,VS0,VE1
etag: "33a4b0fea0a36381b3dc6c0f66444205"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: cGLjZ18GU6XkWficPuW01AsR1zV6zYKPUomzDjqWn762_XgK-pcllA==
x-cache-hits: 8, 1

GET
H2 200 YPHvoyL.jpg
i.imgur.com/ 4 KB
5 KB 133ms
130ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/YPHvoyL.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

4788bc80399dbf5d9e722250a0f41f76f1abafe6431c3e09d75d60ee25e33d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: ORD56-P6
age: 2722921
x-cache: Miss from cloudfront, HIT, HIT
content-length: 4520
x-served-by: cache-iad-kcgs7200025-IAD, cache-fra-etou8220037-FRA
last-modified: Tue, 02 Feb 2021 20:56:45 GMT
server: cat factory 1.0
x-timer: S1701654712.219234,VS0,VE1
etag: "f8ef294e7a21ff3092332ec26fd85507"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Jp3gDCWyZz-TNwRMpn14LIVbNHAC2YcN9oBbqjV2RR9CaZqWc_niCg==
x-cache-hits: 33, 1

GET
H2 200 45IAbYh.jpg
i.imgur.com/ 4 KB
5 KB 131ms
129ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/45IAbYh.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

89897b20907e2a8abc742770252262b2da428a618aac062806ecf0eab8a1d710

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD55-P4
age: 2461897
x-cache: Miss from cloudfront, HIT, HIT
content-length: 4448
x-served-by: cache-iad-kiad7000122-IAD, cache-fra-etou8220037-FRA
last-modified: Tue, 02 Feb 2021 21:27:41 GMT
server: cat factory 1.0
x-timer: S1701654712.219231,VS0,VE0
etag: "7c2ef419613c1a75a01efd18d155e804"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: RkplrxCNqoKbtd2KfA7b9XJjiuKmksjJNhaHLk3frG7KVa_kW1H6DA==
x-cache-hits: 17, 3

GET
H2 200 ZYYQlRG.jpg
i.imgur.com/ 5 KB
5 KB 133ms
131ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/ZYYQlRG.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

9694e982d8a675026ccc777cfcc8fac73ff151bd76916e89d2f6fc25fd6d1177

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 3299661
x-cache: Miss from cloudfront, HIT, HIT
content-length: 4908
x-served-by: cache-iad-kjyo7100096-IAD, cache-fra-etou8220037-FRA
last-modified: Tue, 02 Feb 2021 21:34:05 GMT
server: cat factory 1.0
x-timer: S1701654712.219218,VS0,VE1
etag: "e53869e86b02c4b785a9cc9cc6cc1a12"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Ui98FyXSUaOKz7nGtwNUiB9R6MRgXgCiWfV4fh6ua0zCpIDiFl1f_Q==
x-cache-hits: 14, 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
81 KB 92ms
90ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TTF1KWE3G4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144386270-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

91bbc8e7f3b8c2cff63a6862c672abc507c6798a7aa7279ff6e820a8311b9df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82515
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 01:51:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 230ms
78ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144386270-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 01:22:36 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1756
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 04 Dec 2023 03:22:36 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/forforumotion-es/ 655 KB
56 KB 397ms
296ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/forforumotion-es/loader.js
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99f74ace0f97d6365cd7a386ae386539aae1627ca31c7bc5ed6af0060dee032f

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: twIiK1iXrT85eQ_jnJDRpX0VFqDDSkK.
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Dec 2023 01:51:52 GMT
x-amz-request-id: FHW937HCE2V2XHCT
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 57212
x-amz-id-2: eF9gK0FT80N7dO6n5/NyBOTO6lkEIoZyTBBpZMJupt5AnntQlhw9kUB+5AainhIatUWgkMdtfPQ=
x-served-by: cache-bma1640-BMA
last-modified: Thu, 30 Nov 2023 11:18:13 GMT
server: AmazonS3
x-timer: S1701654712.310650,VS0,VE249
etag: "9b24681d160f942c7fad8a7b7efcc519"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 53
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 ZG4TYlW.png
i.imgur.com/ 588 B
1 KB 193ms
63ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/ZG4TYlW.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/79-ltr.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

5eba8dde85bf230d52ef0c1553a832dbcee0c561d40f0c1b2dacbd7517a8d0cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD55-P4
age: 2195464
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 588
x-served-by: cache-iad-kiad7000051-IAD, cache-fra-etou8220037-FRA
last-modified: Sun, 01 Oct 2023 19:41:24 GMT
server: cat factory 1.0
x-timer: S1701654712.098283,VS0,VE1
etag: "cf4a915e59385f09d003ef9eca1f8392"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: UMDGoTLxBICnT89czXW-aRbIuRkkOZs3c3pzPN8sMbqRRk7jUXTQDw==
x-cache-hits: 23, 1

GET
H2 200 sprite_prosilver_navbar.png
2img.net/i/fa/ 3 KB
3 KB 45ms
44ms Image
image/png 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/sprite_prosilver_navbar.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/79-ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

913bbda58746d2834fa514a1960eddd741c0dad41288fdcca43afb0203fde631

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 330362
alt-svc: h3=":443"; ma=86400
content-length: 2994
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:50 GMT
server: cloudflare
etag: "5739a89e-bb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ZMmwGqj%2BbEWdkBmDMZYLVuE7BEOWfVRKZ4X4Kf6vBpfvgqbfEDnpJ8aUl9gB0P6pvdUVOKZLf%2B212OMLZQPhCEFpMuk7Clt667rDKozpRHXizIlk5JhJG3oBQrdKPGBmqG8l2gt3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8300681dcef756c7-OSL
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 8ht109c.png
i.imgur.com/ 85 KB
86 KB 241ms
125ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/8ht109c.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

c6709bb8ef59c62f5e929cafc7ec973e05d4ca8f037594f576b33453b1eff0a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD55-P4
age: 2863075
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 87526
x-served-by: cache-iad-kjyo7100093-IAD, cache-fra-etou8220037-FRA
last-modified: Sun, 01 Oct 2023 20:19:38 GMT
server: cat factory 1.0
x-timer: S1701654712.098691,VS0,VE2
etag: "5ae5842b194d09727b8a625b312c9ae5"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: iiUzP4Ff8RduF_w7U9mXG6YjRH786GkMrrwwDVc1CwIhfep_uW0vng==
x-cache-hits: 1, 1

GET
H2 200 WtsqzTX.png
i.imgur.com/ 61 KB
62 KB 337ms
222ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/WtsqzTX.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

2a62b351be4bdb5f8f17f1660094ecdbe9d721468ccdb89aa477ea943f2908ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD55-P4
age: 502294
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 62651
x-served-by: cache-iad-kcgs7200037-IAD, cache-fra-etou8220037-FRA
last-modified: Sun, 01 Oct 2023 20:19:37 GMT
server: cat factory 1.0
x-timer: S1701654712.098217,VS0,VE100
etag: "93e5da9b65b4cfe14678c2f1aee637c2"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: _SImtSAbcW_RGoclYcfQluZzhrskATVzKYiDrpT1zuPuq_t5KNVsyw==
x-cache-hits: 1, 1

GET
H2 200 ZdozNQ0.png
i.imgur.com/ 50 KB
50 KB 187ms
125ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/ZdozNQ0.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8ff4ec3878771bc6c778f2a7d2e94810bb3414063a06de0e0bb4b8119397d34e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD55-P4
age: 1394903
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 51088
x-served-by: cache-iad-kiad7000112-IAD, cache-fra-etou8220037-FRA
last-modified: Sun, 01 Oct 2023 20:19:38 GMT
server: cat factory 1.0
x-timer: S1701654712.098202,VS0,VE2
etag: "41e05ed72a821b6b74613864e8673eb4"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: GsMTEiLyjGHOWhIbXy_0dvG2A9moLGPUYfXmf6lJanugAca7Gl8vMw==
x-cache-hits: 11, 1

GET
H2 200 b8QcnZ3.png
i.imgur.com/ 9 KB
9 KB 108ms
107ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/b8QcnZ3.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

1fa6ba50bf46864a29bb3f0427ef50f814e5811f16dc11e7f7f211a75dd01113

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 5314856
x-cache: Miss from cloudfront, HIT, HIT
content-length: 8885
x-served-by: cache-iad-kcgs7200080-IAD, cache-fra-etou8220037-FRA
last-modified: Mon, 05 Sep 2022 21:05:02 GMT
server: cat factory 1.0
x-timer: S1701654712.219232,VS0,VE1
etag: "32931cf3e3c9ff49b6047a7be63ede1e"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: TUJJCBP_itmC-auhd5MSsS8x8QdrMQYA9HtlTGOzY4aT8uKcfPSacA==
x-cache-hits: 2, 1

GET
H2 200 GuKSyM2.png
i.imgur.com/ 9 KB
9 KB 214ms
214ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/GuKSyM2.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

f71501bf20ed154f83af7eb0e96ed0a5f9cfffafef409c17a8c8d0748355b44a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 2768259
x-cache: Miss from cloudfront, HIT, HIT
content-length: 8944
x-served-by: cache-iad-kjyo7100117-IAD, cache-fra-etou8220037-FRA
last-modified: Mon, 05 Sep 2022 21:00:01 GMT
server: cat factory 1.0
x-timer: S1701654712.219224,VS0,VE93
etag: "d3f2b9138914b12c04e75e5c3acdffef"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: -R3r4_yPxnuU39pDHyK1_PcP18v90IscN8PMSOak7W-9Ij-W5sb8Xg==
x-cache-hits: 2, 1

GET
H2 200 rDIoKpL.png
i.imgur.com/ 94 KB
95 KB 107ms
106ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/rDIoKpL.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

3bdba1708fca0900e998e8bb107349974ababb32730f70317d757f608222e733

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 2228653
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 96713
x-served-by: cache-iad-kcgs7200087-IAD, cache-fra-etou8220037-FRA
last-modified: Sun, 01 Oct 2023 20:27:47 GMT
server: cat factory 1.0
x-timer: S1701654712.218877,VS0,VE2
etag: "33986f1d07543454bff8d62f3b0f86e8"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 0R3HFVyrv-7LSnfGoNw6DPwmIw6V0y3izFo0MqKd58dKD4GVbTtrfg==
x-cache-hits: 27, 1

GET
H2 200 pQuPAWF.png
i.imgur.com/ 8 KB
9 KB 215ms
214ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/pQuPAWF.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

d2dc0309440492775691ca612254b138b72155b43601065d0596721bda7f17d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: MIA3-C5
age: 144126
x-cache: Miss from cloudfront, HIT, HIT
content-length: 8408
x-served-by: cache-iad-kjyo7100156-IAD, cache-fra-etou8220037-FRA
last-modified: Mon, 05 Sep 2022 21:34:13 GMT
server: cat factory 1.0
x-timer: S1701654712.218878,VS0,VE95
etag: "1b73e67717d1e7217cc54e07c1dcb4b2"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: RHwDPtPeISHl_RwXhBF2Vr0Hy7-9YQS33j60UYx_e7c9YUhZ4mt-8g==
x-cache-hits: 14, 1

GET
H2 200 6BeT8nH.png
i.imgur.com/ 8 KB
8 KB 107ms
106ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/6BeT8nH.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

ef8f55cf80a79e162ed9db3b4e1f4fdcd8150212cc71e62f8dbc6a8eab5303c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: MIA3-C5
age: 3401918
x-cache: Miss from cloudfront, HIT, HIT
content-length: 8113
x-served-by: cache-iad-kjyo7100076-IAD, cache-fra-etou8220037-FRA
last-modified: Mon, 05 Sep 2022 21:40:20 GMT
server: cat factory 1.0
x-timer: S1701654712.218878,VS0,VE1
etag: "5523ed8c500eebba8f3332a6ff1b12fa"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ry69lZFl-DCf1x90ho0OkP679UFfsYLzpZ9VnsnIc32h66H0NwY08w==
x-cache-hits: 24, 1

GET
H2 200 yVmdDpe.png
i.imgur.com/ 8 KB
9 KB 106ms
105ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/yVmdDpe.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

4d1d681f8d4db5bd42930fc6a1125452b4216a870b35ce8ed8e030b60cbba257

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: MIA3-C5
age: 3401918
x-cache: Miss from cloudfront, MISS, HIT
content-length: 8539
x-served-by: cache-iad-kjyo7100092-IAD, cache-fra-etou8220037-FRA
last-modified: Mon, 05 Sep 2022 21:34:13 GMT
server: cat factory 1.0
x-timer: S1701654712.218847,VS0,VE1
etag: "1888febb2bf31feca2d2d35824b70bd4"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: OEOWhCmtq2BxgOJESM9a7EOMvOQzL3PvkjpcjMgDtCUgjGUuTyOCew==
x-cache-hits: 0, 1

GET
H2 200 nadeRSC.png
i.imgur.com/ 64 KB
64 KB 214ms
214ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/nadeRSC.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

f9422049f92a5ad49906bf19f158f59c8b3de1bc3f913493ae57a5d25c9b2b1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 2891062
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 65620
x-served-by: cache-iad-kjyo7100065-IAD, cache-fra-etou8220037-FRA
last-modified: Sun, 01 Oct 2023 20:19:38 GMT
server: cat factory 1.0
x-timer: S1701654712.218827,VS0,VE94
etag: "e73c6a536628abae1d2fb6c97dfbc606"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: FY16diLwUff86AGKZiHZeFrgYFDArKPXnYFd6TEhFtoq3fyk-aJwSw==
x-cache-hits: 1, 1

GET
H2 200 AwQy0NK.png
i.imgur.com/ 655 KB
656 KB 163ms
129ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/AwQy0NK.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/79-ltr.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

cec247e60950dc1d7beafc25b56c0c03ef6b6598906b236d7597de764569f0a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 4095745
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 670969
x-served-by: cache-iad-kjyo7100130-IAD, cache-fra-etou8220037-FRA
last-modified: Sun, 01 Oct 2023 19:42:16 GMT
server: cat factory 1.0
x-timer: S1701654712.157310,VS0,VE3
etag: "ed79f26ac5df61b60e58d1c8203a8482"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: YillZ_bVm5hH5jiLqEqQcCSzTVzbZKzn6W-LsOiNYbHKRkjUY3GI7Q==
x-cache-hits: 1, 1

GET
H2 200 cdopshY.jpg
i.imgur.com/ 37 KB
37 KB 131ms
70ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/cdopshY.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

aa6570731c13de733fff4fbdf05a626778826fa5260153780ffc36c4678b4262

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 2295383
x-cache: Miss from cloudfront, HIT, HIT
content-length: 38109
x-served-by: cache-iad-kjyo7100096-IAD, cache-fra-etou8220037-FRA
last-modified: Thu, 28 Jan 2021 18:52:33 GMT
server: cat factory 1.0
x-timer: S1701654712.098189,VS0,VE1
etag: "db14d7da061bea5c79b4ef40b5329adb"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: bGHR5uCbOVnvM4Sx_E4dkeMbbjor2wb-yC48qX9svHdh1oXm7_tnEw==
x-cache-hits: 1, 1

GET
H2 200 Bdytjbv.jpg
i.imgur.com/ 41 KB
41 KB 329ms
268ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/Bdytjbv.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8646338e63dab5aa92cb03d1f9f30c9ea421a97f3b10956cd6c465b4caeff549

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 502294
x-cache: Miss from cloudfront, HIT, HIT
content-length: 41661
x-served-by: cache-iad-kiad7000071-IAD, cache-fra-etou8220037-FRA
last-modified: Tue, 02 Feb 2021 00:42:14 GMT
server: cat factory 1.0
x-timer: S1701654712.157334,VS0,VE89
etag: "4332386acb9bdc5f6e17f6abe331d396"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: BBvXZmpZodASWV9h_gsFhxoV6VGNIdTQ9uqCXOVWcYY7OI772DTHYg==
x-cache-hits: 18, 1

GET
H2 200 butSVkW.jpg
i.imgur.com/ 48 KB
48 KB 330ms
269ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/butSVkW.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

237c5f6e3296b474d6e5d63a047f2ffa2ca358ba3abf35abbb4cfa94c2a10b07

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: PHL50-C1
age: 1762026
x-cache: Miss from cloudfront, HIT, MISS
content-length: 48738
x-served-by: cache-iad-kiad7000065-IAD, cache-fra-etou8220037-FRA
last-modified: Tue, 26 Jan 2021 23:28:50 GMT
server: cat factory 1.0
x-timer: S1701654712.157729,VS0,VE89
etag: "ed25ba57ba3ede26fbb4678a2cec46c1"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: prDvOg0YpaQljipZo18ST_sMQcmx6RNgRZwb2Tx4OSRV2J86AGzqOQ==
x-cache-hits: 20, 0

GET
H2 200 RBMFDok.jpg
i.imgur.com/ 28 KB
28 KB 283ms
222ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/RBMFDok.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

bd3374c999d05a15268100e1b8803de010594096d082250e4677e03bf9ea50f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD61-P2
age: 2810678
x-cache: Miss from cloudfront, HIT, HIT
content-length: 28877
x-served-by: cache-iad-kcgs7200045-IAD, cache-fra-etou8220037-FRA
last-modified: Sun, 31 Jan 2021 18:06:35 GMT
server: cat factory 1.0
x-timer: S1701654712.098182,VS0,VE96
etag: "6f2ab683a9f35d594531015af5d4e522"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 3oJKlXQc4RKKNEXBQ5gFYkzAhxvkRMkvufjTBwLp1iNIhbjDeIEubQ==
x-cache-hits: 14, 1

GET
H2 200 p9gngiG.jpg
i.imgur.com/ 40 KB
40 KB 190ms
129ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/p9gngiG.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

d8aeabcc4f93b0b423d0b1ef7a96340f5ef2a871f115a584ee8c9b54f9539c39

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 2295378
x-cache: Miss from cloudfront, HIT, HIT
content-length: 41231
x-served-by: cache-iad-kiad7000171-IAD, cache-fra-etou8220037-FRA
last-modified: Sun, 31 Jan 2021 18:32:44 GMT
server: cat factory 1.0
x-timer: S1701654712.157699,VS0,VE2
etag: "2579ea5c794a9553232995189dfdbf31"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Hn8utXO8isqTvn7CT9mbF6HTA7pVV9svZZGcF7f2Z_F3aBurM4QceA==
x-cache-hits: 9, 1

GET
H2 200 kf3sAvV.jpg
i.imgur.com/ 45 KB
46 KB 213ms
213ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/kf3sAvV.jpg

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

2a3cdf2d3a89826fbcc79e54ba1b5864be337354a179548786a87cb2421528e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: PHL50-C1
age: 502294
x-cache: Miss from cloudfront, HIT, HIT
content-length: 46450
x-served-by: cache-iad-kjyo7100125-IAD, cache-fra-etou8220037-FRA
last-modified: Mon, 01 Feb 2021 02:02:29 GMT
server: cat factory 1.0
x-timer: S1701654712.218813,VS0,VE87
etag: "f46e29f319191e4d4a1e79f182ffe506"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: KeSQAzHxvBcYg93ff-WJzypsLynSwYnfvW80tiZ0ytPZKRgE3R4GDQ==
x-cache-hits: 1, 1

GET
H2 200 RWmMoKWR9v4ksMfaWd_JN9XFiaQ.woff2
fonts.gstatic.com/s/greatvibes/v18/ 34 KB
35 KB 236ms
75ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/greatvibes/v18/RWmMoKWR9v4ksMfaWd_JN9XFiaQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Great+Vibes&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4828fd073a3b3ae17675d358262414d34cee95b4b94a4ab41a8e335a2015eb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://himitsu-no-pettoakad.foroactivo.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:42:09 GMT
x-content-type-options: nosniff
age: 310183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34860
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:37:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 11:42:09 GMT

GET
H3 200 wO2QcA2.png
2img.net/i.imgur.com/ 412 B
974 B 232ms
232ms Image
image/png 2606:4700:3038::6815:eb4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i.imgur.com/wO2QcA2.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cc1b84c554450964ebba0dd7777e155c15aa42cfda52da30fd1b6ec107ebd12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 412
x-xss-protection: 1; mode=block
last-modified: Sat, 16 Nov 2019 23:22:38 GMT
server: cloudflare
etag: "5dd084be-19c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2F1jaj30MbiUS2HOs%2BzvuDgkNCidHDo1ho0uLHDAPKT0eQpihkJFuF%2Bz0%2BAiykT8dilwfRTpLeuH1BXEXC0uZGr2UphuLwONBkRyZ%2FFUiTq0pUKtmIAJVBstPMtVpS3YfR6tHGTPFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8300681e3ab856c6-OSL
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 connect.js Show response
connect.topicit.net/scripts/ 3 KB
2 KB 136ms
45ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.topicit.net/scripts/connect.js

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5613
cf-polished: origSize=5437
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
server: cloudflare
etag: W/"5d653880-153d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GNtfSjqGEHwSGNQYf16ICq3dw%2FsDkvdFSJJvtBZ%2F%2Bb6ebpIdY1AQLEqxneO3xzb7THHHW3OlwpqcmobIzPyImfjeF%2BwUcEX7%2BfbXYdihUW7jptpVYefTKyNQjeSxx0IZwGIBu9RTlSG7rlRQs4KcwDC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 8300681edf670b61-OSL

POST
H2 200 webpush_register.php Show response
himitsu-no-pettoakad.foroactivo.com/ajax/ 25 B
176 B 124ms
124ms Fetch
text/html 94.23.76.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsu-no-pettoakad.foroactivo.com/ajax/webpush_register.php

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.23.76.111 Lisbon, Portugal, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

1d7e58ef8b62b2bba5098f53f4b7ef34580ca1ce21175bb26b23b3e0d803601d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 04 Dec 2023 01:51:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1
content-type: text/html

POST
H2 204 collect
region1.analytics.google.com/g/ 0
267 B 159ms
56ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-TTF1KWE3G4&_ono=1&gtm=45je3bt0v9122948090&_p=1701654711919&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1786180439.1701654712&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1701654712&sct=1&seg=0&dl=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F&dt=Himitsu%20No%20Pettoakademi&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1410
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TTF1KWE3G4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 200ms
66ms Ping
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-TTF1KWE3G4&cid=1786180439.1701654712&gtm=45je3bt0v9122948090&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TTF1KWE3G4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 280ms
84ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-TTF1KWE3G4&cid=1786180439.1701654712&gtm=45je3bt0v9122948090&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1275498346

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pre.js Show response
ac.aruncdn.com/j/prebid/ 488 KB
149 KB 242ms
84ms Script
application/javascript 2606:4700:20::681a:e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ac.aruncdn.com/j/prebid/pre.js?411

Requested by

Host: ac.audiencerun.com
URL: https://ac.audiencerun.com/j/tag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59be6742c628fe76d51bfb638199f9b1b8520a044891ad6e131ccb934bcc5703

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
x-amz-version-id: QXvy0DHU53sovqT06wVzQ9zdaI48I6YS
via: 1.1 becf925bc0f305e6c4ad68e689dcc2ba.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: LHR50-P6
age: 1070644
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 21 Nov 2023 16:19:01 GMT
server: cloudflare
etag: W/"e6c0e7c9fe33476e322e62e9e9bc46ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bgY810Vsbd1NImho6eNJHjxsl0q7uV%2FhFYVJPqGOCMIXvMtcKN2ZnVzCNIvPEzU3O9rMrRFnOjeDn1Bnx1IHVtgkoLmrCoNmG0g%2FHxwhvEbTVnZjeWX0FtrFXqMUGnr8aDBviG2Ddg424%2FdS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 830068200d886317-LHR
x-amz-cf-id: 5GHAGJaY8h0NHuXmYOIxUIU9FM0a82gHESKn_jKv5rslb-qnA2_htw==

GET
H2 200 ima3.js
imasdk.googleapis.com/js/sdkloader/ 0
126 KB 249ms
80ms Other
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ac.audiencerun.com
URL: https://ac.audiencerun.com/j/tag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128094
x-xss-protection: 0
expires: Mon, 04 Dec 2023 01:51:52 GMT

GET
H2 200 player.js
ac.aruncdn.com/f/nat/ 0
4 KB 89ms
89ms Other
application/javascript 2606:4700:20::681a:e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ac.aruncdn.com/f/nat/player.js?3
Requested by: Host: ac.audiencerun.com
URL: https://ac.audiencerun.com/j/tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
x-amz-version-id: u9dQ_Gc25xua4tlSLKp6SuKrSGRMS2H4
via: 1.1 becf925bc0f305e6c4ad68e689dcc2ba.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR50-P6
age: 502933
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Nov 2023 16:28:15 GMT
server: cloudflare
etag: W/"69624877c62cb83429ed5b682551fc5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CcHeNgAjwb5e1Nb3JiNjeL2aMH3ueCNJRn%2BAqDBQOpGL1XvWW2s7S3AFzT2q8RaCZBfZA4RUvXIOZaaj3iNcdU5K4ha4F%2BNEkhyMyqwcgNFWFzGm%2FeiI84tuhsEu1AZgeolXxiOcjRnAPIz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 830068208df96317-LHR
x-amz-cf-id: HRiM8sOSLvKsZ-cc9u_USEy0tZRf2VOPw_vZmYz4NzUqKWOULr_fUw==

GET
H2 200 gdpr Show response
ac.audiencerun.com/ 1 B
332 B 191ms
64ms XHR
text/plain 2600:9000:225e:c00:1c:96c8:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ac.audiencerun.com/gdpr
Requested by: Host: ac.audiencerun.com
URL: https://ac.audiencerun.com/j/tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c00:1c:96c8:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:51:38 GMT
audiencerun-country: NO
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P4
age: 226814
x-cache: Hit from cloudfront
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
audiencerun-time: 2023-12-01T10:51:38.698Z
content-length: 1
x-amz-cf-id: pX1OFbmvR9zIWcoe3sISa9UMfd_OtIWzz7Dr_hOeTMvVkVGF56ZNwg==

GET
H2 200 Montserrat-SemiBold.woff2
ac.aruncdn.com/f/nat/fonts/ 81 KB
81 KB 819ms
666ms Font
binary/octet-stream 2606:4700:20::681a:e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ac.aruncdn.com/f/nat/fonts/Montserrat-SemiBold.woff2
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4752c0bd33f8dc2e48f01bfad4dbc2ec5dfecbb07213ea9a8895230b76dc44ff

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Origin: https://himitsu-no-pettoakad.foroactivo.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
x-amz-version-id: bGSFcPeEIukFyb6e6Hd38PsZi6qWxhkl
via: 1.1 fbdced4408c54e0099373c9b5b289c8e.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR50-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 82620
last-modified: Wed, 22 Nov 2023 16:28:15 GMT
server: cloudflare
etag: "b4f9714141878f10bbf0b8ab6e143717"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YejNVdT4sOZW5F8LLrlkFjs04yAGoKQJrSLDvobI0KPUHQmr6R3BIL%2FYUzwdI7ynKqFBu9r6LRI%2B0WP92sGwhaZnsdU5Bkj5nn%2BUA5TzwpJ0l4qnn8cHkzaVJdnraIQM33sMWKsK7XsH2qXu"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 830068200b387732-LHR
x-amz-cf-id: diPhEZw0Xt-rMhN-aHliyC29UnJ8I1gE_eOiVp8DBLS5tXx730UNgg==

GET
H2 200 Montserrat-Medium.woff2
ac.aruncdn.com/f/nat/fonts/ 18 KB
19 KB 633ms
486ms Font
binary/octet-stream 2606:4700:20::681a:e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ac.aruncdn.com/f/nat/fonts/Montserrat-Medium.woff2
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Origin: https://himitsu-no-pettoakad.foroactivo.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
x-amz-version-id: wkMQZroSsg2ZSx59bnMNruMDVe1aQuLJ
via: 1.1 becf925bc0f305e6c4ad68e689dcc2ba.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR50-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 18728
last-modified: Wed, 22 Nov 2023 16:28:15 GMT
server: cloudflare
etag: "f0f2716c5fe401d175b88715e7d28685"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4goqeKSYnwHUGTMiZGxVcdymeHoAt%2Bsve7RywuhhhV%2Bws%2FwKuZc%2BVT57Q0nFqAdS9wLiumGLdSKbkiTjKqfr1tmgiMBVuDDM%2F5e96wxhvZ1VoclvmJVQMkJq%2BNIwtz9i9jTCcMU0E7SBASo"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 830068200b3b7732-LHR
x-amz-cf-id: R6_ChrMxk7qLgdZIs8EwznY7FchQ3tkoA1iQHeVfeTU_LZ-LXtplMw==

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
214 B 229ms
74ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=144&profileId=206&cb=46849199418

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
date: Mon, 04 Dec 2023 01:51:51 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 64ms
62ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 28 Nov 2024 01:51:52 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 64ms
63ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 28 Nov 2024 01:51:52 GMT

GET
H2 200 light Show response
connect.topicit.net/button/ Frame 1B75 4 KB
2 KB 250ms
249ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.topicit.net/button/light?id=topicit-connect-0&redirect=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F&lang=es&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2Ftopicit%2Findex.php%2Fconnect&version=1

Requested by

Host: connect.topicit.net
URL: https://connect.topicit.net/scripts/connect.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

075cf79f6bc1c5bc0632bbb95eb107694b5193965e14e5b00d1ad70956d8ee5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status: DYNAMIC
cf-ray: 8300681f3f7f0b61-OSL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 01:51:52 GMT
expires: Mon, 04 Dec 2023 00:00:00 GMT
last-modified: Mon, 04 Dec 2023 01:51:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Fjqj7wQVyd0Dm%2B31rnYbgPJqgl5%2BFSzcQGo80pVLWOj7Yb%2FvnfndTK6WiuqzjbHdfIPA5Qgj90H%2F%2FECIzlAMIE4dULtWXknl3Bbj1F0t2fZgFEhyohswf5ydsIXTsoYVK%2B0VmGGJPJb%2Bs5fuESjazFp"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache-ne: MISS
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 5eyky1py1w Show response
d.audiencerun.com/c/ 12 KB
3 KB 790ms
252ms Script
application/javascript 3.20.201.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.audiencerun.com/c/5eyky1py1w?rid=f23b8770-e5c3-4082-b085-1770c2dc535d&spu=3d31afd2-c810-4e79-8965-68163bf40199&sui=5eaf59ed-ac55-4419-a378-e12df50e2a38&s=null&a=1&msk=null&m=null&v=1.2.18&d=1701654712140&r=&vu=&dv=desktop&os=windows&br=chrome%2F119.0&ce=1&sr=1600x1200&o=portrait&tz=1%20GMT&ul=en&inf=0&ift=&amp=0&url=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F&es5=0&gdpr=0&gdpr_consent=
Requested by: Host: ac.audiencerun.com
URL: https://ac.audiencerun.com/j/tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.201.250 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-201-250.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 5aa4c0e197e3bf331fdfdc68769bb094d6e52cc32c83f6aec7084fcdf521b9b8

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:53 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
report-to: { "url": "https://d.audiencerun.com/reports", "max_age": 10886400, "include_subdomains":true }
p3p: policyref="https://www.audiencerun.com/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI"
content-type: application/javascript
timing-allow-origin: *

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/forforumotion-es/ Frame DAD5 655 KB
56 KB 173ms
172ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/forforumotion-es/loader.js
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99f74ace0f97d6365cd7a386ae386539aae1627ca31c7bc5ed6af0060dee032f

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: twIiK1iXrT85eQ_jnJDRpX0VFqDDSkK.
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Dec 2023 01:51:52 GMT
x-amz-request-id: FHW937HCE2V2XHCT
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 57212
x-amz-id-2: eF9gK0FT80N7dO6n5/NyBOTO6lkEIoZyTBBpZMJupt5AnntQlhw9kUB+5AainhIatUWgkMdtfPQ=
x-served-by: cache-bma1640-BMA
last-modified: Thu, 30 Nov 2023 11:18:13 GMT
server: AmazonS3
x-timer: S1701654712.438637,VS0,VE121
etag: "9b24681d160f942c7fad8a7b7efcc519"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 62
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/forforumotion-es/ Frame 6853 656 KB
57 KB 247ms
247ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/forforumotion-es/loader.js
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0fec9134da627b9136aa49887ca2ad7c3b4bdc241e89872faf170d6727412b28

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: twIiK1iXrT85eQ_jnJDRpX0VFqDDSkK.
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Dec 2023 01:51:52 GMT
x-amz-request-id: AE8E80Q07HGBR68W
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-from-cache: 1
x-envoy-upstream-service-time: 17
x-amz-replication-status: FAILED
content-length: 57561
x-amz-id-2: bQlnGjSri0QIgZR1yNAexI1mQa+71+31eOQzstgrx3+QrWZYYnXdpMHCsqWduWHYfovl/Xv1VP4=
x-served-by: cache-bma1640-BMA
last-modified: Sun, 03 Dec 2023 21:32:21 UTC
server: nginx
x-timer: S1701654712.455445,VS0,VE110
etag: "386ea4b138796bd3eb10a8834a37aaab92984f47"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 19
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/forforumotion-es/ Frame 67FB 656 KB
57 KB 262ms
261ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/forforumotion-es/loader.js
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b04453744d90009662bff3f5bb7d2463f99765551150b21ee489199f824c2267

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: twIiK1iXrT85eQ_jnJDRpX0VFqDDSkK.
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Dec 2023 01:51:52 GMT
x-amz-request-id: MTG7XZ5GXMPECAD5
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-from-cache: 1
x-envoy-upstream-service-time: 17
x-amz-replication-status: FAILED
content-length: 57697
x-amz-id-2: 1UW2BWj0wZTR4DcAgUQguegG3gN2P45jimtfaRBk/Vz/aA4Lwa+58wROOaL/4gxnI8a/ryFjzkI=
x-served-by: cache-bma1640-BMA
last-modified: Mon, 04 Dec 2023 01:51:52 UTC
server: nginx
x-timer: S1701654712.461867,VS0,VE213
etag: "5629145993f3083af49002d04c63fb00dd10eca8"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 5
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 events
bidder.criteo.com/csm/ 0
213 B 64ms
64ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
date: Mon, 04 Dec 2023 01:51:51 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H3 200 icon-white50x50.png
connect.topicit.net/images/connect-button/ Frame 1B75 824 B
1 KB 45ms
45ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.topicit.net/images/connect-button/icon-white50x50.png

Requested by

Host: connect.topicit.net
URL: https://connect.topicit.net/button/light?id=topicit-connect-0&redirect=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F&lang=es&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2Ftopicit%2Findex.php%2Fconnect&version=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

657f1a41d08d069639dd6313ea2f8c0cf7089e4c1967d3930c467864641149ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://connect.topicit.net/button/light?id=topicit-connect-0&redirect=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F&lang=es&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2Ftopicit%2Findex.php%2Fconnect&version=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4561
alt-svc: h3=":443"; ma=86400
content-length: 824
x-xss-protection: 1; mode=block
last-modified: Fri, 06 Oct 2017 14:06:27 GMT
server: cloudflare
etag: "59d78de3-338"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDUUIMZKLOIGAq96aJ3WLxb1%2Brgpnge9A9mHhgHq1Q69vR035sBx5no9NavkOYqDPQ%2BkKRsWFPC7sOFxJKJiSJ%2F4xPBZsCKe6mxsuJc7PCeG6gsZSCdxZoM4b7SGmeTbkVLhcWBOl29adrjiOWoiBccH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 830068210c11568a-OSL

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
220 B 80ms
79ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=829964317&t=pageview&_s=1&dl=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F&ul=en-us&de=UTF-8&dt=Himitsu%20No%20Pettoakademi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1572281040&gjid=17159388&cid=1786180439.1701654712&tid=UA-144386270-1&_gid=177237446.1701654712&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1559421731

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 67ms
66ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-144386270-1&cid=1786180439.1701654712&jid=1572281040&gjid=17159388&_gid=177237446.1701654712&_u=YADAAUAAAAAAACAAI~&z=1822057311

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 04 Dec 2023 01:51:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 245ms
87ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-144386270-1&cid=1786180439.1701654712&jid=1572281040&_u=YADAAUAAAAAAACAAI~&z=575229343

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 84ms
83ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-144386270-1&cid=1786180439.1701654712&jid=1572281040&_u=YADAAUAAAAAAACAAI~&z=575229343

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl.20231130-4-RELEASE.js Show response
cdn.taboola.com/libtrc/ 819 KB
170 KB 47ms
46ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231130-4-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forforumotion-es/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: dd47e8207f473968755aaae3dd27589e10cca8b3b79cef6ea33f269f3db79385

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: 78p2aVtTtViJKYgws4AVt.4HyQIYdR3I
content-encoding: br
via: 1.1 varnish
date: Mon, 04 Dec 2023 01:51:52 GMT
x-amz-request-id: GRYB5Q366GWHBFSX
age: 3027
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 173835
x-amz-id-2: r2S2oQEGU17UdrjF9uBwQ1LLzxQARFXLajhPE+aMWTxIXHPH+uP6EX19iUuvgg52wFFf/uQY1Jk=
x-served-by: cache-bma1640-BMA
last-modified: Thu, 30 Nov 2023 08:50:29 GMT
server: AmazonS3-br
x-timer: S1701654713.708715,VS0,VE0
etag: "d71e9964fd0217606f5d1b4136d87d06"
vary: Accept-Encoding
content-type: application/javascript
abp: 6
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 477

GET
H2 200 impl.20231130-4-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame DAD5 819 KB
170 KB 55ms
54ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231130-4-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forforumotion-es/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: dd47e8207f473968755aaae3dd27589e10cca8b3b79cef6ea33f269f3db79385

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: 78p2aVtTtViJKYgws4AVt.4HyQIYdR3I
content-encoding: br
via: 1.1 varnish
date: Mon, 04 Dec 2023 01:51:52 GMT
x-amz-request-id: GRYB5Q366GWHBFSX
age: 3027
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 173835
x-amz-id-2: r2S2oQEGU17UdrjF9uBwQ1LLzxQARFXLajhPE+aMWTxIXHPH+uP6EX19iUuvgg52wFFf/uQY1Jk=
x-served-by: cache-bma1640-BMA
last-modified: Thu, 30 Nov 2023 08:50:29 GMT
server: AmazonS3-br
x-timer: S1701654713.736918,VS0,VE0
etag: "d71e9964fd0217606f5d1b4136d87d06"
vary: Accept-Encoding
content-type: application/javascript
abp: 95
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 478

GET
H2 200 impl.20231130-4-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 6853 819 KB
170 KB 48ms
47ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231130-4-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forforumotion-es/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: dd47e8207f473968755aaae3dd27589e10cca8b3b79cef6ea33f269f3db79385

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: 78p2aVtTtViJKYgws4AVt.4HyQIYdR3I
content-encoding: br
via: 1.1 varnish
date: Mon, 04 Dec 2023 01:51:52 GMT
x-amz-request-id: GRYB5Q366GWHBFSX
age: 3027
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 173835
x-amz-id-2: r2S2oQEGU17UdrjF9uBwQ1LLzxQARFXLajhPE+aMWTxIXHPH+uP6EX19iUuvgg52wFFf/uQY1Jk=
x-served-by: cache-bma1640-BMA
last-modified: Thu, 30 Nov 2023 08:50:29 GMT
server: AmazonS3-br
x-timer: S1701654713.771164,VS0,VE0
etag: "d71e9964fd0217606f5d1b4136d87d06"
vary: Accept-Encoding
content-type: application/javascript
abp: 64
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 479

GET
H2 200 tr5
cdn.taboola.com/libtrc/ Frame 67FB 3 B
95 B 47ms
46ms Image
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=verify-ri-changes_ctrl
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by: cache-bma1640-BMA
date: Mon, 04 Dec 2023 01:51:52 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1701654713.792338,VS0,VE0
x-cache: HIT
content-type: text/html
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H2 200 impl.20231130-25-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 67FB 819 KB
170 KB 47ms
46ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231130-25-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forforumotion-es/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 6f4710023a3d22901952b1c3055c876f69ca755a7f634b246a98d2c0a4404b1c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: 0x1FWYzfAW_f6VF197xSuJTHVNrCW0EE
content-encoding: br
via: 1.1 varnish
date: Mon, 04 Dec 2023 01:51:52 GMT
x-amz-request-id: R8SF1MYJWZM4S63X
age: 3029
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 173844
x-amz-id-2: NS72d/2sW3tUEqJ1CWOOFYNQ/ciGZ5pHQ8H3TC8DxFA7tc18mlLeWGAMYb+eyrwo926uD1jABSs=
x-served-by: cache-bma1640-BMA
last-modified: Thu, 30 Nov 2023 14:38:26 GMT
server: AmazonS3-br
x-timer: S1701654713.809281,VS0,VE0
etag: "49897edd5ec710633a707fdc256518a7"
vary: Accept-Encoding
content-type: application/javascript
abp: 3
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 4

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
287 B 193ms
64ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231130-4-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 249377
expires: 60

GET
H2 200 sync Show response
gum.criteo.com/ Frame DAD5 46 B
288 B 165ms
63ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231130-4-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 223501
expires: 60

GET
H2 200 json Show response
trc.taboola.com/forforumotion-es/trc/3/ Frame DAD5 5 KB
3 KB 360ms
344ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/forforumotion-es/trc/3/json?tim=02%3A51%3A52.850&lti=deflated&data=%7B%22id%22%3A781%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1701343087590%2C%22vi%22%3A1701654712847%2C%22cv%22%3A%2220231130-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A728%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A90%2C%22dw%22%3A728%2C%22dh%22%3A90%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A0%2C%22mw%22%3A728%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231130-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 695a4f2c4a7fb70469cd26498a53a9e99d583a476f1f7f2447a481c5ca3d914b

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 298
date: Mon, 04 Dec 2023 01:51:53 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.18104166666666666
x-fastly-to-nlb-rtt: 93202
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-bma1640-BMA
x-log-content-encoding: gzip
server: nginx
x-timer: S1701654713.887320,VS0,VE298
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 sync Show response
gum.criteo.com/ Frame 6853 46 B
287 B 145ms
64ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231130-4-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 265517
expires: 60

GET
H2 200 json Show response
trc.taboola.com/forforumotion-es/trc/3/ Frame 6853 30 KB
9 KB 672ms
671ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/forforumotion-es/trc/3/json?tim=02%3A51%3A52.868&lti=deflated&data=%7B%22id%22%3A926%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1701343087590%2C%22vi%22%3A1701654712847%2C%22cv%22%3A%2220231130-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-300x250%3Aabp%3D0%22%2C%22uip%22%3A%22300x250%20Thumbnails-7%22%2C%22orig_uip%22%3A%22300x250%20Thumbnails-7%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C300x250%20Thumbnails-7%3Dthumbnails-300x250%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231130-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8d881275cf347802b5a801a0615b1b6c5859f492e4339eca9c23e612f7e4e756

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 625
date: Mon, 04 Dec 2023 01:51:53 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.21916666666666665
x-fastly-to-nlb-rtt: 92136
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-bma1640-BMA
x-log-content-encoding: gzip
server: nginx
x-timer: S1701654713.889182,VS0,VE625
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 sync Show response
gum.criteo.com/ Frame 67FB 46 B
302 B 79ms
65ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231130-25-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 217479
expires: 60

GET
H2 200 json Show response
trc.taboola.com/forforumotion-es/trc/3/ Frame 67FB 6 KB
3 KB 661ms
661ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/forforumotion-es/trc/3/json?tim=02%3A51%3A52.939&lti=verify-ri-changes_ctrl&data=%7B%22id%22%3A623%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1701343087590%2C%22vi%22%3A1701654712847%2C%22cv%22%3A%2220231130-25-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A%2214306%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-300x250%3Aabp%3D0%22%2C%22uip%22%3A%22300x250%20Thumbnails-3%22%2C%22orig_uip%22%3A%22300x250%20Thumbnails-3%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C300x250%20Thumbnails-3%3Dthumbnails-300x250%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22verify-ri-changes_ctrl%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231130-25-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 799b3cd114b6fa864a4125c66feda56e93aa3ed2b2b2a43302559ef900087fd7

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 615
date: Mon, 04 Dec 2023 01:51:53 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.22520833333333334
x-fastly-to-nlb-rtt: 93069
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-bma1640-BMA
x-log-content-encoding: gzip
server: nginx
x-timer: S1701654713.961352,VS0,VE615
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 n.js Show response
ac.aruncdn.com/f/nat/ 36 KB
12 KB 70ms
69ms Script
application/javascript 2606:4700:20::681a:e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ac.aruncdn.com/f/nat/n.js?418
Requested by: Host: d.audiencerun.com
URL: https://d.audiencerun.com/c/5eyky1py1w?rid=f23b8770-e5c3-4082-b085-1770c2dc535d&spu=3d31afd2-c810-4e79-8965-68163bf40199&sui=5eaf59ed-ac55-4419-a378-e12df50e2a38&s=null&a=1&msk=null&m=null&v=1.2.18&d=1701654712140&r=&vu=&dv=desktop&os=windows&br=chrome%2F119.0&ce=1&sr=1600x1200&o=portrait&tz=1%20GMT&ul=en&inf=0&ift=&amp=0&url=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F&es5=0&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2fdd7eb88b481044f92b435759b336619578722787b3491b8a5e5fda2446e39

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:53 GMT
x-amz-version-id: n_9t_.CZgJZNqJQCWSkXf.2acaOyjwDZ
via: 1.1 377f221cbea911724d8ec57bb91f3e98.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR50-P6
age: 510234
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Nov 2023 16:58:40 GMT
server: cloudflare
etag: W/"3c1910c5bc8bd96d3f8689b924f14c79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZfK00ivHaicraraX8%2FBqc09tTKqaKkTKWQRAseuacniKWu3u6RTyuTfwM%2BpnR%2FTMooC4svS0MHR7wdwxWV7cFmuc4slLu9he8GEgH5RDBApUp3BUeotMwDb%2B%2BrB%2B3XjwgP2FHDPzvCX4og7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8300682549636317-LHR
x-amz-cf-id: 2yWSfd1ThuVGqIzAV8Pd1L8DPXpWq8qh9yG4nTEqxtqsdYa1KlHFBg==

GET
H2

200

bsw_sync
d.audiencerun.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=audiencerun&user_id=1656d30b8ed9ce506458129&gdpr=0
https://x.bidswitch.net/ul_cb/sync?ssp=audiencerun&user_id=1656d30b8ed9ce506458129&gdpr=0
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Daudiencerun%26expires%3D30...
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Daudiencerun%26expires%3D30...
https://x.bidswitch.net/sync?dsp_id=429&user_id=4ffd4c54-498c-5252-a649-a7c0c3249779&ssp=audiencerun&expires=30&user_group=1&gdpr=0&gdpr_consent=
https://d.audiencerun.com/bsw_sync?userid=2ecd5c3e-8199-4990-9cb1-2e17fbb28830&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

43 B
845 B

153ms
153ms

Image
image/gif

3.20.201.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.audiencerun.com/bsw_sync?userid=2ecd5c3e-8199-4990-9cb1-2e17fbb28830&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Server: 3.20.201.250 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-201-250.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 04 Dec 2023 01:51:54 GMT
server: nginx

Redirect headers

location: //d.audiencerun.com/bsw_sync?userid=2ecd5c3e-8199-4990-9cb1-2e17fbb28830&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
date: Mon, 04 Dec 2023 01:51:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 0.native.js Show response
ac.aruncdn.com/f/nat/ 109 KB
31 KB 73ms
72ms Script
application/javascript 2606:4700:20::681a:e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ac.aruncdn.com/f/nat/0.native.js?ver=246935
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/f/nat/n.js?418
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c652e500bda06391a2ab54475ec68c859b00982f151d518a74dd83de1bc2200d

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:53 GMT
x-amz-version-id: HXTJcF3uQsisQ4i6swN1XhIZqw8LTxRL
via: 1.1 cd9d9141cd83dabdc9d0a421d1efe1aa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR50-P6
age: 982383
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Nov 2023 16:58:40 GMT
server: cloudflare
etag: W/"2e78dfba6272434cc42d95ef0fe26207"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8%2BybzAcTK7q9I6aM3zQYuS8UzV%2FkZhIrj0oowjg4m8M4SI8GT2FUxxEtJJ1fPnUKpSFamaV5maCcoiby4XiPkcFrruwK07vNB%2BzwG33Iq%2BPpYu%2FwLKSzgW5VDlXsm%2F1XQr%2FCx9ZkuTZarXR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83006825c9d76317-LHR
x-amz-cf-id: h-dFVWfjAhP81yCZImk8VBnN8GO8hsI2QPqSJ3TBp0_jqNb5ebhn4w==

GET
H2 200 1.native.js Show response
ac.aruncdn.com/f/nat/ 15 KB
5 KB 69ms
69ms Script
application/javascript 2606:4700:20::681a:e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ac.aruncdn.com/f/nat/1.native.js?ver=246935
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/f/nat/n.js?418
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbeda8c681183b4cf452950ae66650e596ab8ecda43e51f32d411d466fc01c90

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:53 GMT
x-amz-version-id: 3xGICiLxU4OEAI9SxCEz7WXHOqQs6iQt
via: 1.1 a51e82991720a6aac1a80bbc5392c806.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR50-P6
age: 982383
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Nov 2023 16:28:14 GMT
server: cloudflare
etag: W/"0b8f24c6d87e1c425d170fcda6036e7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0vdblxKvs%2BKFd75bP%2FLIhvfYdHBwMfrp6XF1b9H70ohuGTeRhY44pVXZXHgiR%2B7cG9AxlvaJKNUYfkyekwOC5FFeJYVTez4Bpe2%2BS8dm7GSfXRMxmSAF%2F7hwgAriJGeQfGs1XGNgrIZMxSG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83006825c9d86317-LHR
x-amz-cf-id: l-Zet3CATmQseL_F-Ad4KtIKxq6J5Ox53OQPSAnCn63DvQi4gKmMcQ==

GET
H2 200 fixedFooter.native.js Show response
ac.aruncdn.com/f/nat/ 156 KB
20 KB 80ms
80ms Script
application/javascript 2606:4700:20::681a:e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ac.aruncdn.com/f/nat/fixedFooter.native.js?ver=246935
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/f/nat/n.js?418
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3afb7f04f8cf0f2dd00750f51595dc7c067b8fd958a55a11f77e45fd0eb02b29

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:53 GMT
x-amz-version-id: EfornkVuHjMZuPgLpb4MejnoHtERb1x_
via: 1.1 01879ac26b51469bac7a395f9b7fc5e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR50-P6
age: 982383
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Nov 2023 16:28:14 GMT
server: cloudflare
etag: W/"0708733879d93c42a1e77a9f4e148139"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OPBUlViyFcqbln82Bo7aYazyUh%2BhrTJA6hhBANFJtaUvxxX0gdORKsL2Pe1epHpzXq4vC7lSK96Ts6cZWiZVtx%2BlQUKCWmlc1BqfKrloPgkjEMMacOfruQ77G%2FVxQVKcyV4%2FymTIU%2F08Hl1H"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83006825c9d96317-LHR
x-amz-cf-id: wr3haQBEXm_rVa9xcJyVOKQy1oWTQ7UO582RUQYng91ypE2unFZ5kg==

GET
H2 200 tb Show response
15.taboola.com/ Frame DAD5 23 KB
7 KB 85ms
84ms XHR
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=forforumotion-es&unitType=226&tbloc=&pageType=text&pstn=728x90%20Thumbnails&uuip=&cisrf=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F&cirf=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F&encoded=1&uid=4da1c2ac-9a8b-410b-8fa0-4fde55431a25-tuctc66b638&variant=-100|1130508407&callback=TRC.videoTagCallbacks.videoCallback1&cb=1701654713236&tagid=&cntry=NO&platform=1&sesid=bb0ffd51e7921b2f3a4eaae3108d90f1&itemid=/&viewid=1701654712847&geolat=&geoing=&deviceifa=&appid=&sd=v2_bb0ffd51e7921b2f3a4eaae3108d90f1_4da1c2ac-9a8b-410b-8fa0-4fde55431a25-tuctc66b638_1701654712_1701654712_CIi3jgYQ_-I_GI-kmZTDMSABKAEwogE434cMQKL17gNI86HvA1D___________8BWABgAGjn4PixzeqfnzFwAA&ri=971a8ad0eab49412847b50220947256a&appname=&cdb=&gdprApplies=true&rid=&sii=-1279194496744460907&oee=true&tpubid=1044863&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=1---&region=30&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=14101
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231130-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: faec4130c7feb2a6170947eca3b187dafe5ded1888ca58b60d10ceb29d039d44

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Mon, 04 Dec 2023 01:51:53 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1424
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-bma1640-BMA
pragma: no-cache
server: nginx
x-timer: S1701654713.260293,VS0,VE37
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 userx.20231130-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame DAD5 17 KB
6 KB 48ms
48ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20231130-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forforumotion-es/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ebd05afc224c2ec35786d9a2181d0606eb63cca44be89c1068503453c3de43e2

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: vCcIxjXJs60BG4fCOpkAW9h40bk2RN51
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Dec 2023 01:51:53 GMT
x-amz-request-id: J85AVZ3NT1K4FV0J
age: 314774
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: wFcUdeI2A/G5bsTjjiAbE8bwjqD4le1MVmIdR6vaGj7kR6kmWXKZyLtEpyrobsJswbhs4TwqQNw=
x-served-by: cache-bma1640-BMA
last-modified: Thu, 30 Nov 2023 10:25:35 GMT
server: AmazonS3
x-timer: S1701654713.260332,VS0,VE0
etag: "76e95c572225881d5a86a2c4621a0630"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 68
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 48369

GET
H2 200 eayeio10.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f58/19/59/98/62/ Frame DAD5 13 KB
14 KB 54ms
47ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f58/19/59/98/62/eayeio10.jpg
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b32035eb28b81ae18efa26adc88d623a643e8cac0fe1e9994fc51b229a00a39

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 04 Dec 2023 01:51:53 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f58/19/59/98/62/eayeio10.jpg
age: 2248654
edge-cache-tag: 394268328137071391160548122778157680885,349218789646776865820853431610452907782,29ecf9b93bbf306179626feeda1fab70
cache-tag: 394268328137071391160548122778157680885,349218789646776865820853431610452907782,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 705
req-referer: https://lasociedaddealmas.activo.mx/
content-length: 12982
x-request-id: 5dc066e52ec19fb4aaf7ea3386dbb490
x-backend-name: CH_nlb801
x-served-by: cache-iad-kjyo7100040-IAD, cache-iad-kcgs7200054-IAD, cache-lga21938-LGA, cache-iad-kjyo7100160-IAD, cache-bma1640-BMA
last-modified: Tue, 31 Oct 2023 09:21:26 GMT
server: nginx
surrogate-reporting: width=628,height=157,bytes=39865,owidth=800,oheight=157,obytes=79000
x-timer: S1701654713.279725,VS0,VE0
etag: "1cc324389edf9402ff83edaba2508930"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2, 4, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f58/19/59/98/62/eayeio10.jpg
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b32035eb28b81ae18efa26adc88d623a643e8cac0fe1e9994fc51b229a00a39

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 04 Dec 2023 01:51:53 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f58/19/59/98/62/eayeio10.jpg
age: 2248655
edge-cache-tag: 394268328137071391160548122778157680885,349218789646776865820853431610452907782,29ecf9b93bbf306179626feeda1fab70
cache-tag: 394268328137071391160548122778157680885,349218789646776865820853431610452907782,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 705
req-referer: https://lasociedaddealmas.activo.mx/
content-length: 12982
x-request-id: 5dc066e52ec19fb4aaf7ea3386dbb490
x-backend-name: CH_nlb801
x-served-by: cache-iad-kjyo7100040-IAD, cache-iad-kcgs7200054-IAD, cache-lga21938-LGA, cache-iad-kjyo7100160-IAD, cache-bma1640-BMA
last-modified: Tue, 31 Oct 2023 09:21:26 GMT
server: nginx
surrogate-reporting: width=628,height=157,bytes=39865,owidth=800,oheight=157,obytes=79000
x-timer: S1701654713.342210,VS0,VE0
etag: "1cc324389edf9402ff83edaba2508930"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2, 4, 3

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.6.2/ Frame DAD5 120 KB
34 KB 141ms
46ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.6.2/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231130-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3edec9aed1309166fc55d6e17ad83845cebacb21d4894c715c659ce810dc3cf1

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Origin: https://himitsu-no-pettoakad.foroactivo.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:53 GMT
via: 1.1 ed87681648230d81cfe4a69364ab730c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: ARN54-C1
age: 476298
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 33982
x-served-by: cache-bma1624-BMA
last-modified: Tue, 28 Nov 2023 13:32:59 GMT
server: AmazonS3
x-timer: S1701654713.441917,VS0,VE0
etag: "af6449bf86ef6829cc3fc4db5acbc173"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: r_XWdeIu40uoZVi61nmpe9DPEIm8ZUHe3hreog-S-OY0neslnuRYrg==
x-cache-hits: 5905

GET
H2 200 logo.svg
ac.aruncdn.com/i/logo/ 1 KB
984 B 68ms
67ms Image
image/svg+xml 2606:4700:20::681a:e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ac.aruncdn.com/i/logo/logo.svg?3
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bc71723dd9b58ca76778ee4ab3a2d9a08fdaee2a2b8c34079acca1aada4428a

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:53 GMT
x-amz-version-id: ZW6wgHVqLct2j11I75YfRQVRuSgQJT1U
via: 1.1 377f221cbea911724d8ec57bb91f3e98.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR50-P6
age: 1070654
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 21 Nov 2023 16:19:01 GMT
server: cloudflare
etag: W/"2f850b9b51d9dfef215f3107413d73d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RP1vSYAgNDhhcPDPZnkx7kB3ErJfst99p1JJsNIcXvQq0E%2BzG81yKnY4gENISAp1ZJqyRNGiAkQ3eS%2FV23rTILbAQYFixKNC2aSbNM30UKGJHa7DYy27xDc2q34tUvCah3C18OANY5f8KzXe"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 830068270b196317-LHR
x-amz-cf-id: DTZTb4wA5l8e7rp4D5hdAaEnjE6OkuPOqcHLTVYqsAZG9ttKKRTqSQ==

GET
H2 200 close.svg
ac.aruncdn.com/i/f/ 782 B
822 B 69ms
69ms Image
image/svg+xml 2606:4700:20::681a:e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ac.aruncdn.com/i/f/close.svg
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae540d7788bb22cdd6753ff56107e0f405cbcdef8b0b9e6b73bc16eeb26acc48

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:53 GMT
x-amz-version-id: MxNWaejkHh6rIh95_5o7KbUU3056QmyD
via: 1.1 01879ac26b51469bac7a395f9b7fc5e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR50-P6
age: 150487
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Nov 2023 16:28:19 GMT
server: cloudflare
etag: W/"75b7a0f5d0964082b842670da4ef0ae8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VvHuGmNKczUQdtAwKF5QHFxlPrGey5cRfccagah1ulPOWbMpRMqx0zIrBe2qfyKkgplLFMbfXso6WXfSG11S3frCdry%2FISHn%2FQGq7ZyxRTp6QhSjcCFKQbryUMyXTsBmKHETmmI4Oq%2By13WW"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 830068270b1a6317-LHR
x-amz-cf-id: rFDXNJgNnmZJh0yvovbcEpU3dq8xMm6Uv_ZfXb-ybpU_zfSqZa-W5A==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 152ms
44ms XHR
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231204

Requested by

Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1304e0567cc62d691ee57b01b9e837d8274a61016e7dbaff7074c29346b7c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Dec 2023 01:51:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 35436
x-jsd-version: 1.0.1893
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-bma1646-BMA
x-jsd-version-type: version
server: cloudflare
etag: W/"642-GsXOeCtMGPIMTLKGc16ErVM9e78"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8O9eFV%2B5%2BQNmILr64s9clPYTAYorUPAJux5A7sQ74kL1%2BbNlJAVkb8dF%2FZLPSGLCfTk6ueEBNwlr1CzmpAG%2FCUiQ8IMJiJxaFTkAv4st36vUK7SEvZN8mMnixSYXl8xcmUnW2KcRwQGE3gKSa8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 83006827ca321c06-OSL

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1020 B 199ms
67ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 01:51:53 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 27 Nov 2023 07:14:08 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 433933
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLfzAT0Jw3DMQ61gtYhpzz%2FDHlMLWHTqvQTqUdVsv7t%2F1uW9zlSEpqEEIzz7T%2BRRN3M2dzuUxugPRcpgu0FcATktpMLZGANO8tyyUgiWXXlgetoOQ%2Fp6txoAMTIdhRJsL99e3sqTNvQOvDnc"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 830068280efadc9f-LHR

POST
H/1.1 200
OK cookie_sync Show response
pbs.prd.audiencerun.com/ 3 KB
1 KB 697ms
169ms XHR
application/json 3.139.153.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.prd.audiencerun.com/cookie_sync
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.139.153.231 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-153-231.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 031723ed38ba012c9f5055e6c5d780afb62e5cf1a9a9d9b7de2f8a786ee5b886

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 01:51:54 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://himitsu-no-pettoakad.foroactivo.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 694
Expires: 0

POST
H/1.1 200
OK auction Show response
pbs.prd.audiencerun.com/openrtb2/ 462 B
723 B 830ms
316ms XHR
application/json 3.139.153.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.prd.audiencerun.com/openrtb2/auction
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.139.153.231 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-153-231.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 08d7bdc5da556f1b447a87b87816aaf048cdccd79fa51d15d002cc0af5144a5d

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 01:51:54 GMT
Content-Encoding: br
X-Prebid: pbs-go/1.14.0-audiencerun
Vary: Accept-Encoding, Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://himitsu-no-pettoakad.foroactivo.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 298
Expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
126 B 211ms
63ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
date: Mon, 04 Dec 2023 01:51:52 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 400 pb Show response
ad.360yield.com/ 0
205 B 233ms
73ms XHR
text/html 54.228.143.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.228.143.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-143-85.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
date: Mon, 04 Dec 2023 01:51:53 GMT
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 204 pb Show response
ad.360yield.com/ 0
181 B 234ms
75ms XHR
text/plain 54.228.143.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.228.143.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-143-85.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
date: Mon, 04 Dec 2023 01:51:53 GMT
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 arrow.svg
ac.aruncdn.com/i/f/ 783 B
900 B 69ms
69ms Image
image/svg+xml 2606:4700:20::681a:e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ac.aruncdn.com/i/f/arrow.svg
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29646c2ba0f044af1ec8665ac8cb52fb38902c0b7baa75a005185dd009703ae2

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:53 GMT
x-amz-version-id: Fn1WKOOkxqZTdJTqNJK.HJu0r4Fe3ugB
via: 1.1 2215055efc8f63c9427a3e4d846b2c66.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR50-P6
age: 1070599
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 21 Nov 2023 16:19:01 GMT
server: cloudflare
etag: W/"85879df3481a1e2f40eb9782977fa7f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJra3limrfpsTMPeNxkBUbN%2BktYHkT%2B0QUGhNHBzS36j5fpvuVwp1N%2FeHB3%2BsJBm%2BKrmjtpds5dy6dCXm1TRcXFpvNFYsyeIypTXRQJ5x1ElpnEChRzqoCCDqG51B8yy8ZCEMw7jgdEzgKSj"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 830068276b4d6317-LHR
x-amz-cf-id: _JyJ9lZ0SrnWS-YMSRN-uL_isuN3YviLJGT8jzwScZSGBDc9je3P3g==

GET
H2 200 Montserrat-Bold.woff2
ac.aruncdn.com/f/nat/fonts/ 19 KB
19 KB 193ms
192ms Font
binary/octet-stream 2606:4700:20::681a:e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ac.aruncdn.com/f/nat/fonts/Montserrat-Bold.woff2
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Origin: https://himitsu-no-pettoakad.foroactivo.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:53 GMT
x-amz-version-id: PBb6uvYYXX4oPKrQ5KXhhIcwVTfT7Yks
via: 1.1 fcb7e2ea03344c5cbdb3ce71f1ffa1dc.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR50-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 18956
last-modified: Wed, 22 Nov 2023 16:28:15 GMT
server: cloudflare
etag: "79982cd1f74c6fa7451bf9b37ead09ff"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXhduKv9BBJTvwEHJN0dGU5amOErhqEafgwSS71aQDAkTSO7JoIiUBcBv3B3koAF6a4RGOFjiy1PsFeFk%2FbprDJP9bNwtM6iNYqbR9fZl5ySSrBqtTV%2FfYEbOgKKpoN%2F4p0coi%2BCQIEQwsjh"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 830068276a1d7732-LHR
x-amz-cf-id: BFgue8LoAEuvNk8i92BZ-CnU-SNa9VFXQmxptOw5JtX-N-RPGtKTAg==

GET
H2 200 Montserrat-Italic.woff2
ac.aruncdn.com/f/nat/fonts/ 14 KB
14 KB 466ms
465ms Font
binary/octet-stream 2606:4700:20::681a:e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ac.aruncdn.com/f/nat/fonts/Montserrat-Italic.woff2
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89df20304bf3cc608f330d26187cbafff5aa4a7416ea37b1d6f48bfaf2ed8ae5

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Origin: https://himitsu-no-pettoakad.foroactivo.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:53 GMT
x-amz-version-id: NC49IbIFhLoSvQoGuDJa_AqEVpFgdZkb
via: 1.1 e113eead8f453036dc06e859133ea1dc.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR50-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 14132
last-modified: Wed, 22 Nov 2023 16:28:15 GMT
server: cloudflare
etag: "541320aaef05b18735645a6e8ce2f60d"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCB4O2Y5czZNWkLuR7MTETx4Lh42mDDsK7Zy0yHJHX6vhVf62xQY9s%2F%2FMpMrbwbCKw7UT6TQ7rTLkiNwIxq0z1XI%2FJmu5dCzii%2BrBWZpW%2F17GBNU4E77O7Q5vdf%2FbPSOZWCEsD4GalNj5SsI"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 830068276a1f7732-LHR
x-amz-cf-id: W35AvtN4wdcqld5pfnzTkv4vPYuxIaQJpSy_Vfeg5_UWdPrdae-u1w==

GET
H2 200 Montserrat-Regular.woff2
ac.aruncdn.com/f/nat/fonts/ 18 KB
19 KB 566ms
566ms Font
binary/octet-stream 2606:4700:20::681a:e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ac.aruncdn.com/f/nat/fonts/Montserrat-Regular.woff2
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Origin: https://himitsu-no-pettoakad.foroactivo.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
x-amz-version-id: avfDLtCXdyzDrSGwckfx0pC6O9gVMIJE
via: 1.1 941eeb52a9594aec5cf3464efa0a3b66.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR50-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 18684
last-modified: Wed, 22 Nov 2023 16:28:15 GMT
server: cloudflare
etag: "501ce09c42716a2f6e1503a25eb174c9"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IrLYDlyWusROCJE%2BXqOnq8qR4%2Fq2m9mPHghsedboDK5iy50Gli3j5VeHvm7rvlxc696gZBkT6CbtZNHSD328R2GPW9z0RVoJc3Ad2oyYxTSh9kLitNxWOmDo1e8CsxiVupXFTP%2BixS23noYJ"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 830068276a217732-LHR
x-amz-cf-id: tvbA_KV32YhosX_8_mMjUS3fE3PJhUC7Q8xRHpi8P7uV_Jxz7cX9Fg==

GET
H2 200 Montserrat-ExtraBold.woff2
ac.aruncdn.com/f/nat/fonts/ 81 KB
82 KB 697ms
697ms Font
binary/octet-stream 2606:4700:20::681a:e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ac.aruncdn.com/f/nat/fonts/Montserrat-ExtraBold.woff2
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b8922ce82914294ccad739d9f92b8e70e38811cdeb30c1a6a365d4de2c90ad

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Origin: https://himitsu-no-pettoakad.foroactivo.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
x-amz-version-id: O8IYIFyfhhYe2aPsQTX275oWRam7lLKF
via: 1.1 e113eead8f453036dc06e859133ea1dc.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR50-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 82888
last-modified: Wed, 22 Nov 2023 16:28:15 GMT
server: cloudflare
etag: "17ce7192b10223597038970c9dc67c6c"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMsN%2B2KS74tcjlewbDeozawXHtQB%2Flog3EyFfQHLOoIiinFHUPc0eeNUcdoCwuWVRV76VDBSEjOTGZ6IBAicb2tIeE4Oj8Kdhg0bQu30HM3%2F0WG3uaqg%2BlkOg4iIXZ9%2BY6UW7HYmEpV0FFdm"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 830068276a237732-LHR
x-amz-cf-id: WjDDI6Zc-UrRJowloHVOeE4GxtxhpFGbPdQ3XL38Uox5fJZWdjsTFQ==

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
410 B 169ms
79ms XHR
application/json 2606:4700:4400::6812:22b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:53 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 83006827e80a56a4-OSL
expires: 0

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 173 B
486 B 308ms
80ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 704b64c4211c940d6b7fdb67f46c825c93b09325222587aa5a4543d1b243bbd8

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/2.4.0
Content-Type: application/json
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
Expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 13 KB
6 KB 347ms
136ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19034&site_id=378238&zone_id=2088184&size_id=2&rp_schain=1.0,1!audiencerun.com,191,1,,,!qwertize.com,7730,1,,,&eid_pubcid.org=2cb7dee4-6a50-4773-96fa-5276bddec711%5E1&rf=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F&kw=ForoYuri%2CLovingPetsAcademy%2CForo%2Crol%2Camaxpet%2Cyuri&tg_i.domain=himitsu-no-pettoakad.foroactivo.com&tg_i.page=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F&tg_i.pbadslot=himitsu-no-pettoakad.foroactivo.com%2F5eyky1py1w%23728x90&tk_flint=pbjs_lite_v7.54.5&x_source.tid=d5c4f2a2-c992-48c9-90f3-a256b35fa07a&l_pb_bid_id=3107938d153010a&p_screen_res=1600x1200&rp_floor=0.0913&rp_secure=1&x_imp.ext.tid=d5c4f2a2-c992-48c9-90f3-a256b35fa07a&rp_maxbids=1&p_gpid=himitsu-no-pettoakad.foroactivo.com%2F5eyky1py1w%23728x90&slots=1&rand=0.19905883590745033
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b57d51733f244481055bf119984fd5460217b2d5f4dd4f90e72e4017d5399edf

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:53 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
368 B 400ms
263ms XHR
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
date: Mon, 04 Dec 2023 01:51:52 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 203
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 prebid.1.2.aspx Show response
inv-nets.admixer.net/ 4 KB
4 KB 268ms
101ms XHR
text/javascript 167.235.184.171
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

167.235.184.171 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.171.184.235.167.clients.your-server.de

Software

nginx /

Resource Hash

d38dd492f7cc7d3f7b14883d83efa6190334f8641e8404c89def9a280092787a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Dec 2023 01:51:53 GMT
server: nginx
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
p3p: CP="NID DSP ALL COR"
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 3723
x-xss-protection: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
2 KB 302ms
203ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU8N8428
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 68614fd3826af2a0b70b7a66188a054ff995bfc4780d0803c23ed5e79c99aa15

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:53 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 131
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 01:51:53 GMT

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 2 KB
2 KB 283ms
149ms XHR
application/json 185.106.140.18
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 0fb0a5abdf0b1210bd82a090aaa83ddcdde4b47a2f2e0db2118f292b7120ac91

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 01:51:53 GMT
Server: nginx
X-Prebid: pbs-go/unknown
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://himitsu-no-pettoakad.foroactivo.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1835
Expires: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 1 KB
2 KB 319ms
128ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 1c4aa98cf2c9546c325490163053a719589d2d2407c021ba6bf8e7a277ece1bc

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:53 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
432 B 201ms
65ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 bid-request Show response
rtb.adpone.com/ 797 B
935 B 219ms
83ms XHR
application/json 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=122611131932413
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53bc80fb460d109c66dfe9fd2507081e51972d9ccee312f39ff6ab53bcc1c0fb

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Dec 2023 01:51:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h753Pj4t3hu0%2BRSNtxLH3iSRNfa3pss1B5F5ycMGyfjBH1823CLl3GrE28vyc%2FLKzqtfgoCuvGbVEfn5%2FlzDV%2BOUciUCgh5m%2FShzcuDa3IET9AS0jouoOf3eytR3UKAj7gV%2BBPqCJpvUwNXn"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
access-control-allow-credentials: true
cf-ray: 830068286c0863cb-LHR

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
213 B 65ms
65ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=144&profileId=185&av=36&wv=7.54.5&cb=37083529063

Requested by

Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
date: Mon, 04 Dec 2023 01:51:52 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
171 B 263ms
123ms XHR
text/plain 3.126.176.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.176.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-176-240.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
date: Mon, 04 Dec 2023 01:51:53 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 145 B
979 B 373ms
239ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a276aedb4b458743243c3238f3b819e285df7f3801b77530a84dc7535daa80fb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:53 GMT
an-x-request-uuid: a68bf818-25c9-415e-8cfa-089e2ebcef99
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.255.148.168; 178.255.148.168; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 145
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 debug
il-trc-events.taboola.com/forforumotion-es/log/2/ Frame DAD5 0
91 B 370ms
116ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/forforumotion-es/log/2/debug?tim=02%3A51%3A53.517&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=3121&cv=20231130-4-RELEASE&lt=deflated&pct=1
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:53 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 115742

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.6.2/ Frame 6853 120 KB
33 KB 48ms
46ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.6.2/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231130-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3edec9aed1309166fc55d6e17ad83845cebacb21d4894c715c659ce810dc3cf1

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Origin: https://himitsu-no-pettoakad.foroactivo.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:53 GMT
via: 1.1 ed87681648230d81cfe4a69364ab730c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: ARN54-C1
age: 476298
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 33982
x-served-by: cache-bma1624-BMA
last-modified: Tue, 28 Nov 2023 13:32:59 GMT
server: AmazonS3
x-timer: S1701654714.586274,VS0,VE0
etag: "af6449bf86ef6829cc3fc4db5acbc173"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: r_XWdeIu40uoZVi61nmpe9DPEIm8ZUHe3hreog-S-OY0neslnuRYrg==
x-cache-hits: 5906

GET
H2 200 userx.20231130-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 6853 17 KB
6 KB 48ms
47ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20231130-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forforumotion-es/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ebd05afc224c2ec35786d9a2181d0606eb63cca44be89c1068503453c3de43e2

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: vCcIxjXJs60BG4fCOpkAW9h40bk2RN51
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Dec 2023 01:51:53 GMT
x-amz-request-id: J85AVZ3NT1K4FV0J
age: 314774
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: wFcUdeI2A/G5bsTjjiAbE8bwjqD4le1MVmIdR6vaGj7kR6kmWXKZyLtEpyrobsJswbhs4TwqQNw=
x-served-by: cache-bma1640-BMA
last-modified: Thu, 30 Nov 2023 10:25:35 GMT
server: AmazonS3
x-timer: S1701654714.585525,VS0,VE0
etag: "76e95c572225881d5a86a2c4621a0630"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 44
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 48370

GET
H2 204 fix-user-id
trc.taboola.com/forforumotion-es/log/3/ Frame 6853 0
227 B 143ms
141ms Image
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/forforumotion-es/log/3/fix-user-id?lti=deflated&ri=c9740082e6c97192fdde386df85b0d26&sd=v2_b27374881f461f1982904080e958449f_f9448321-9e4c-4d2e-bedd-36bb60ceb989-tuctc66b638_1701654712_1701654712_CIi3jgYQ_-I_GI-kmZTDMSABKAEwogE434cMQKL17gNI86HvA1D___________8BWABgAGjn4PixzeqfnzFwAA&ui=f9448321-9e4c-4d2e-bedd-36bb60ceb989-tuctc66b638&pi=/&wi=-1279194496744460907&pt=text&vi=1701654712847&time=1701654713553&fromUser=4da1c2ac-9a8b-410b-8fa0-4fde55431a25-tuctc66b638&toUser=f9448321-9e4c-4d2e-bedd-36bb60ceb989-tuctc66b638&fromSD=v2_bb0ffd51e7921b2f3a4eaae3108d90f1_4da1c2ac-9a8b-410b-8fa0-4fde55431a25-tuctc66b638_1701654712_1701654712_CIi3jgYQ_-I_GI-kmZTDMSABKAEwogE434cMQKL17gNI86HvA1D___________8BWABgAGjn4PixzeqfnzFwAA&toSD=v2_b27374881f461f1982904080e958449f_f9448321-9e4c-4d2e-bedd-36bb60ceb989-tuctc66b638_1701654712_1701654712_CIi3jgYQ_-I_GI-kmZTDMSABKAEwogE434cMQKL17gNI86HvA1D___________8BWABgAGjn4PixzeqfnzFwAA&tim=02%3A51%3A53.553&id=7086&llvl=2&cv=20231130-4-RELEASE&
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms: 95
date: Mon, 04 Dec 2023 01:51:53 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 93087
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-bma1640-BMA
pragma: no-cache
server: nginx
x-timer: S1701654714.585718,VS0,VE95
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 abtests
il-trc-events.taboola.com/forforumotion-es/log/3/ Frame 6853 0
230 B 332ms
119ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/forforumotion-es/log/3/abtests?route=AM:IL:V&tvi48=-48&tvi50=13156&lti=deflated&ri=c9740082e6c97192fdde386df85b0d26&sd=v2_b27374881f461f1982904080e958449f_f9448321-9e4c-4d2e-bedd-36bb60ceb989-tuctc66b638_1701654712_1701654712_CIi3jgYQ_-I_GI-kmZTDMSABKAEwogE434cMQKL17gNI86HvA1D___________8BWABgAGjn4PixzeqfnzFwAA&ui=f9448321-9e4c-4d2e-bedd-36bb60ceb989-tuctc66b638&pi=/&wi=-1279194496744460907&pt=text&vi=1701654712847&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1701654713558%7D&tim=02%3A51%3A53.558&id=7345&llvl=2&cv=20231130-4-RELEASE&
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Dec 2023 01:51:53 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 events
bidder.criteo.com/csm/ 0
213 B 64ms
64ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
date: Mon, 04 Dec 2023 01:51:53 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 9a84df54d9afa44460ce700707.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//wl-brightside.cf.tsp.li/resize/728x/jpg/1a6/616/ Frame 6853 13 KB
14 KB 48ms
47ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//wl-brightside.cf.tsp.li/resize/728x/jpg/1a6/616/9a84df54d9afa44460ce700707.jpg
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ac4b622288ea015d3bf9fc0105a1926faaed52459504c5cad9cb99da603bf837

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Dec 2023 01:51:53 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//wl-brightside.cf.tsp.li/resize/728x/jpg/1a6/616/9a84df54d9afa44460ce700707.jpg
age: 1704467
edge-cache-tag: 449707690790375997410416504406029341559,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag: 449707690790375997410416504406029341559,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 407
expiration: expiry-date="Fri, 03 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://display.360totalsecurity.com/inapp/daily-news-premium?p=0&d=2802&m=1&lang=en&ver=11.0.0.1042&t=1372933609&e=0
content-length: 13448
x-backend-name: CH_nlb802
x-served-by: cache-iad-kiad7000053-IAD, cache-iad-kjyo7100027-IAD, cache-chi-klot8100140-CHI, cache-iad-kjyo7100037-IAD, cache-bma1640-BMA
last-modified: Tue, 03 Oct 2023 10:53:08 GMT
server: nginx
surrogate-reporting: width=360,height=180,bytes=17013,owidth=728,oheight=611,obytes=68384
x-timer: S1701654714.597395,VS0,VE1
etag: "073c4a72009aa51abb54a357ee4953b8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 4, 1

GET
H2 200 tb Show response
15.taboola.com/ Frame 67FB 24 KB
7 KB 80ms
80ms XHR
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=forforumotion-es&unitType=226&tbloc=&pageType=text&pstn=300x250%20Thumbnails-3&uuip=&cisrf=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F&cirf=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F&encoded=1&uid=a282d57d-6fab-46da-8b03-5fe1589403a0-tuctc66b639&variant=-100|1130508407&callback=TRC.videoTagCallbacks.videoCallback1&cb=1701654713622&tagid=&cntry=NO&platform=1&sesid=43e9190e6de81a8590c0aaf852585f5d&itemid=/&viewid=1701654712847&geolat=&geoing=&deviceifa=&appid=&sd=v2_43e9190e6de81a8590c0aaf852585f5d_a282d57d-6fab-46da-8b03-5fe1589403a0-tuctc66b639_1701654713_1701654713_CIi3jgYQ_-I_GI-kmZTDMSABKAEwogE434cMQKL17gNI86HvA1D___________8BWABgAGjn4PixzeqfnzFwAA&ri=901548aea38e4e9dbb0388cd3bf825ac&appname=&cdb=&gdprApplies=true&rid=&sii=-1279194496744460907&oee=true&tpubid=1044863&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=1---&region=30&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231130-25-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2924208690c35e98e9aeb09e476a9e4b4c19812449bc6b5d5cd5edc9184ee1f4

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Mon, 04 Dec 2023 01:51:53 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1451
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-bma1640-BMA
pragma: no-cache
server: nginx
x-timer: S1701654714.643433,VS0,VE34
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 userx.20231130-25-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 67FB 17 KB
6 KB 46ms
46ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20231130-25-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forforumotion-es/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bf0e4bf067c308daeb831a0ebbf536b6c0e2b0943430def1544c35c36e471f4

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: 0tHSW6VliVf2DYLy4lhG9NBDKQupFSZU
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Dec 2023 01:51:53 GMT
x-amz-request-id: 8MFV2DZQJ7BWZQDH
age: 20965
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5399
x-amz-id-2: rdq9AYgJWGgp8VeIEn7m3HDCIiShNWNuth+AUrKXmfq5mjeXkQvXriTjHxMPI92HNtnFZV3AX/8=
x-served-by: cache-bma1640-BMA
last-modified: Sun, 03 Dec 2023 20:02:24 GMT
server: AmazonS3
x-timer: S1701654714.643815,VS0,VE0
etag: "802d416e45e2eafa47e548811aa23a67"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 6
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 43

GET
H2 204 fix-user-id
trc.taboola.com/forforumotion-es/log/3/ Frame 67FB 0
69 B 144ms
143ms Image
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/forforumotion-es/log/3/fix-user-id?lti=verify-ri-changes_ctrl&ri=901548aea38e4e9dbb0388cd3bf825ac&sd=v2_43e9190e6de81a8590c0aaf852585f5d_a282d57d-6fab-46da-8b03-5fe1589403a0-tuctc66b639_1701654713_1701654713_CIi3jgYQ_-I_GI-kmZTDMSABKAEwogE434cMQKL17gNI86HvA1D___________8BWABgAGjn4PixzeqfnzFwAA&ui=a282d57d-6fab-46da-8b03-5fe1589403a0-tuctc66b639&pi=/&wi=-1279194496744460907&pt=text&vi=1701654712847&time=1701654713605&fromUser=f9448321-9e4c-4d2e-bedd-36bb60ceb989-tuctc66b638&toUser=a282d57d-6fab-46da-8b03-5fe1589403a0-tuctc66b639&fromSD=v2_b27374881f461f1982904080e958449f_f9448321-9e4c-4d2e-bedd-36bb60ceb989-tuctc66b638_1701654712_1701654712_CIi3jgYQ_-I_GI-kmZTDMSABKAEwogE434cMQKL17gNI86HvA1D___________8BWABgAGjn4PixzeqfnzFwAA&toSD=v2_43e9190e6de81a8590c0aaf852585f5d_a282d57d-6fab-46da-8b03-5fe1589403a0-tuctc66b639_1701654713_1701654713_CIi3jgYQ_-I_GI-kmZTDMSABKAEwogE434cMQKL17gNI86HvA1D___________8BWABgAGjn4PixzeqfnzFwAA&tim=02%3A51%3A53.605&id=690&llvl=2&cv=20231130-25-RELEASE&
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms: 97
date: Mon, 04 Dec 2023 01:51:53 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 93195
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-bma1640-BMA
pragma: no-cache
server: nginx
x-timer: S1701654714.647039,VS0,VE97
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 abtests
il-trc-events.taboola.com/forforumotion-es/log/3/ Frame 67FB 0
230 B 268ms
117ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/forforumotion-es/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=12019&lti=verify-ri-changes_ctrl&ri=901548aea38e4e9dbb0388cd3bf825ac&sd=v2_43e9190e6de81a8590c0aaf852585f5d_a282d57d-6fab-46da-8b03-5fe1589403a0-tuctc66b639_1701654713_1701654713_CIi3jgYQ_-I_GI-kmZTDMSABKAEwogE434cMQKL17gNI86HvA1D___________8BWABgAGjn4PixzeqfnzFwAA&ui=a282d57d-6fab-46da-8b03-5fe1589403a0-tuctc66b639&pi=/&wi=-1279194496744460907&pt=text&vi=1701654712847&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1701654713614%7D&tim=02%3A51%3A53.614&id=2725&llvl=2&cv=20231130-25-RELEASE&
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Dec 2023 01:51:53 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 78b3ea51cc8565e00d211ca416a2e738.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 67FB 13 KB
14 KB 255ms
255ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/78b3ea51cc8565e00d211ca416a2e738.jpg
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5d958f566093a56c1680b55ba34ca531dd0902f0588b65f6068b7738c453c20f

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms: 209
date: Mon, 04 Dec 2023 01:51:53 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/78b3ea51cc8565e00d211ca416a2e738.jpg
age: 1544671
edge-cache-tag: 568689136968234431268712808286753629000,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag: 568689136968234431268712808286753629000,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, HIT, HIT, MISS, MISS, MISS
x-envoy-upstream-service-time: 93
req-referer: https://himitsu-no-pettoakad.foroactivo.com/
content-length: 13710
x-request-id: 25bbbfa9aa87bbf6e3ea581015b489c2
x-backend-name: CH_nlb801
x-served-by: cache-iad-kiad7000102-IAD, cache-iad-kiad7000049-IAD, cache-lga21978-LGA, cache-iad-kcgs7200103-IAD, cache-bma1640-BMA
last-modified: Mon, 30 Oct 2023 20:10:45 GMT
server: nginx
surrogate-reporting: width=360,height=180,bytes=22922,owidth=1000,oheight=673,obytes=72785
x-timer: S1701654714.659748,VS0,VE209
etag: "abfeffc7399cd676967eff9354ebc110"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2, 0, 0, 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//wl-brightside.cf.tsp.li/resize/728x/jpg/1a6/616/9a84df54d9afa44460ce700707.jpg
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ac4b622288ea015d3bf9fc0105a1926faaed52459504c5cad9cb99da603bf837

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 04 Dec 2023 01:51:53 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//wl-brightside.cf.tsp.li/resize/728x/jpg/1a6/616/9a84df54d9afa44460ce700707.jpg
age: 1704467
edge-cache-tag: 449707690790375997410416504406029341559,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag: 449707690790375997410416504406029341559,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 407
expiration: expiry-date="Fri, 03 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://display.360totalsecurity.com/inapp/daily-news-premium?p=0&d=2802&m=1&lang=en&ver=11.0.0.1042&t=1372933609&e=0
content-length: 13448
x-backend-name: CH_nlb802
x-served-by: cache-iad-kiad7000053-IAD, cache-iad-kjyo7100027-IAD, cache-chi-klot8100140-CHI, cache-iad-kjyo7100037-IAD, cache-bma1640-BMA
last-modified: Tue, 03 Oct 2023 10:53:08 GMT
server: nginx
surrogate-reporting: width=360,height=180,bytes=17013,owidth=728,oheight=611,obytes=68384
x-timer: S1701654714.660949,VS0,VE0
etag: "073c4a72009aa51abb54a357ee4953b8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 4, 2

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 262ms
137ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 01:51:53 GMT
Content-Encoding: br
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 07:14:07 GMT
Server: cloudflare
ETag: W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqjgQqzQaS3MO7E0f1YTH2mAKA0r5xdhRNy4gPfWUdZqmuNLKkxIQEMLyT4iODDUpr3ByxEWZ7Ckt4O9m9roKEkKTsqA3TJEa0KULfOAiKdpGmLENUk86zEg5B9tvRrzUbhsLt5uR1mv8Tqc"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 830068294f6dbe3a-CPH

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.6.2/ Frame 67FB 120 KB
33 KB 46ms
46ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.6.2/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231130-25-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3edec9aed1309166fc55d6e17ad83845cebacb21d4894c715c659ce810dc3cf1

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Origin: https://himitsu-no-pettoakad.foroactivo.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:53 GMT
via: 1.1 ed87681648230d81cfe4a69364ab730c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: ARN54-C1
age: 476298
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 33982
x-served-by: cache-bma1624-BMA
last-modified: Tue, 28 Nov 2023 13:32:59 GMT
server: AmazonS3
x-timer: S1701654714.731175,VS0,VE0
etag: "af6449bf86ef6829cc3fc4db5acbc173"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: r_XWdeIu40uoZVi61nmpe9DPEIm8ZUHe3hreog-S-OY0neslnuRYrg==
x-cache-hits: 5907

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 375A 798 B
460 B 74ms
72ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8015557&crid=4660541&dast=V8FSACLAbMfGGwvB6KcBKY-cJgeT0U4SwAAABgYED8AEltNhPHyrJxy1aT5Vq0sEzcwplr4datbLPFyuVceVa-ISAZ52Ti3ExsbsHGY1yLhrvVWmJaLdwi22Kx3A1WztHEZgURNxkOn4OBqOh6W-wOp9nzBixoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3--UAAAAA4AHAUUcPhB9AAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAA0AB1L4GgE8ODHm6vAwqu8vi8Hr9AQDgAQIEAIAABgkAgfGVEgAQnnUnAAAAAAAAAABY_P___8cA0HMqlgFgAb3aA-DBB8ADkQLIIowAAAAAyP5Toh6ZpBNULKoAABCkWwG4AgAQwChjOLUbBgAAAEBM2aafJlcspNaYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEJu64VpgmD0wtX8AgIArPkFBABgo24AAN4EwAk5LGg6HT7XvV7odDtNn9db7ncLXqbT3-F1mOwyv-Xv8Jietr9d43f7RYegFYPB6ijEYjNYDYajwW52AAAAAO78____4ynb9NPkioXU0gMiFsPMZnItVr7lZDGxzDwL08rhcHkWg-HIOZg5tudpW6qa0h4Lq0_ETYbD52AgKrreFrvDafbcz4QtRqvJZLMczpaLyWA4Go5G-zMQi-UATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGBo5HBvLwuNWLowTt2gxmLiFM4dhLZqZXK7VaLNYWFZr0etj-thmE9tmuEWCAR57EVykE5nfcvNbXm-_6em3u1Wei1iiOVmkE9llX7EYZjaTa7HyLSeLiWXmWZhWDofLsxgMR87BzLEvjRyOjWXhcSsXxolbtBhM3MKZw7AWzUwu12q0WSwsq7Xo9TF9bLOJbTPcN3aDxWw12i0m-8ZusJitRrvFZN9hMj1Tn7PRbyv5PSZb67aWSmxOg8JlsHh_n4u0GW3cjC6ZsdvZmcTZkPZgjPj9fr_f7_f7_X5xwmtQeA4e1W4aNI3Xl-Nmt954DwZFLBGcLtKJ6GU8XcQSydMinSh3i4VxYTKsHBbTcrSYDEe7iWswmQyWo91kNVtYxBKl6SKd6CXqP3qI3XAuWa3mitFwrpgNVwkAAAAAAAAAwBJMM90EAAAAwMkghsvJZLdcAA_xf7oAAAAAAAAAAHa5_4yF2ae3VRZr7DEI81tufsvr7Tc9_Xa3ynNlAA_U5Mw284wg1mq1rAEAAAhgAwAACOCmG28CMxg5-4Ckijxwo9YL-RXEaDFY7B-ACrFWq-XzxVqtlsD___9_!&cmcv=&pix=undefined&cb=1701654713780&uv=3363&tms=1701654713780&abt=adxsub-out_vA!adxsub-out_vB!ufm&ru=https://himitsu-no-pettoakad.foroactivo.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=533b1e2c-6529-4a2b-8f5a-7e661ee9e3e7&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 47d4e9b714d5fca8932b8f8f6cda664cfe8e8475002246b78b1c6c1544109188

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Mon, 04 Dec 2023 01:51:53 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-bma1640-BMA
x-timer: S1701654714.807372,VS0,VE26

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 8461 798 B
892 B 195ms
61ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8FSACLAbMfGGwvB6KcBKY-cJgeT0U4SwAAABgYED8AEltNhPHyrJxy1aT5Vq0sEzcwplr4datbLPFyuVceVa-ISAZ52Ti3ExsbsHGY1yLhrvVWmJaLdwi22Kx3A1WztHEZgURNxkOn4OBqOh6W-wOp9nzBixoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3--UAAAAA4AHAUUcPhB9AAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAA0AB1L4GgE8ODHm6vAwqu8vi8Hr9AQDgAQIEAIAABgkAgfGVEgAQnnUnAAAAAAAAAABY_P___8cA0HMqlgFgAb3aA-DBB8ADkQLIIowAAAAAyP5Toh6ZpBNULKoAABCkWwG4AgAQwChjOLUbBgAAAEBM2aafJlcspNaYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEJu64VpgmD0wtX8AgIArPkFBABgo24AAN4EwAk5LGg6HT7XvV7odDtNn9db7ncLXqbT3-F1mOwyv-Xv8Jietr9d43f7RYegFYPB6ijEYjNYDYajwW52AAAAAO78____4ynb9NPkioXU0gMiFsPMZnItVr7lZDGxzDwL08rhcHkWg-HIOZg5tudpW6qa0h4Lq0_ETYbD52AgKrreFrvDafbcz4QtRqvJZLMczpaLyWA4Go5G-zMQi-UATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGBo5HBvLwuNWLowTt2gxmLiFM4dhLZqZXK7VaLNYWFZr0etj-thmE9tmuEWCAR57EVykE5nfcvNbXm-_6em3u1Wei1iiOVmkE9llX7EYZjaTa7HyLSeLiWXmWZhWDofLsxgMR87BzLEvjRyOjWXhcSsXxolbtBhM3MKZw7AWzUwu12q0WSwsq7Xo9TF9bLOJbTPcN3aDxWw12i0m-8ZusJitRrvFZN9hMj1Tn7PRbyv5PSZb67aWSmxOg8JlsHh_n4u0GW3cjC6ZsdvZmcTZkPZgjPj9fr_f7_f7_X5xwmtQeA4e1W4aNI3Xl-Nmt954DwZFLBGcLtKJ6GU8XcQSydMinSh3i4VxYTKsHBbTcrSYDEe7iWswmQyWo91kNVtYxBKl6SKd6CXqP3qI3XAuWa3mitFwrpgNVwkAAAAAAAAAwBJMM90EAAAAwMkghsvJZLdcAA_xf7oAAAAAAAAAAHa5_4yF2ae3VRZr7DEI81tufsvr7Tc9_Xa3ynNlAA_U5Mw284wg1mq1rAEAAAhgAwAACOCmG28CMxg5-4Ckijxwo9YL-RXEaDFY7B-ACrFWq-XzxVqtlsD___9_!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 47d4e9b714d5fca8932b8f8f6cda664cfe8e8475002246b78b1c6c1544109188

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 04 Dec 2023 01:51:53 GMT
machineid: 3408
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ Frame DAD5 2 KB
831 B 220ms
209ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=4660541&noaop=3&sortOrderType=0&cb=1701654713787&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1579&pt=1173481275&tz=60&viewable=true&ddast=V8FSACLAbMfGGwvB6KcBKY-cJgeT0U4SwAAABgYED8AEltNhPHyrJxy1aT5Vq0sEzcwplr4datbLPFyuVceVa-ISAZ52Ti3ExsbsHGY1yLhrvVWmJaLdwi22Kx3A1WztHEZgURNxkOn4OBqOh6W-wOp9nzBixoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3--UAAAAA4AHAUUcPhB9AAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAA0AB1L4GgE8ODHm6vAwqu8vi8Hr9AQDgAQIEAIAABgkAgfGVEgAQnnUnAAAAAAAAAABY_P___8cA0HMqlgFgAb3aA-DBB8ADkQLIIowAAAAAyP5Toh6ZpBNULKoAABCkWwG4AgAQwChjOLUbBgAAAEBM2aafJlcspNaYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEJu64VpgmD0wtX8AgIArPkFBABgo24AAN4EwAk5LGg6HT7XvV7odDtNn9db7ncLXqbT3-F1mOwyv-Xv8Jietr9d43f7RYegFYPB6ijEYjNYDYajwW52AAAAAO78____4ynb9NPkioXU0gMiFsPMZnItVr7lZDGxzDwL08rhcHkWg-HIOZg5tudpW6qa0h4Lq0_ETYbD52AgKrreFrvDafbcz4QtRqvJZLMczpaLyWA4Go5G-zMQi-UATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGBo5HBvLwuNWLowTt2gxmLiFM4dhLZqZXK7VaLNYWFZr0etj-thmE9tmuEWCAR57EVykE5nfcvNbXm-_6em3u1Wei1iiOVmkE9llX7EYZjaTa7HyLSeLiWXmWZhWDofLsxgMR87BzLEvjRyOjWXhcSsXxolbtBhM3MKZw7AWzUwu12q0WSwsq7Xo9TF9bLOJbTPcN3aDxWw12i0m-8ZusJitRrvFZN9hMj1Tn7PRbyv5PSZb67aWSmxOg8JlsHh_n4u0GW3cjC6ZsdvZmcTZkPZgjPj9fr_f7_f7_X5xwmtQeA4e1W4aNI3Xl-Nmt954DwZFLBGcLtKJ6GU8XcQSydMinSh3i4VxYTKsHBbTcrSYDEe7iWswmQyWo91kNVtYxBKl6SKd6CXqP3qI3XAuWa3mitFwrpgNVwkAAAAAAAAAwBJMM90EAAAAwMkghsvJZLdcAA_xf7oAAAAAAAAAAHa5_4yF2ae3VRZr7DEI81tufsvr7Tc9_Xa3ynNlAA_U5Mw284wg1mq1rAEAAAhgAwAACOCmG28CMxg5-4Ckijxwo9YL-RXEaDFY7B-ACrFWq-XzxVqtlsD___9_!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1089141&dpubid=189227&abtst=adxsub-out_vA!adxsub-out_vB!ufm&mPre=0.033&cirf=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 10b728127d3f2ce807058ae9b369c83620bb06d0b5417d859e2767d54041b68f

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Mon, 04 Dec 2023 01:51:53 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1479
x-cache: MISS
x-served-by: cache-bma1640-BMA
pragma: no-cache
server: nginx
x-timer: S1701654714.819934,VS0,VE163
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 375A 70 B
148 B 251ms
85ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8015557&crid=4660541&dast=V8FSACLAbMfGGwvB6KcBKY-cJgeT0U4SwAAABgYED8AEltNhPHyrJxy1aT5Vq0sEzcwplr4datbLPFyuVceVa-ISAZ52Ti3ExsbsHGY1yLhrvVWmJaLdwi22Kx3A1WztHEZgURNxkOn4OBqOh6W-wOp9nzBixoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3--UAAAAA4AHAUUcPhB9AAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAA0AB1L4GgE8ODHm6vAwqu8vi8Hr9AQDgAQIEAIAABgkAgfGVEgAQnnUnAAAAAAAAAABY_P___8cA0HMqlgFgAb3aA-DBB8ADkQLIIowAAAAAyP5Toh6ZpBNULKoAABCkWwG4AgAQwChjOLUbBgAAAEBM2aafJlcspNaYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEJu64VpgmD0wtX8AgIArPkFBABgo24AAN4EwAk5LGg6HT7XvV7odDtNn9db7ncLXqbT3-F1mOwyv-Xv8Jietr9d43f7RYegFYPB6ijEYjNYDYajwW52AAAAAO78____4ynb9NPkioXU0gMiFsPMZnItVr7lZDGxzDwL08rhcHkWg-HIOZg5tudpW6qa0h4Lq0_ETYbD52AgKrreFrvDafbcz4QtRqvJZLMczpaLyWA4Go5G-zMQi-UATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGBo5HBvLwuNWLowTt2gxmLiFM4dhLZqZXK7VaLNYWFZr0etj-thmE9tmuEWCAR57EVykE5nfcvNbXm-_6em3u1Wei1iiOVmkE9llX7EYZjaTa7HyLSeLiWXmWZhWDofLsxgMR87BzLEvjRyOjWXhcSsXxolbtBhM3MKZw7AWzUwu12q0WSwsq7Xo9TF9bLOJbTPcN3aDxWw12i0m-8ZusJitRrvFZN9hMj1Tn7PRbyv5PSZb67aWSmxOg8JlsHh_n4u0GW3cjC6ZsdvZmcTZkPZgjPj9fr_f7_f7_X5xwmtQeA4e1W4aNI3Xl-Nmt954DwZFLBGcLtKJ6GU8XcQSydMinSh3i4VxYTKsHBbTcrSYDEe7iWswmQyWo91kNVtYxBKl6SKd6CXqP3qI3XAuWa3mitFwrpgNVwkAAAAAAAAAwBJMM90EAAAAwMkghsvJZLdcAA_xf7oAAAAAAAAAAHa5_4yF2ae3VRZr7DEI81tufsvr7Tc9_Xa3ynNlAA_U5Mw284wg1mq1rAEAAAhgAwAACOCmG28CMxg5-4Ckijxwo9YL-RXEaDFY7B-ACrFWq-XzxVqtlsD___9_!&cmcv=&pix=undefined&cb=1701654713780&uv=3363&tms=1701654713780&abt=adxsub-out_vA!adxsub-out_vB!ufm&ru=https://himitsu-no-pettoakad.foroactivo.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=533b1e2c-6529-4a2b-8f5a-7e661ee9e3e7&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 4da1c2ac-9a8b-410b-8fa0-4fde55431a25-tuctc66b638
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 375A 43 B
426 B 236ms
79ms Image
image/gif 2a05:d018:d29:3602:c677:cda8:fdd8:5f9a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/4da1c2ac-9a8b-410b-8fa0-4fde55431a25-tuctc66b638?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8015557&crid=4660541&dast=V8FSACLAbMfGGwvB6KcBKY-cJgeT0U4SwAAABgYED8AEltNhPHyrJxy1aT5Vq0sEzcwplr4datbLPFyuVceVa-ISAZ52Ti3ExsbsHGY1yLhrvVWmJaLdwi22Kx3A1WztHEZgURNxkOn4OBqOh6W-wOp9nzBixoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3--UAAAAA4AHAUUcPhB9AAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAA0AB1L4GgE8ODHm6vAwqu8vi8Hr9AQDgAQIEAIAABgkAgfGVEgAQnnUnAAAAAAAAAABY_P___8cA0HMqlgFgAb3aA-DBB8ADkQLIIowAAAAAyP5Toh6ZpBNULKoAABCkWwG4AgAQwChjOLUbBgAAAEBM2aafJlcspNaYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEJu64VpgmD0wtX8AgIArPkFBABgo24AAN4EwAk5LGg6HT7XvV7odDtNn9db7ncLXqbT3-F1mOwyv-Xv8Jietr9d43f7RYegFYPB6ijEYjNYDYajwW52AAAAAO78____4ynb9NPkioXU0gMiFsPMZnItVr7lZDGxzDwL08rhcHkWg-HIOZg5tudpW6qa0h4Lq0_ETYbD52AgKrreFrvDafbcz4QtRqvJZLMczpaLyWA4Go5G-zMQi-UATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGBo5HBvLwuNWLowTt2gxmLiFM4dhLZqZXK7VaLNYWFZr0etj-thmE9tmuEWCAR57EVykE5nfcvNbXm-_6em3u1Wei1iiOVmkE9llX7EYZjaTa7HyLSeLiWXmWZhWDofLsxgMR87BzLEvjRyOjWXhcSsXxolbtBhM3MKZw7AWzUwu12q0WSwsq7Xo9TF9bLOJbTPcN3aDxWw12i0m-8ZusJitRrvFZN9hMj1Tn7PRbyv5PSZb67aWSmxOg8JlsHh_n4u0GW3cjC6ZsdvZmcTZkPZgjPj9fr_f7_f7_X5xwmtQeA4e1W4aNI3Xl-Nmt954DwZFLBGcLtKJ6GU8XcQSydMinSh3i4VxYTKsHBbTcrSYDEe7iWswmQyWo91kNVtYxBKl6SKd6CXqP3qI3XAuWa3mitFwrpgNVwkAAAAAAAAAwBJMM90EAAAAwMkghsvJZLdcAA_xf7oAAAAAAAAAAHa5_4yF2ae3VRZr7DEI81tufsvr7Tc9_Xa3ynNlAA_U5Mw284wg1mq1rAEAAAhgAwAACOCmG28CMxg5-4Ckijxwo9YL-RXEaDFY7B-ACrFWq-XzxVqtlsD___9_!&cmcv=&pix=undefined&cb=1701654713780&uv=3363&tms=1701654713780&abt=adxsub-out_vA!adxsub-out_vB!ufm&ru=https://himitsu-no-pettoakad.foroactivo.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=533b1e2c-6529-4a2b-8f5a-7e661ee9e3e7&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:c677:cda8:fdd8:5f9a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 375A 0
15 B 232ms
68ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 sync
x.bidswitch.net/ Frame 375A 43 B
145 B 63ms
62ms Image
image/gif 35.156.210.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8015557&crid=4660541&dast=V8FSACLAbMfGGwvB6KcBKY-cJgeT0U4SwAAABgYED8AEltNhPHyrJxy1aT5Vq0sEzcwplr4datbLPFyuVceVa-ISAZ52Ti3ExsbsHGY1yLhrvVWmJaLdwi22Kx3A1WztHEZgURNxkOn4OBqOh6W-wOp9nzBixoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3--UAAAAA4AHAUUcPhB9AAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAA0AB1L4GgE8ODHm6vAwqu8vi8Hr9AQDgAQIEAIAABgkAgfGVEgAQnnUnAAAAAAAAAABY_P___8cA0HMqlgFgAb3aA-DBB8ADkQLIIowAAAAAyP5Toh6ZpBNULKoAABCkWwG4AgAQwChjOLUbBgAAAEBM2aafJlcspNaYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEJu64VpgmD0wtX8AgIArPkFBABgo24AAN4EwAk5LGg6HT7XvV7odDtNn9db7ncLXqbT3-F1mOwyv-Xv8Jietr9d43f7RYegFYPB6ijEYjNYDYajwW52AAAAAO78____4ynb9NPkioXU0gMiFsPMZnItVr7lZDGxzDwL08rhcHkWg-HIOZg5tudpW6qa0h4Lq0_ETYbD52AgKrreFrvDafbcz4QtRqvJZLMczpaLyWA4Go5G-zMQi-UATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGBo5HBvLwuNWLowTt2gxmLiFM4dhLZqZXK7VaLNYWFZr0etj-thmE9tmuEWCAR57EVykE5nfcvNbXm-_6em3u1Wei1iiOVmkE9llX7EYZjaTa7HyLSeLiWXmWZhWDofLsxgMR87BzLEvjRyOjWXhcSsXxolbtBhM3MKZw7AWzUwu12q0WSwsq7Xo9TF9bLOJbTPcN3aDxWw12i0m-8ZusJitRrvFZN9hMj1Tn7PRbyv5PSZb67aWSmxOg8JlsHh_n4u0GW3cjC6ZsdvZmcTZkPZgjPj9fr_f7_f7_X5xwmtQeA4e1W4aNI3Xl-Nmt954DwZFLBGcLtKJ6GU8XcQSydMinSh3i4VxYTKsHBbTcrSYDEe7iWswmQyWo91kNVtYxBKl6SKd6CXqP3qI3XAuWa3mitFwrpgNVwkAAAAAAAAAwBJMM90EAAAAwMkghsvJZLdcAA_xf7oAAAAAAAAAAHa5_4yF2ae3VRZr7DEI81tufsvr7Tc9_Xa3ynNlAA_U5Mw284wg1mq1rAEAAAhgAwAACOCmG28CMxg5-4Ckijxwo9YL-RXEaDFY7B-ACrFWq-XzxVqtlsD___9_!&cmcv=&pix=undefined&cb=1701654713780&uv=3363&tms=1701654713780&abt=adxsub-out_vA!adxsub-out_vB!ufm&ru=https://himitsu-no-pettoakad.foroactivo.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=533b1e2c-6529-4a2b-8f5a-7e661ee9e3e7&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.210.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-210-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame E53C 281 B
555 B 225ms
64ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8015557&crid=4660541&dast=V8FSACLAbMfGGwvB6KcBKY-cJgeT0U4SwAAABgYED8AEltNhPHyrJxy1aT5Vq0sEzcwplr4datbLPFyuVceVa-ISAZ52Ti3ExsbsHGY1yLhrvVWmJaLdwi22Kx3A1WztHEZgURNxkOn4OBqOh6W-wOp9nzBixoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3--UAAAAA4AHAUUcPhB9AAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAA0AB1L4GgE8ODHm6vAwqu8vi8Hr9AQDgAQIEAIAABgkAgfGVEgAQnnUnAAAAAAAAAABY_P___8cA0HMqlgFgAb3aA-DBB8ADkQLIIowAAAAAyP5Toh6ZpBNULKoAABCkWwG4AgAQwChjOLUbBgAAAEBM2aafJlcspNaYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEJu64VpgmD0wtX8AgIArPkFBABgo24AAN4EwAk5LGg6HT7XvV7odDtNn9db7ncLXqbT3-F1mOwyv-Xv8Jietr9d43f7RYegFYPB6ijEYjNYDYajwW52AAAAAO78____4ynb9NPkioXU0gMiFsPMZnItVr7lZDGxzDwL08rhcHkWg-HIOZg5tudpW6qa0h4Lq0_ETYbD52AgKrreFrvDafbcz4QtRqvJZLMczpaLyWA4Go5G-zMQi-UATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGBo5HBvLwuNWLowTt2gxmLiFM4dhLZqZXK7VaLNYWFZr0etj-thmE9tmuEWCAR57EVykE5nfcvNbXm-_6em3u1Wei1iiOVmkE9llX7EYZjaTa7HyLSeLiWXmWZhWDofLsxgMR87BzLEvjRyOjWXhcSsXxolbtBhM3MKZw7AWzUwu12q0WSwsq7Xo9TF9bLOJbTPcN3aDxWw12i0m-8ZusJitRrvFZN9hMj1Tn7PRbyv5PSZb67aWSmxOg8JlsHh_n4u0GW3cjC6ZsdvZmcTZkPZgjPj9fr_f7_f7_X5xwmtQeA4e1W4aNI3Xl-Nmt954DwZFLBGcLtKJ6GU8XcQSydMinSh3i4VxYTKsHBbTcrSYDEe7iWswmQyWo91kNVtYxBKl6SKd6CXqP3qI3XAuWa3mitFwrpgNVwkAAAAAAAAAwBJMM90EAAAAwMkghsvJZLdcAA_xf7oAAAAAAAAAAHa5_4yF2ae3VRZr7DEI81tufsvr7Tc9_Xa3ynNlAA_U5Mw284wg1mq1rAEAAAhgAwAACOCmG28CMxg5-4Ckijxwo9YL-RXEaDFY7B-ACrFWq-XzxVqtlsD___9_!&cmcv=&pix=undefined&cb=1701654713780&uv=3363&tms=1701654713780&abt=adxsub-out_vA!adxsub-out_vB!ufm&ru=https://himitsu-no-pettoakad.foroactivo.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=533b1e2c-6529-4a2b-8f5a-7e661ee9e3e7&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Dec 2023 01:51:54 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 st Show response
imprammp.taboola.com/ Frame DC4E 422 B
377 B 90ms
90ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8xb4CLAaE5XTldv-EfxMIy-nK7f4J_y4AAABgYED8AMmtFi6Px2RxCye2kVs0W-7WytFmsRauRibfzLjxeFw2IyC51cLl8ZgsbuHENnKLZsvdWjnaLNbC1cjkmxk3Ho_LZgUUMxgML6vBQFR0vS12h9PseevWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8MmBIU-Xl0Fld1kcXq8_AAAAAIAAAAAAIAEgML5SAgDCs-7E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAkDPkrxsLfTHnMYNIgV4RRgAAAABk_ylRj0zSCSoWVf7___utAFwBAAhglDGU-syiOyjxFgYAAABATNmmnyZXLKTWmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCbuuFaYJg9MLV_AICAKz5BQQAYKNuAADeBMAJOSxoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3-0WHoBWDweooxGIzWA2Go8FudgAAAADu_P___-Mp2_TT5IqF1NIDIpbdZjcaDhcz02wxcyyHk-VgNBgOVs7VcDRazryHPKBTNZYfvaUPxQwGw8tqMBAVXW-L3eE0e966-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYrEcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGPO0Wi4mSzWypVp4xaNLCu3xGUyuTWzicU22LgszuFyLXp9TB_bbGLbDLdIMMBjL5KnRTrROHejwWA4Wdk2zt1iOZmZTC7PcDayGVcTw8gym4glmpNFOpFd9hXLbrMbDYeLmWm2mDmWw8lyMBoMByvnajgaLWf-mnM0Gm4mi7VyZdq4RSPLyi1xmUxuzWxisQ02LotzuFyLXh_Txzab2DbDfWM3WMxWo91ism_sBovZarRbTPYdJtMz9Tkb_baS32OytW5rqcTmNChcBov397lIm9HGzeiSGbudnUmcDWkPxojf7_f7_X6_3-8XJ7wGhefgUe2mQdN4fTluduuN92BQxBLBRTqR-S03v-X19puefrtb5bmIJUrTRTrRS8QSwekinYhextNF_UcPsRvOJavVXDEazhWz4SoBAAAAAAAAAFiCaaabAAAAADgZxHA5mezW6SAGw-VitFgugIf4P10AAAAAAAAAALvcf8bC7NPbKos19hiE-S03v-X19puefrtb5bkygAdqcmabfUYQa7Va1gAAAASwAQAABHDTjTeBGUzc_____zgAAAAycugBAACI7wOSKvLAjVov5FcQm8Vqtn8AKsRarVa3G2u1WgENZLeYbXYT-P___w8!&cmcv=&pix=undefined&cb=1701654713903&uv=3363&tms=1701654713903&abt=adxsub-out_vA!adxsub-out_vB!ufm&ru=https://himitsu-no-pettoakad.foroactivo.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=75aeccdb-8b6d-4697-9431-85dd7f8cccef&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a36f000b96c1e6f4ebcc97ac228ab05592f04b1e91cf51f24d761ce9f672d989

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Mon, 04 Dec 2023 01:51:53 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-bma1640-BMA
x-timer: S1701654714.927159,VS0,VE44

GET
H2 200 sync Show response
am-match.taboola.com/ Frame FBD7 439 B
534 B 73ms
60ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8xb4CLAaE5XTldv-EfxMIy-nK7f4J_y4AAABgYED8AMmtFi6Px2RxCye2kVs0W-7WytFmsRauRibfzLjxeFw2IyC51cLl8ZgsbuHENnKLZsvdWjnaLNbC1cjkmxk3Ho_LZgUUMxgML6vBQFR0vS12h9PseevWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8MmBIU-Xl0Fld1kcXq8_AAAAAIAAAAAAIAEgML5SAgDCs-7E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAkDPkrxsLfTHnMYNIgV4RRgAAAABk_ylRj0zSCSoWVf7___utAFwBAAhglDGU-syiOyjxFgYAAABATNmmnyZXLKTWmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCbuuFaYJg9MLV_AICAKz5BQQAYKNuAADeBMAJOSxoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3-0WHoBWDweooxGIzWA2Go8FudgAAAADu_P___-Mp2_TT5IqF1NIDIpbdZjcaDhcz02wxcyyHk-VgNBgOVs7VcDRazryHPKBTNZYfvaUPxQwGw8tqMBAVXW-L3eE0e966-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYrEcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGPO0Wi4mSzWypVp4xaNLCu3xGUyuTWzicU22LgszuFyLXp9TB_bbGLbDLdIMMBjL5KnRTrROHejwWA4Wdk2zt1iOZmZTC7PcDayGVcTw8gym4glmpNFOpFd9hXLbrMbDYeLmWm2mDmWw8lyMBoMByvnajgaLWf-mnM0Gm4mi7VyZdq4RSPLyi1xmUxuzWxisQ02LotzuFyLXh_Txzab2DbDfWM3WMxWo91ism_sBovZarRbTPYdJtMz9Tkb_baS32OytW5rqcTmNChcBov397lIm9HGzeiSGbudnUmcDWkPxojf7_f7_X6_3-8XJ7wGhefgUe2mQdN4fTluduuN92BQxBLBRTqR-S03v-X19puefrtb5bmIJUrTRTrRS8QSwekinYhextNF_UcPsRvOJavVXDEazhWz4SoBAAAAAAAAAFiCaaabAAAAADgZxHA5mezW6SAGw-VitFgugIf4P10AAAAAAAAAALvcf8bC7NPbKos19hiE-S03v-X19puefrtb5bkygAdqcmabfUYQa7Va1gAAAASwAQAABHDTjTeBGUzc_____zgAAAAycugBAACI7wOSKvLAjVov5FcQm8Vqtn8AKsRarVa3G2u1WgENZLeYbXYT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: b33240f34b8b2f99b1d11c1a02ccd753283ae6f5ffd5fc35d79cb603b4ae6533

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 04 Dec 2023 01:51:53 GMT
machineid: 3401
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ Frame 6853 2 KB
696 B 151ms
151ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=300&height=168&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1701654713907&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1579&pt=1173481275&tz=60&viewable=true&ddast=V8xb4CLAaE5XTldv-EfxMIy-nK7f4J_y4AAABgYED8AMmtFi6Px2RxCye2kVs0W-7WytFmsRauRibfzLjxeFw2IyC51cLl8ZgsbuHENnKLZsvdWjnaLNbC1cjkmxk3Ho_LZgUUMxgML6vBQFR0vS12h9PseevWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8MmBIU-Xl0Fld1kcXq8_AAAAAIAAAAAAIAEgML5SAgDCs-7E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAkDPkrxsLfTHnMYNIgV4RRgAAAABk_ylRj0zSCSoWVf7___utAFwBAAhglDGU-syiOyjxFgYAAABATNmmnyZXLKTWmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCbuuFaYJg9MLV_AICAKz5BQQAYKNuAADeBMAJOSxoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3-0WHoBWDweooxGIzWA2Go8FudgAAAADu_P___-Mp2_TT5IqF1NIDIpbdZjcaDhcz02wxcyyHk-VgNBgOVs7VcDRazryHPKBTNZYfvaUPxQwGw8tqMBAVXW-L3eE0e966-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYrEcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGPO0Wi4mSzWypVp4xaNLCu3xGUyuTWzicU22LgszuFyLXp9TB_bbGLbDLdIMMBjL5KnRTrROHejwWA4Wdk2zt1iOZmZTC7PcDayGVcTw8gym4glmpNFOpFd9hXLbrMbDYeLmWm2mDmWw8lyMBoMByvnajgaLWf-mnM0Gm4mi7VyZdq4RSPLyi1xmUxuzWxisQ02LotzuFyLXh_Txzab2DbDfWM3WMxWo91ism_sBovZarRbTPYdJtMz9Tkb_baS32OytW5rqcTmNChcBov397lIm9HGzeiSGbudnUmcDWkPxojf7_f7_X6_3-8XJ7wGhefgUe2mQdN4fTluduuN92BQxBLBRTqR-S03v-X19puefrtb5bmIJUrTRTrRS8QSwekinYhextNF_UcPsRvOJavVXDEazhWz4SoBAAAAAAAAAFiCaaabAAAAADgZxHA5mezW6SAGw-VitFgugIf4P10AAAAAAAAAALvcf8bC7NPbKos19hiE-S03v-X19puefrtb5bkygAdqcmabfUYQa7Va1gAAAASwAQAABHDTjTeBGUzc_____zgAAAAycugBAACI7wOSKvLAjVov5FcQm8Vqtn8AKsRarVa3G2u1WgENZLeYbXYT-P___w8!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1089141&dpubid=189227&abtst=adxsub-out_vA!adxsub-out_vB!ufm&mPre=0.033&cirf=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 10b728127d3f2ce807058ae9b369c83620bb06d0b5417d859e2767d54041b68f

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Mon, 04 Dec 2023 01:51:54 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1485
x-cache: MISS
x-served-by: cache-bma1640-BMA
pragma: no-cache
server: nginx
x-timer: S1701654714.928569,VS0,VE105
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/78b3ea51cc8565e00d211ca416a2e738.jpg
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5d958f566093a56c1680b55ba34ca531dd0902f0588b65f6068b7738c453c20f

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 04 Dec 2023 01:51:53 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/78b3ea51cc8565e00d211ca416a2e738.jpg
age: 1544671
edge-cache-tag: 568689136968234431268712808286753629000,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag: 568689136968234431268712808286753629000,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, HIT, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time: 93
req-referer: https://himitsu-no-pettoakad.foroactivo.com/
content-length: 13710
x-request-id: 25bbbfa9aa87bbf6e3ea581015b489c2
x-backend-name: CH_nlb801
x-served-by: cache-iad-kiad7000102-IAD, cache-iad-kiad7000049-IAD, cache-lga21978-LGA, cache-iad-kcgs7200103-IAD, cache-bma1640-BMA
last-modified: Mon, 30 Oct 2023 20:10:45 GMT
server: nginx
surrogate-reporting: width=360,height=180,bytes=22922,owidth=1000,oheight=673,obytes=72785
x-timer: S1701654714.929244,VS0,VE0
etag: "abfeffc7399cd676967eff9354ebc110"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2, 0, 0, 1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame FBD7 70 B
148 B 130ms
87ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8xb4CLAaE5XTldv-EfxMIy-nK7f4J_y4AAABgYED8AMmtFi6Px2RxCye2kVs0W-7WytFmsRauRibfzLjxeFw2IyC51cLl8ZgsbuHENnKLZsvdWjnaLNbC1cjkmxk3Ho_LZgUUMxgML6vBQFR0vS12h9PseevWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8MmBIU-Xl0Fld1kcXq8_AAAAAIAAAAAAIAEgML5SAgDCs-7E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAkDPkrxsLfTHnMYNIgV4RRgAAAABk_ylRj0zSCSoWVf7___utAFwBAAhglDGU-syiOyjxFgYAAABATNmmnyZXLKTWmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCbuuFaYJg9MLV_AICAKz5BQQAYKNuAADeBMAJOSxoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3-0WHoBWDweooxGIzWA2Go8FudgAAAADu_P___-Mp2_TT5IqF1NIDIpbdZjcaDhcz02wxcyyHk-VgNBgOVs7VcDRazryHPKBTNZYfvaUPxQwGw8tqMBAVXW-L3eE0e966-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYrEcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGPO0Wi4mSzWypVp4xaNLCu3xGUyuTWzicU22LgszuFyLXp9TB_bbGLbDLdIMMBjL5KnRTrROHejwWA4Wdk2zt1iOZmZTC7PcDayGVcTw8gym4glmpNFOpFd9hXLbrMbDYeLmWm2mDmWw8lyMBoMByvnajgaLWf-mnM0Gm4mi7VyZdq4RSPLyi1xmUxuzWxisQ02LotzuFyLXh_Txzab2DbDfWM3WMxWo91ism_sBovZarRbTPYdJtMz9Tkb_baS32OytW5rqcTmNChcBov397lIm9HGzeiSGbudnUmcDWkPxojf7_f7_X6_3-8XJ7wGhefgUe2mQdN4fTluduuN92BQxBLBRTqR-S03v-X19puefrtb5bmIJUrTRTrRS8QSwekinYhextNF_UcPsRvOJavVXDEazhWz4SoBAAAAAAAAAFiCaaabAAAAADgZxHA5mezW6SAGw-VitFgugIf4P10AAAAAAAAAALvcf8bC7NPbKos19hiE-S03v-X19puefrtb5bkygAdqcmabfUYQa7Va1gAAAASwAQAABHDTjTeBGUzc_____zgAAAAycugBAACI7wOSKvLAjVov5FcQm8Vqtn8AKsRarVa3G2u1WgENZLeYbXYT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 f9448321-9e4c-4d2e-bedd-36bb60ceb989-tuctc66b638
pr-bh.ybp.yahoo.com/sync/taboola/ Frame FBD7 43 B
425 B 114ms
80ms Image
image/gif 2a05:d018:d29:3602:c677:cda8:fdd8:5f9a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/f9448321-9e4c-4d2e-bedd-36bb60ceb989-tuctc66b638?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8xb4CLAaE5XTldv-EfxMIy-nK7f4J_y4AAABgYED8AMmtFi6Px2RxCye2kVs0W-7WytFmsRauRibfzLjxeFw2IyC51cLl8ZgsbuHENnKLZsvdWjnaLNbC1cjkmxk3Ho_LZgUUMxgML6vBQFR0vS12h9PseevWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8MmBIU-Xl0Fld1kcXq8_AAAAAIAAAAAAIAEgML5SAgDCs-7E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAkDPkrxsLfTHnMYNIgV4RRgAAAABk_ylRj0zSCSoWVf7___utAFwBAAhglDGU-syiOyjxFgYAAABATNmmnyZXLKTWmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCbuuFaYJg9MLV_AICAKz5BQQAYKNuAADeBMAJOSxoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3-0WHoBWDweooxGIzWA2Go8FudgAAAADu_P___-Mp2_TT5IqF1NIDIpbdZjcaDhcz02wxcyyHk-VgNBgOVs7VcDRazryHPKBTNZYfvaUPxQwGw8tqMBAVXW-L3eE0e966-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYrEcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGPO0Wi4mSzWypVp4xaNLCu3xGUyuTWzicU22LgszuFyLXp9TB_bbGLbDLdIMMBjL5KnRTrROHejwWA4Wdk2zt1iOZmZTC7PcDayGVcTw8gym4glmpNFOpFd9hXLbrMbDYeLmWm2mDmWw8lyMBoMByvnajgaLWf-mnM0Gm4mi7VyZdq4RSPLyi1xmUxuzWxisQ02LotzuFyLXh_Txzab2DbDfWM3WMxWo91ism_sBovZarRbTPYdJtMz9Tkb_baS32OytW5rqcTmNChcBov397lIm9HGzeiSGbudnUmcDWkPxojf7_f7_X6_3-8XJ7wGhefgUe2mQdN4fTluduuN92BQxBLBRTqR-S03v-X19puefrtb5bmIJUrTRTrRS8QSwekinYhextNF_UcPsRvOJavVXDEazhWz4SoBAAAAAAAAAFiCaaabAAAAADgZxHA5mezW6SAGw-VitFgugIf4P10AAAAAAAAAALvcf8bC7NPbKos19hiE-S03v-X19puefrtb5bkygAdqcmabfUYQa7Va1gAAAASwAQAABHDTjTeBGUzc_____zgAAAAycugBAACI7wOSKvLAjVov5FcQm8Vqtn8AKsRarVa3G2u1WgENZLeYbXYT-P___w8!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:c677:cda8:fdd8:5f9a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame FBD7 0
125 B 105ms
65ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 8461 70 B
149 B 124ms
83ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8FSACLAbMfGGwvB6KcBKY-cJgeT0U4SwAAABgYED8AEltNhPHyrJxy1aT5Vq0sEzcwplr4datbLPFyuVceVa-ISAZ52Ti3ExsbsHGY1yLhrvVWmJaLdwi22Kx3A1WztHEZgURNxkOn4OBqOh6W-wOp9nzBixoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3--UAAAAA4AHAUUcPhB9AAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAA0AB1L4GgE8ODHm6vAwqu8vi8Hr9AQDgAQIEAIAABgkAgfGVEgAQnnUnAAAAAAAAAABY_P___8cA0HMqlgFgAb3aA-DBB8ADkQLIIowAAAAAyP5Toh6ZpBNULKoAABCkWwG4AgAQwChjOLUbBgAAAEBM2aafJlcspNaYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEJu64VpgmD0wtX8AgIArPkFBABgo24AAN4EwAk5LGg6HT7XvV7odDtNn9db7ncLXqbT3-F1mOwyv-Xv8Jietr9d43f7RYegFYPB6ijEYjNYDYajwW52AAAAAO78____4ynb9NPkioXU0gMiFsPMZnItVr7lZDGxzDwL08rhcHkWg-HIOZg5tudpW6qa0h4Lq0_ETYbD52AgKrreFrvDafbcz4QtRqvJZLMczpaLyWA4Go5G-zMQi-UATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGBo5HBvLwuNWLowTt2gxmLiFM4dhLZqZXK7VaLNYWFZr0etj-thmE9tmuEWCAR57EVykE5nfcvNbXm-_6em3u1Wei1iiOVmkE9llX7EYZjaTa7HyLSeLiWXmWZhWDofLsxgMR87BzLEvjRyOjWXhcSsXxolbtBhM3MKZw7AWzUwu12q0WSwsq7Xo9TF9bLOJbTPcN3aDxWw12i0m-8ZusJitRrvFZN9hMj1Tn7PRbyv5PSZb67aWSmxOg8JlsHh_n4u0GW3cjC6ZsdvZmcTZkPZgjPj9fr_f7_f7_X5xwmtQeA4e1W4aNI3Xl-Nmt954DwZFLBGcLtKJ6GU8XcQSydMinSh3i4VxYTKsHBbTcrSYDEe7iWswmQyWo91kNVtYxBKl6SKd6CXqP3qI3XAuWa3mitFwrpgNVwkAAAAAAAAAwBJMM90EAAAAwMkghsvJZLdcAA_xf7oAAAAAAAAAAHa5_4yF2ae3VRZr7DEI81tufsvr7Tc9_Xa3ynNlAA_U5Mw284wg1mq1rAEAAAhgAwAACOCmG28CMxg5-4Ckijxwo9YL-RXEaDFY7B-ACrFWq-XzxVqtlsD___9_!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 4da1c2ac-9a8b-410b-8fa0-4fde55431a25-tuctc66b638
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 8461 43 B
425 B 115ms
83ms Image
image/gif 2a05:d018:d29:3602:c677:cda8:fdd8:5f9a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/4da1c2ac-9a8b-410b-8fa0-4fde55431a25-tuctc66b638?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8FSACLAbMfGGwvB6KcBKY-cJgeT0U4SwAAABgYED8AEltNhPHyrJxy1aT5Vq0sEzcwplr4datbLPFyuVceVa-ISAZ52Ti3ExsbsHGY1yLhrvVWmJaLdwi22Kx3A1WztHEZgURNxkOn4OBqOh6W-wOp9nzBixoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3--UAAAAA4AHAUUcPhB9AAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAA0AB1L4GgE8ODHm6vAwqu8vi8Hr9AQDgAQIEAIAABgkAgfGVEgAQnnUnAAAAAAAAAABY_P___8cA0HMqlgFgAb3aA-DBB8ADkQLIIowAAAAAyP5Toh6ZpBNULKoAABCkWwG4AgAQwChjOLUbBgAAAEBM2aafJlcspNaYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEJu64VpgmD0wtX8AgIArPkFBABgo24AAN4EwAk5LGg6HT7XvV7odDtNn9db7ncLXqbT3-F1mOwyv-Xv8Jietr9d43f7RYegFYPB6ijEYjNYDYajwW52AAAAAO78____4ynb9NPkioXU0gMiFsPMZnItVr7lZDGxzDwL08rhcHkWg-HIOZg5tudpW6qa0h4Lq0_ETYbD52AgKrreFrvDafbcz4QtRqvJZLMczpaLyWA4Go5G-zMQi-UATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGBo5HBvLwuNWLowTt2gxmLiFM4dhLZqZXK7VaLNYWFZr0etj-thmE9tmuEWCAR57EVykE5nfcvNbXm-_6em3u1Wei1iiOVmkE9llX7EYZjaTa7HyLSeLiWXmWZhWDofLsxgMR87BzLEvjRyOjWXhcSsXxolbtBhM3MKZw7AWzUwu12q0WSwsq7Xo9TF9bLOJbTPcN3aDxWw12i0m-8ZusJitRrvFZN9hMj1Tn7PRbyv5PSZb67aWSmxOg8JlsHh_n4u0GW3cjC6ZsdvZmcTZkPZgjPj9fr_f7_f7_X5xwmtQeA4e1W4aNI3Xl-Nmt954DwZFLBGcLtKJ6GU8XcQSydMinSh3i4VxYTKsHBbTcrSYDEe7iWswmQyWo91kNVtYxBKl6SKd6CXqP3qI3XAuWa3mitFwrpgNVwkAAAAAAAAAwBJMM90EAAAAwMkghsvJZLdcAA_xf7oAAAAAAAAAAHa5_4yF2ae3VRZr7DEI81tufsvr7Tc9_Xa3ynNlAA_U5Mw284wg1mq1rAEAAAhgAwAACOCmG28CMxg5-4Ckijxwo9YL-RXEaDFY7B-ACrFWq-XzxVqtlsD___9_!&excid=22&docw=0&cijs=1&nlb=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:c677:cda8:fdd8:5f9a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 8461 0
15 B 106ms
66ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 sync
x.bidswitch.net/ Frame 8461 43 B
145 B 63ms
63ms Image
image/gif 35.156.210.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8FSACLAbMfGGwvB6KcBKY-cJgeT0U4SwAAABgYED8AEltNhPHyrJxy1aT5Vq0sEzcwplr4datbLPFyuVceVa-ISAZ52Ti3ExsbsHGY1yLhrvVWmJaLdwi22Kx3A1WztHEZgURNxkOn4OBqOh6W-wOp9nzBixoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3--UAAAAA4AHAUUcPhB9AAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAA0AB1L4GgE8ODHm6vAwqu8vi8Hr9AQDgAQIEAIAABgkAgfGVEgAQnnUnAAAAAAAAAABY_P___8cA0HMqlgFgAb3aA-DBB8ADkQLIIowAAAAAyP5Toh6ZpBNULKoAABCkWwG4AgAQwChjOLUbBgAAAEBM2aafJlcspNaYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEJu64VpgmD0wtX8AgIArPkFBABgo24AAN4EwAk5LGg6HT7XvV7odDtNn9db7ncLXqbT3-F1mOwyv-Xv8Jietr9d43f7RYegFYPB6ijEYjNYDYajwW52AAAAAO78____4ynb9NPkioXU0gMiFsPMZnItVr7lZDGxzDwL08rhcHkWg-HIOZg5tudpW6qa0h4Lq0_ETYbD52AgKrreFrvDafbcz4QtRqvJZLMczpaLyWA4Go5G-zMQi-UATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGBo5HBvLwuNWLowTt2gxmLiFM4dhLZqZXK7VaLNYWFZr0etj-thmE9tmuEWCAR57EVykE5nfcvNbXm-_6em3u1Wei1iiOVmkE9llX7EYZjaTa7HyLSeLiWXmWZhWDofLsxgMR87BzLEvjRyOjWXhcSsXxolbtBhM3MKZw7AWzUwu12q0WSwsq7Xo9TF9bLOJbTPcN3aDxWw12i0m-8ZusJitRrvFZN9hMj1Tn7PRbyv5PSZb67aWSmxOg8JlsHh_n4u0GW3cjC6ZsdvZmcTZkPZgjPj9fr_f7_f7_X5xwmtQeA4e1W4aNI3Xl-Nmt954DwZFLBGcLtKJ6GU8XcQSydMinSh3i4VxYTKsHBbTcrSYDEe7iWswmQyWo91kNVtYxBKl6SKd6CXqP3qI3XAuWa3mitFwrpgNVwkAAAAAAAAAwBJMM90EAAAAwMkghsvJZLdcAA_xf7oAAAAAAAAAAHa5_4yF2ae3VRZr7DEI81tufsvr7Tc9_Xa3ynNlAA_U5Mw284wg1mq1rAEAAAhgAwAACOCmG28CMxg5-4Ckijxwo9YL-RXEaDFY7B-ACrFWq-XzxVqtlsD___9_!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.210.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-210-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 0A5B 281 B
555 B 165ms
62ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8FSACLAbMfGGwvB6KcBKY-cJgeT0U4SwAAABgYED8AEltNhPHyrJxy1aT5Vq0sEzcwplr4datbLPFyuVceVa-ISAZ52Ti3ExsbsHGY1yLhrvVWmJaLdwi22Kx3A1WztHEZgURNxkOn4OBqOh6W-wOp9nzBixoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3--UAAAAA4AHAUUcPhB9AAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAA0AB1L4GgE8ODHm6vAwqu8vi8Hr9AQDgAQIEAIAABgkAgfGVEgAQnnUnAAAAAAAAAABY_P___8cA0HMqlgFgAb3aA-DBB8ADkQLIIowAAAAAyP5Toh6ZpBNULKoAABCkWwG4AgAQwChjOLUbBgAAAEBM2aafJlcspNaYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEJu64VpgmD0wtX8AgIArPkFBABgo24AAN4EwAk5LGg6HT7XvV7odDtNn9db7ncLXqbT3-F1mOwyv-Xv8Jietr9d43f7RYegFYPB6ijEYjNYDYajwW52AAAAAO78____4ynb9NPkioXU0gMiFsPMZnItVr7lZDGxzDwL08rhcHkWg-HIOZg5tudpW6qa0h4Lq0_ETYbD52AgKrreFrvDafbcz4QtRqvJZLMczpaLyWA4Go5G-zMQi-UATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGBo5HBvLwuNWLowTt2gxmLiFM4dhLZqZXK7VaLNYWFZr0etj-thmE9tmuEWCAR57EVykE5nfcvNbXm-_6em3u1Wei1iiOVmkE9llX7EYZjaTa7HyLSeLiWXmWZhWDofLsxgMR87BzLEvjRyOjWXhcSsXxolbtBhM3MKZw7AWzUwu12q0WSwsq7Xo9TF9bLOJbTPcN3aDxWw12i0m-8ZusJitRrvFZN9hMj1Tn7PRbyv5PSZb67aWSmxOg8JlsHh_n4u0GW3cjC6ZsdvZmcTZkPZgjPj9fr_f7_f7_X5xwmtQeA4e1W4aNI3Xl-Nmt954DwZFLBGcLtKJ6GU8XcQSydMinSh3i4VxYTKsHBbTcrSYDEe7iWswmQyWo91kNVtYxBKl6SKd6CXqP3qI3XAuWa3mitFwrpgNVwkAAAAAAAAAwBJMM90EAAAAwMkghsvJZLdcAA_xf7oAAAAAAAAAAHa5_4yF2ae3VRZr7DEI81tufsvr7Tc9_Xa3ynNlAA_U5Mw284wg1mq1rAEAAAhgAwAACOCmG28CMxg5-4Ckijxwo9YL-RXEaDFY7B-ACrFWq-XzxVqtlsD___9_!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Dec 2023 01:51:54 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame DC4E 70 B
148 B 116ms
88ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8xb4CLAaE5XTldv-EfxMIy-nK7f4J_y4AAABgYED8AMmtFi6Px2RxCye2kVs0W-7WytFmsRauRibfzLjxeFw2IyC51cLl8ZgsbuHENnKLZsvdWjnaLNbC1cjkmxk3Ho_LZgUUMxgML6vBQFR0vS12h9PseevWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8MmBIU-Xl0Fld1kcXq8_AAAAAIAAAAAAIAEgML5SAgDCs-7E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAkDPkrxsLfTHnMYNIgV4RRgAAAABk_ylRj0zSCSoWVf7___utAFwBAAhglDGU-syiOyjxFgYAAABATNmmnyZXLKTWmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCbuuFaYJg9MLV_AICAKz5BQQAYKNuAADeBMAJOSxoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3-0WHoBWDweooxGIzWA2Go8FudgAAAADu_P___-Mp2_TT5IqF1NIDIpbdZjcaDhcz02wxcyyHk-VgNBgOVs7VcDRazryHPKBTNZYfvaUPxQwGw8tqMBAVXW-L3eE0e966-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYrEcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGPO0Wi4mSzWypVp4xaNLCu3xGUyuTWzicU22LgszuFyLXp9TB_bbGLbDLdIMMBjL5KnRTrROHejwWA4Wdk2zt1iOZmZTC7PcDayGVcTw8gym4glmpNFOpFd9hXLbrMbDYeLmWm2mDmWw8lyMBoMByvnajgaLWf-mnM0Gm4mi7VyZdq4RSPLyi1xmUxuzWxisQ02LotzuFyLXh_Txzab2DbDfWM3WMxWo91ism_sBovZarRbTPYdJtMz9Tkb_baS32OytW5rqcTmNChcBov397lIm9HGzeiSGbudnUmcDWkPxojf7_f7_X6_3-8XJ7wGhefgUe2mQdN4fTluduuN92BQxBLBRTqR-S03v-X19puefrtb5bmIJUrTRTrRS8QSwekinYhextNF_UcPsRvOJavVXDEazhWz4SoBAAAAAAAAAFiCaaabAAAAADgZxHA5mezW6SAGw-VitFgugIf4P10AAAAAAAAAALvcf8bC7NPbKos19hiE-S03v-X19puefrtb5bkygAdqcmabfUYQa7Va1gAAAASwAQAABHDTjTeBGUzc_____zgAAAAycugBAACI7wOSKvLAjVov5FcQm8Vqtn8AKsRarVa3G2u1WgENZLeYbXYT-P___w8!&cmcv=&pix=undefined&cb=1701654713903&uv=3363&tms=1701654713903&abt=adxsub-out_vA!adxsub-out_vB!ufm&ru=https://himitsu-no-pettoakad.foroactivo.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=75aeccdb-8b6d-4697-9431-85dd7f8cccef&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 f9448321-9e4c-4d2e-bedd-36bb60ceb989-tuctc66b638
pr-bh.ybp.yahoo.com/sync/taboola/ Frame DC4E 43 B
425 B 106ms
88ms Image
image/gif 2a05:d018:d29:3602:c677:cda8:fdd8:5f9a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/f9448321-9e4c-4d2e-bedd-36bb60ceb989-tuctc66b638?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8xb4CLAaE5XTldv-EfxMIy-nK7f4J_y4AAABgYED8AMmtFi6Px2RxCye2kVs0W-7WytFmsRauRibfzLjxeFw2IyC51cLl8ZgsbuHENnKLZsvdWjnaLNbC1cjkmxk3Ho_LZgUUMxgML6vBQFR0vS12h9PseevWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8MmBIU-Xl0Fld1kcXq8_AAAAAIAAAAAAIAEgML5SAgDCs-7E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAkDPkrxsLfTHnMYNIgV4RRgAAAABk_ylRj0zSCSoWVf7___utAFwBAAhglDGU-syiOyjxFgYAAABATNmmnyZXLKTWmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCbuuFaYJg9MLV_AICAKz5BQQAYKNuAADeBMAJOSxoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3-0WHoBWDweooxGIzWA2Go8FudgAAAADu_P___-Mp2_TT5IqF1NIDIpbdZjcaDhcz02wxcyyHk-VgNBgOVs7VcDRazryHPKBTNZYfvaUPxQwGw8tqMBAVXW-L3eE0e966-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYrEcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGPO0Wi4mSzWypVp4xaNLCu3xGUyuTWzicU22LgszuFyLXp9TB_bbGLbDLdIMMBjL5KnRTrROHejwWA4Wdk2zt1iOZmZTC7PcDayGVcTw8gym4glmpNFOpFd9hXLbrMbDYeLmWm2mDmWw8lyMBoMByvnajgaLWf-mnM0Gm4mi7VyZdq4RSPLyi1xmUxuzWxisQ02LotzuFyLXh_Txzab2DbDfWM3WMxWo91ism_sBovZarRbTPYdJtMz9Tkb_baS32OytW5rqcTmNChcBov397lIm9HGzeiSGbudnUmcDWkPxojf7_f7_X6_3-8XJ7wGhefgUe2mQdN4fTluduuN92BQxBLBRTqR-S03v-X19puefrtb5bmIJUrTRTrRS8QSwekinYhextNF_UcPsRvOJavVXDEazhWz4SoBAAAAAAAAAFiCaaabAAAAADgZxHA5mezW6SAGw-VitFgugIf4P10AAAAAAAAAALvcf8bC7NPbKos19hiE-S03v-X19puefrtb5bkygAdqcmabfUYQa7Va1gAAAASwAQAABHDTjTeBGUzc_____zgAAAAycugBAACI7wOSKvLAjVov5FcQm8Vqtn8AKsRarVa3G2u1WgENZLeYbXYT-P___w8!&cmcv=&pix=undefined&cb=1701654713903&uv=3363&tms=1701654713903&abt=adxsub-out_vA!adxsub-out_vB!ufm&ru=https://himitsu-no-pettoakad.foroactivo.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=75aeccdb-8b6d-4697-9431-85dd7f8cccef&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:c677:cda8:fdd8:5f9a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame DC4E 43 B
145 B 63ms
63ms Image
image/gif 35.156.210.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8xb4CLAaE5XTldv-EfxMIy-nK7f4J_y4AAABgYED8AMmtFi6Px2RxCye2kVs0W-7WytFmsRauRibfzLjxeFw2IyC51cLl8ZgsbuHENnKLZsvdWjnaLNbC1cjkmxk3Ho_LZgUUMxgML6vBQFR0vS12h9PseevWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8MmBIU-Xl0Fld1kcXq8_AAAAAIAAAAAAIAEgML5SAgDCs-7E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAkDPkrxsLfTHnMYNIgV4RRgAAAABk_ylRj0zSCSoWVf7___utAFwBAAhglDGU-syiOyjxFgYAAABATNmmnyZXLKTWmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCbuuFaYJg9MLV_AICAKz5BQQAYKNuAADeBMAJOSxoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3-0WHoBWDweooxGIzWA2Go8FudgAAAADu_P___-Mp2_TT5IqF1NIDIpbdZjcaDhcz02wxcyyHk-VgNBgOVs7VcDRazryHPKBTNZYfvaUPxQwGw8tqMBAVXW-L3eE0e966-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYrEcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGPO0Wi4mSzWypVp4xaNLCu3xGUyuTWzicU22LgszuFyLXp9TB_bbGLbDLdIMMBjL5KnRTrROHejwWA4Wdk2zt1iOZmZTC7PcDayGVcTw8gym4glmpNFOpFd9hXLbrMbDYeLmWm2mDmWw8lyMBoMByvnajgaLWf-mnM0Gm4mi7VyZdq4RSPLyi1xmUxuzWxisQ02LotzuFyLXh_Txzab2DbDfWM3WMxWo91ism_sBovZarRbTPYdJtMz9Tkb_baS32OytW5rqcTmNChcBov397lIm9HGzeiSGbudnUmcDWkPxojf7_f7_X6_3-8XJ7wGhefgUe2mQdN4fTluduuN92BQxBLBRTqR-S03v-X19puefrtb5bmIJUrTRTrRS8QSwekinYhextNF_UcPsRvOJavVXDEazhWz4SoBAAAAAAAAAFiCaaabAAAAADgZxHA5mezW6SAGw-VitFgugIf4P10AAAAAAAAAALvcf8bC7NPbKos19hiE-S03v-X19puefrtb5bkygAdqcmabfUYQa7Va1gAAAASwAQAABHDTjTeBGUzc_____zgAAAAycugBAACI7wOSKvLAjVov5FcQm8Vqtn8AKsRarVa3G2u1WgENZLeYbXYT-P___w8!&cmcv=&pix=undefined&cb=1701654713903&uv=3363&tms=1701654713903&abt=adxsub-out_vA!adxsub-out_vB!ufm&ru=https://himitsu-no-pettoakad.foroactivo.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=75aeccdb-8b6d-4697-9431-85dd7f8cccef&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.210.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-210-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_6_3/assets/css/ Frame DAD5 60 KB
8 KB 48ms
48ms Stylesheet
text/css 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_6_3/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-meta-mtime: 1701511361
date: Mon, 04 Dec 2023 01:51:54 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: GW3PWMPZ07VVTGMT
age: 143282
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1701511362
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: Qtl8fmuz3AcQ1yO/TfxAO/jMBhlt+EMG2hGyOBC2k2baMQgQ0Lwh7fIQPqcHnb+eR1Rm+xIZT+k=
x-served-by: cache-bma1640-BMA
last-modified: Sat, 02 Dec 2023 10:02:43 GMT
server: AmazonS3-br
x-timer: S1701654714.035573,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 11084

GET
H2 200 cmTagWIDGET_ITEM.js Show response
vidstat.taboola.com/vpaid/units/33_6_3/infra/ Frame DAD5 493 KB
105 KB 47ms
47ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_6_3/infra/cmTagWIDGET_ITEM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: f955584c2704042e9c307f79de1b54aadbe56ea7dd638f352d149e01a9db4aab

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Origin: https://himitsu-no-pettoakad.foroactivo.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-meta-mtime: 1701511321
date: Mon, 04 Dec 2023 01:51:54 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 3JP3JFZFGMTRHN8V
age: 143280
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1701511322
x-amz-meta-mode: 33188
content-length: 107217
x-amz-id-2: 2mL+Ws3mQmPcl4Xxatr4+X0eaOKlhOYTynIHSO7D2Z/TGGWugJF1VRcKKAxhPC3MNu+Nb/pPOTc=
x-served-by: cache-bma1624-BMA
last-modified: Sat, 02 Dec 2023 10:02:03 GMT
server: AmazonS3-br
x-timer: S1701654714.036339,VS0,VE0
etag: "5e801116bda0ad6456401675cb51692a"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 4315

GET
H2 200 st Show response
imprammp.taboola.com/ Frame DEA9 798 B
495 B 76ms
73ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8015557&crid=4660561&dast=V8i4MCLAbkIMwtdRtP_RDIQZhb6jae-ikAAABgYED8AAlNNr7lbDZcKyarxVq0mNjcypFjsVbMJs6Ry2MxzRwjIyAZ32AxGmwma9XEOXGLVs7FWjlyzdyymWuwcRknDpdtMgUUMxgML6vBQFR0vS12h9PseWvWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPAA46oiC8AMIABABAAAAQAIAAAAAhYAK_xYELgAAAABgACiA2tcA8MmBIU-Xl0Fld1kcXq8_AAA8QIAAABDAIAEgML5SAgDCs-4EAAAAAAAAAACL_____xgAek7FMgAsoFd7ADz4AHggUrBahBEAAAAA2X9K1COTdIKKRRUAAIJ0KwBXAAACGGUMq3DCAAAAAIgp2_TT5IqF1BqzQA-L32922DV-t8sAAAAAAAAAAJj5P_OPRshtvTBNEIxeuJpfQACANb-AAABs1A0AwJsAOCGHBU2nw-e61wudbqfp83rL_W7By3T6O7wOk13mt_wdHtPT9rdr_G6_6BC0YjBYHYVYbAarwXA02M0OAAAAwJ3___9_PGWbfppcsZBaekBos3IuloOVbeQyLhbG1XKwMSwcNuNqshquZq6R92yAPxiZBkUG9aGYwWB4WQ0GoqLrbbE7nGbPWzM_E7YYrSaTzXI4Wy4mg-FoOBrtz0AslgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgwjKcjFy7kVs2c1jcotnI4RZODJu1auZyrIbL0WCzMKxFr4_pY5tNbJvlFgkGeOxFcJFOZH7LzW95vf2mp9_uVnkuYonmZJFOZJd9abNyLpaDlW3kMi4WxtVysDEsHDbjarIarmaukb9hGU5Grt3ILZs5LG7RbORwCyeGzVo1czlWw-VosFkY1qLXx_SxzSa2zXLf2A0Ws9Vot9jsG7vBYrYa7RabfYfJ9Ex9zka_reT3mGyt21oqsTkNCpfB4v19LtJmtHEzumTGbmdnEmdD2oMx4vf7_X6_3-_3-8UJr0HhOXhUu2nQNF5fjpvdeuM9GBSxRHC6SCeil_F0EUskT4t0ohwsVqPhwuXwDFemlXNksRg2w-HG5JnYjJPVwmMRS5Smi3Sil6j_6CF2w7lktZorRsO5YjZcJQAAAAAAAAAASzDNdBMAAAAAJ4MYLieT3XIBPMT_6QIAAAAAAAAA2OX-MxZmn95WWayxxyDMb7n5La-33_T0290qz5UBPFCTM9vMM4JYq9WyBgAAIIANAAAggJtuvAnMYOTsA5Iq8sCNWi_8B6BCrNVq-XyxVqsl8P___x8!&cmcv=&pix=undefined&cb=1701654714049&uv=3363&tms=1701654714049&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!iiqrc_vB!t45!u2822_vA!ufm&ru=https://himitsu-no-pettoakad.foroactivo.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=42c79668-1251-41bf-9d11-16b9decb4f1d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 77b2de07ba2d3424cd1fba7500ce9c6046fca8473cc4c698d520d0b50d26846b

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Mon, 04 Dec 2023 01:51:54 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-bma1640-BMA
x-timer: S1701654714.076683,VS0,VE25

GET
H2 200 sync Show response
am-match.taboola.com/ Frame DE60 798 B
892 B 63ms
63ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8i4MCLAbkIMwtdRtP_RDIQZhb6jae-ikAAABgYED8AAlNNr7lbDZcKyarxVq0mNjcypFjsVbMJs6Ry2MxzRwjIyAZ32AxGmwma9XEOXGLVs7FWjlyzdyymWuwcRknDpdtMgUUMxgML6vBQFR0vS12h9PseWvWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPAA46oiC8AMIABABAAAAQAIAAAAAhYAK_xYELgAAAABgACiA2tcA8MmBIU-Xl0Fld1kcXq8_AAA8QIAAABDAIAEgML5SAgDCs-4EAAAAAAAAAACL_____xgAek7FMgAsoFd7ADz4AHggUrBahBEAAAAA2X9K1COTdIKKRRUAAIJ0KwBXAAACGGUMq3DCAAAAAIgp2_TT5IqF1BqzQA-L32922DV-t8sAAAAAAAAAAJj5P_OPRshtvTBNEIxeuJpfQACANb-AAABs1A0AwJsAOCGHBU2nw-e61wudbqfp83rL_W7By3T6O7wOk13mt_wdHtPT9rdr_G6_6BC0YjBYHYVYbAarwXA02M0OAAAAwJ3___9_PGWbfppcsZBaekBos3IuloOVbeQyLhbG1XKwMSwcNuNqshquZq6R92yAPxiZBkUG9aGYwWB4WQ0GoqLrbbE7nGbPWzM_E7YYrSaTzXI4Wy4mg-FoOBrtz0AslgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgwjKcjFy7kVs2c1jcotnI4RZODJu1auZyrIbL0WCzMKxFr4_pY5tNbJvlFgkGeOxFcJFOZH7LzW95vf2mp9_uVnkuYonmZJFOZJd9abNyLpaDlW3kMi4WxtVysDEsHDbjarIarmaukb9hGU5Grt3ILZs5LG7RbORwCyeGzVo1czlWw-VosFkY1qLXx_SxzSa2zXLf2A0Ws9Vot9jsG7vBYrYa7RabfYfJ9Ex9zka_reT3mGyt21oqsTkNCpfB4v19LtJmtHEzumTGbmdnEmdD2oMx4vf7_X6_3-_3-8UJr0HhOXhUu2nQNF5fjpvdeuM9GBSxRHC6SCeil_F0EUskT4t0ohwsVqPhwuXwDFemlXNksRg2w-HG5JnYjJPVwmMRS5Smi3Sil6j_6CF2w7lktZorRsO5YjZcJQAAAAAAAAAASzDNdBMAAAAAJ4MYLieT3XIBPMT_6QIAAAAAAAAA2OX-MxZmn95WWayxxyDMb7n5La-33_T0290qz5UBPFCTM9vMM4JYq9WyBgAAIIANAAAggJtuvAnMYOTsA5Iq8sCNWi_8B6BCrNVq-XyxVqsl8P___x8!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: aadd9ae3652bdb68415c38c37b655b71d539dddffbe11d61b745de7d3fe14b27

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 04 Dec 2023 01:51:54 GMT
machineid: 3402
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ Frame 67FB 2 KB
859 B 202ms
201ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=300&height=168&pubid=169497&tagid=953497&crid=4660561&noaop=3&sortOrderType=0&cb=1701654714056&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1579&pt=-364338692&tz=60&viewable=true&ddast=V8i4MCLAbkIMwtdRtP_RDIQZhb6jae-ikAAABgYED8AAlNNr7lbDZcKyarxVq0mNjcypFjsVbMJs6Ry2MxzRwjIyAZ32AxGmwma9XEOXGLVs7FWjlyzdyymWuwcRknDpdtMgUUMxgML6vBQFR0vS12h9PseWvWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPAA46oiC8AMIABABAAAAQAIAAAAAhYAK_xYELgAAAABgACiA2tcA8MmBIU-Xl0Fld1kcXq8_AAA8QIAAABDAIAEgML5SAgDCs-4EAAAAAAAAAACL_____xgAek7FMgAsoFd7ADz4AHggUrBahBEAAAAA2X9K1COTdIKKRRUAAIJ0KwBXAAACGGUMq3DCAAAAAIgp2_TT5IqF1BqzQA-L32922DV-t8sAAAAAAAAAAJj5P_OPRshtvTBNEIxeuJpfQACANb-AAABs1A0AwJsAOCGHBU2nw-e61wudbqfp83rL_W7By3T6O7wOk13mt_wdHtPT9rdr_G6_6BC0YjBYHYVYbAarwXA02M0OAAAAwJ3___9_PGWbfppcsZBaekBos3IuloOVbeQyLhbG1XKwMSwcNuNqshquZq6R92yAPxiZBkUG9aGYwWB4WQ0GoqLrbbE7nGbPWzM_E7YYrSaTzXI4Wy4mg-FoOBrtz0AslgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgwjKcjFy7kVs2c1jcotnI4RZODJu1auZyrIbL0WCzMKxFr4_pY5tNbJvlFgkGeOxFcJFOZH7LzW95vf2mp9_uVnkuYonmZJFOZJd9abNyLpaDlW3kMi4WxtVysDEsHDbjarIarmaukb9hGU5Grt3ILZs5LG7RbORwCyeGzVo1czlWw-VosFkY1qLXx_SxzSa2zXLf2A0Ws9Vot9jsG7vBYrYa7RabfYfJ9Ex9zka_reT3mGyt21oqsTkNCpfB4v19LtJmtHEzumTGbmdnEmdD2oMx4vf7_X6_3-_3-8UJr0HhOXhUu2nQNF5fjpvdeuM9GBSxRHC6SCeil_F0EUskT4t0ohwsVqPhwuXwDFemlXNksRg2w-HG5JnYjJPVwmMRS5Smi3Sil6j_6CF2w7lktZorRsO5YjZcJQAAAAAAAAAASzDNdBMAAAAAJ4MYLieT3XIBPMT_6QIAAAAAAAAA2OX-MxZmn95WWayxxyDMb7n5La-33_T0290qz5UBPFCTM9vMM4JYq9WyBgAAIIANAAAggJtuvAnMYOTsA5Iq8sCNWi_8B6BCrNVq-XyxVqsl8P___x8!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1089141&dpubid=189227&abtst=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!iiqrc_vB!t45!u2822_vA!ufm&mPre=0.033&cirf=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 10b728127d3f2ce807058ae9b369c83620bb06d0b5417d859e2767d54041b68f

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Mon, 04 Dec 2023 01:51:54 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1481
x-cache: MISS
x-served-by: cache-bma1640-BMA
pragma: no-cache
server: nginx
x-timer: S1701654714.078341,VS0,VE154
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ Frame 67FB 0
43 B 77ms
70ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8015557&crid=4660561&dast=V8i4MCLAbkIMwtdRtP_RDIQZhb6jae-ikAAABgYED8AAlNNr7lbDZcKyarxVq0mNjcypFjsVbMJs6Ry2MxzRwjIyAZ32AxGmwma9XEOXGLVs7FWjlyzdyymWuwcRknDpdtMgUUMxgML6vBQFR0vS12h9PseWvWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPAA46oiC8AMIABABAAAAQAIAAAAAhYAK_xYELgAAAABgACiA2tcA8MmBIU-Xl0Fld1kcXq8_AAA8QIAAABDAIAEgML5SAgDCs-4EAAAAAAAAAACL_____xgAek7FMgAsoFd7ADz4AHggUrBahBEAAAAA2X9K1COTdIKKRRUAAIJ0KwBXAAACGGUMq3DCAAAAAIgp2_TT5IqF1BqzQA-L32922DV-t8sAAAAAAAAAAJj5P_OPRshtvTBNEIxeuJpfQACANb-AAABs1A0AwJsAOCGHBU2nw-e61wudbqfp83rL_W7By3T6O7wOk13mt_wdHtPT9rdr_G6_6BC0YjBYHYVYbAarwXA02M0OAAAAwJ3___9_PGWbfppcsZBaekBos3IuloOVbeQyLhbG1XKwMSwcNuNqshquZq6R92yAPxiZBkUG9aGYwWB4WQ0GoqLrbbE7nGbPWzM_E7YYrSaTzXI4Wy4mg-FoOBrtz0AslgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgwjKcjFy7kVs2c1jcotnI4RZODJu1auZyrIbL0WCzMKxFr4_pY5tNbJvlFgkGeOxFcJFOZH7LzW95vf2mp9_uVnkuYonmZJFOZJd9abNyLpaDlW3kMi4WxtVysDEsHDbjarIarmaukb9hGU5Grt3ILZs5LG7RbORwCyeGzVo1czlWw-VosFkY1qLXx_SxzSa2zXLf2A0Ws9Vot9jsG7vBYrYa7RabfYfJ9Ex9zka_reT3mGyt21oqsTkNCpfB4v19LtJmtHEzumTGbmdnEmdD2oMx4vf7_X6_3-_3-8UJr0HhOXhUu2nQNF5fjpvdeuM9GBSxRHC6SCeil_F0EUskT4t0ohwsVqPhwuXwDFemlXNksRg2w-HG5JnYjJPVwmMRS5Smi3Sil6j_6CF2w7lktZorRsO5YjZcJQAAAAAAAAAASzDNdBMAAAAAJ4MYLieT3XIBPMT_6QIAAAAAAAAA2OX-MxZmn95WWayxxyDMb7n5La-33_T0290qz5UBPFCTM9vMM4JYq9WyBgAAIIANAAAggJtuvAnMYOTsA5Iq8sCNWi_8B6BCrNVq-XyxVqsl8P___x8!&cmcv=&pix=31589837&cb=1701654714049&uv=3363&tms=1701654714049&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!iiqrc_vB!t45!u2822_vA!ufm&ru=https://himitsu-no-pettoakad.foroactivo.com/&ft=1&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1701654712435!ts:1701654714049&mntl=1
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
content-length: 0
server: nginx

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_6_3/assets/css/ Frame 6853 60 KB
8 KB 53ms
53ms Stylesheet
text/css 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_6_3/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-meta-mtime: 1701511361
date: Mon, 04 Dec 2023 01:51:54 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: GW3PWMPZ07VVTGMT
age: 143282
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1701511362
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: Qtl8fmuz3AcQ1yO/TfxAO/jMBhlt+EMG2hGyOBC2k2baMQgQ0Lwh7fIQPqcHnb+eR1Rm+xIZT+k=
x-served-by: cache-bma1640-BMA
last-modified: Sat, 02 Dec 2023 10:02:43 GMT
server: AmazonS3-br
x-timer: S1701654714.093784,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 11085

GET
H2 200 cmTagWIDGET_ITEM.js Show response
vidstat.taboola.com/vpaid/units/33_6_3/infra/ Frame 6853 493 KB
105 KB 59ms
59ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_6_3/infra/cmTagWIDGET_ITEM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: f955584c2704042e9c307f79de1b54aadbe56ea7dd638f352d149e01a9db4aab

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Origin: https://himitsu-no-pettoakad.foroactivo.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-meta-mtime: 1701511321
date: Mon, 04 Dec 2023 01:51:54 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 3JP3JFZFGMTRHN8V
age: 143280
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1701511322
x-amz-meta-mode: 33188
content-length: 107217
x-amz-id-2: 2mL+Ws3mQmPcl4Xxatr4+X0eaOKlhOYTynIHSO7D2Z/TGGWugJF1VRcKKAxhPC3MNu+Nb/pPOTc=
x-served-by: cache-bma1624-BMA
last-modified: Sat, 02 Dec 2023 10:02:03 GMT
server: AmazonS3-br
x-timer: S1701654714.094880,VS0,VE0
etag: "5e801116bda0ad6456401675cb51692a"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 4316

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E53C 46 KB
13 KB 93ms
63ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 45ef75076a87745600acde6abefec30a166fe98981b878868da0e92d54e276da

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 01:51:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 03 Dec 2023 16:27:34 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52570
Connection: keep-alive
Content-Length: 13236
Expires: Mon, 04 Dec 2023 16:28:04 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame DE60 70 B
148 B 84ms
76ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8i4MCLAbkIMwtdRtP_RDIQZhb6jae-ikAAABgYED8AAlNNr7lbDZcKyarxVq0mNjcypFjsVbMJs6Ry2MxzRwjIyAZ32AxGmwma9XEOXGLVs7FWjlyzdyymWuwcRknDpdtMgUUMxgML6vBQFR0vS12h9PseWvWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPAA46oiC8AMIABABAAAAQAIAAAAAhYAK_xYELgAAAABgACiA2tcA8MmBIU-Xl0Fld1kcXq8_AAA8QIAAABDAIAEgML5SAgDCs-4EAAAAAAAAAACL_____xgAek7FMgAsoFd7ADz4AHggUrBahBEAAAAA2X9K1COTdIKKRRUAAIJ0KwBXAAACGGUMq3DCAAAAAIgp2_TT5IqF1BqzQA-L32922DV-t8sAAAAAAAAAAJj5P_OPRshtvTBNEIxeuJpfQACANb-AAABs1A0AwJsAOCGHBU2nw-e61wudbqfp83rL_W7By3T6O7wOk13mt_wdHtPT9rdr_G6_6BC0YjBYHYVYbAarwXA02M0OAAAAwJ3___9_PGWbfppcsZBaekBos3IuloOVbeQyLhbG1XKwMSwcNuNqshquZq6R92yAPxiZBkUG9aGYwWB4WQ0GoqLrbbE7nGbPWzM_E7YYrSaTzXI4Wy4mg-FoOBrtz0AslgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgwjKcjFy7kVs2c1jcotnI4RZODJu1auZyrIbL0WCzMKxFr4_pY5tNbJvlFgkGeOxFcJFOZH7LzW95vf2mp9_uVnkuYonmZJFOZJd9abNyLpaDlW3kMi4WxtVysDEsHDbjarIarmaukb9hGU5Grt3ILZs5LG7RbORwCyeGzVo1czlWw-VosFkY1qLXx_SxzSa2zXLf2A0Ws9Vot9jsG7vBYrYa7RabfYfJ9Ex9zka_reT3mGyt21oqsTkNCpfB4v19LtJmtHEzumTGbmdnEmdD2oMx4vf7_X6_3-_3-8UJr0HhOXhUu2nQNF5fjpvdeuM9GBSxRHC6SCeil_F0EUskT4t0ohwsVqPhwuXwDFemlXNksRg2w-HG5JnYjJPVwmMRS5Smi3Sil6j_6CF2w7lktZorRsO5YjZcJQAAAAAAAAAASzDNdBMAAAAAJ4MYLieT3XIBPMT_6QIAAAAAAAAA2OX-MxZmn95WWayxxyDMb7n5La-33_T0290qz5UBPFCTM9vMM4JYq9WyBgAAIIANAAAggJtuvAnMYOTsA5Iq8sCNWi_8B6BCrNVq-XyxVqsl8P___x8!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 a282d57d-6fab-46da-8b03-5fe1589403a0-tuctc66b639
pr-bh.ybp.yahoo.com/sync/taboola/ Frame DE60 43 B
425 B 85ms
77ms Image
image/gif 2a05:d018:d29:3602:c677:cda8:fdd8:5f9a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/a282d57d-6fab-46da-8b03-5fe1589403a0-tuctc66b639?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8i4MCLAbkIMwtdRtP_RDIQZhb6jae-ikAAABgYED8AAlNNr7lbDZcKyarxVq0mNjcypFjsVbMJs6Ry2MxzRwjIyAZ32AxGmwma9XEOXGLVs7FWjlyzdyymWuwcRknDpdtMgUUMxgML6vBQFR0vS12h9PseWvWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPAA46oiC8AMIABABAAAAQAIAAAAAhYAK_xYELgAAAABgACiA2tcA8MmBIU-Xl0Fld1kcXq8_AAA8QIAAABDAIAEgML5SAgDCs-4EAAAAAAAAAACL_____xgAek7FMgAsoFd7ADz4AHggUrBahBEAAAAA2X9K1COTdIKKRRUAAIJ0KwBXAAACGGUMq3DCAAAAAIgp2_TT5IqF1BqzQA-L32922DV-t8sAAAAAAAAAAJj5P_OPRshtvTBNEIxeuJpfQACANb-AAABs1A0AwJsAOCGHBU2nw-e61wudbqfp83rL_W7By3T6O7wOk13mt_wdHtPT9rdr_G6_6BC0YjBYHYVYbAarwXA02M0OAAAAwJ3___9_PGWbfppcsZBaekBos3IuloOVbeQyLhbG1XKwMSwcNuNqshquZq6R92yAPxiZBkUG9aGYwWB4WQ0GoqLrbbE7nGbPWzM_E7YYrSaTzXI4Wy4mg-FoOBrtz0AslgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgwjKcjFy7kVs2c1jcotnI4RZODJu1auZyrIbL0WCzMKxFr4_pY5tNbJvlFgkGeOxFcJFOZH7LzW95vf2mp9_uVnkuYonmZJFOZJd9abNyLpaDlW3kMi4WxtVysDEsHDbjarIarmaukb9hGU5Grt3ILZs5LG7RbORwCyeGzVo1czlWw-VosFkY1qLXx_SxzSa2zXLf2A0Ws9Vot9jsG7vBYrYa7RabfYfJ9Ex9zka_reT3mGyt21oqsTkNCpfB4v19LtJmtHEzumTGbmdnEmdD2oMx4vf7_X6_3-_3-8UJr0HhOXhUu2nQNF5fjpvdeuM9GBSxRHC6SCeil_F0EUskT4t0ohwsVqPhwuXwDFemlXNksRg2w-HG5JnYjJPVwmMRS5Smi3Sil6j_6CF2w7lktZorRsO5YjZcJQAAAAAAAAAASzDNdBMAAAAAJ4MYLieT3XIBPMT_6QIAAAAAAAAA2OX-MxZmn95WWayxxyDMb7n5La-33_T0290qz5UBPFCTM9vMM4JYq9WyBgAAIIANAAAggJtuvAnMYOTsA5Iq8sCNWi_8B6BCrNVq-XyxVqsl8P___x8!&excid=22&docw=0&cijs=1&nlb=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:c677:cda8:fdd8:5f9a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame DE60 43 B
145 B 65ms
62ms Image
image/gif 35.156.210.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8i4MCLAbkIMwtdRtP_RDIQZhb6jae-ikAAABgYED8AAlNNr7lbDZcKyarxVq0mNjcypFjsVbMJs6Ry2MxzRwjIyAZ32AxGmwma9XEOXGLVs7FWjlyzdyymWuwcRknDpdtMgUUMxgML6vBQFR0vS12h9PseWvWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPAA46oiC8AMIABABAAAAQAIAAAAAhYAK_xYELgAAAABgACiA2tcA8MmBIU-Xl0Fld1kcXq8_AAA8QIAAABDAIAEgML5SAgDCs-4EAAAAAAAAAACL_____xgAek7FMgAsoFd7ADz4AHggUrBahBEAAAAA2X9K1COTdIKKRRUAAIJ0KwBXAAACGGUMq3DCAAAAAIgp2_TT5IqF1BqzQA-L32922DV-t8sAAAAAAAAAAJj5P_OPRshtvTBNEIxeuJpfQACANb-AAABs1A0AwJsAOCGHBU2nw-e61wudbqfp83rL_W7By3T6O7wOk13mt_wdHtPT9rdr_G6_6BC0YjBYHYVYbAarwXA02M0OAAAAwJ3___9_PGWbfppcsZBaekBos3IuloOVbeQyLhbG1XKwMSwcNuNqshquZq6R92yAPxiZBkUG9aGYwWB4WQ0GoqLrbbE7nGbPWzM_E7YYrSaTzXI4Wy4mg-FoOBrtz0AslgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgwjKcjFy7kVs2c1jcotnI4RZODJu1auZyrIbL0WCzMKxFr4_pY5tNbJvlFgkGeOxFcJFOZH7LzW95vf2mp9_uVnkuYonmZJFOZJd9abNyLpaDlW3kMi4WxtVysDEsHDbjarIarmaukb9hGU5Grt3ILZs5LG7RbORwCyeGzVo1czlWw-VosFkY1qLXx_SxzSa2zXLf2A0Ws9Vot9jsG7vBYrYa7RabfYfJ9Ex9zka_reT3mGyt21oqsTkNCpfB4v19LtJmtHEzumTGbmdnEmdD2oMx4vf7_X6_3-_3-8UJr0HhOXhUu2nQNF5fjpvdeuM9GBSxRHC6SCeil_F0EUskT4t0ohwsVqPhwuXwDFemlXNksRg2w-HG5JnYjJPVwmMRS5Smi3Sil6j_6CF2w7lktZorRsO5YjZcJQAAAAAAAAAASzDNdBMAAAAAJ4MYLieT3XIBPMT_6QIAAAAAAAAA2OX-MxZmn95WWayxxyDMb7n5La-33_T0290qz5UBPFCTM9vMM4JYq9WyBgAAIIANAAAggJtuvAnMYOTsA5Iq8sCNWi_8B6BCrNVq-XyxVqsl8P___x8!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.210.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-210-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame DE60 0
15 B 76ms
74ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame AB00 281 B
555 B 78ms
63ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8i4MCLAbkIMwtdRtP_RDIQZhb6jae-ikAAABgYED8AAlNNr7lbDZcKyarxVq0mNjcypFjsVbMJs6Ry2MxzRwjIyAZ32AxGmwma9XEOXGLVs7FWjlyzdyymWuwcRknDpdtMgUUMxgML6vBQFR0vS12h9PseWvWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPAA46oiC8AMIABABAAAAQAIAAAAAhYAK_xYELgAAAABgACiA2tcA8MmBIU-Xl0Fld1kcXq8_AAA8QIAAABDAIAEgML5SAgDCs-4EAAAAAAAAAACL_____xgAek7FMgAsoFd7ADz4AHggUrBahBEAAAAA2X9K1COTdIKKRRUAAIJ0KwBXAAACGGUMq3DCAAAAAIgp2_TT5IqF1BqzQA-L32922DV-t8sAAAAAAAAAAJj5P_OPRshtvTBNEIxeuJpfQACANb-AAABs1A0AwJsAOCGHBU2nw-e61wudbqfp83rL_W7By3T6O7wOk13mt_wdHtPT9rdr_G6_6BC0YjBYHYVYbAarwXA02M0OAAAAwJ3___9_PGWbfppcsZBaekBos3IuloOVbeQyLhbG1XKwMSwcNuNqshquZq6R92yAPxiZBkUG9aGYwWB4WQ0GoqLrbbE7nGbPWzM_E7YYrSaTzXI4Wy4mg-FoOBrtz0AslgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgwjKcjFy7kVs2c1jcotnI4RZODJu1auZyrIbL0WCzMKxFr4_pY5tNbJvlFgkGeOxFcJFOZH7LzW95vf2mp9_uVnkuYonmZJFOZJd9abNyLpaDlW3kMi4WxtVysDEsHDbjarIarmaukb9hGU5Grt3ILZs5LG7RbORwCyeGzVo1czlWw-VosFkY1qLXx_SxzSa2zXLf2A0Ws9Vot9jsG7vBYrYa7RabfYfJ9Ex9zka_reT3mGyt21oqsTkNCpfB4v19LtJmtHEzumTGbmdnEmdD2oMx4vf7_X6_3-_3-8UJr0HhOXhUu2nQNF5fjpvdeuM9GBSxRHC6SCeil_F0EUskT4t0ohwsVqPhwuXwDFemlXNksRg2w-HG5JnYjJPVwmMRS5Smi3Sil6j_6CF2w7lktZorRsO5YjZcJQAAAAAAAAAASzDNdBMAAAAAJ4MYLieT3XIBPMT_6QIAAAAAAAAA2OX-MxZmn95WWayxxyDMb7n5La-33_T0290qz5UBPFCTM9vMM4JYq9WyBgAAIIANAAAggJtuvAnMYOTsA5Iq8sCNWi_8B6BCrNVq-XyxVqsl8P___x8!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Dec 2023 01:51:54 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame DEA9 70 B
148 B 87ms
85ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8015557&crid=4660561&dast=V8i4MCLAbkIMwtdRtP_RDIQZhb6jae-ikAAABgYED8AAlNNr7lbDZcKyarxVq0mNjcypFjsVbMJs6Ry2MxzRwjIyAZ32AxGmwma9XEOXGLVs7FWjlyzdyymWuwcRknDpdtMgUUMxgML6vBQFR0vS12h9PseWvWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPAA46oiC8AMIABABAAAAQAIAAAAAhYAK_xYELgAAAABgACiA2tcA8MmBIU-Xl0Fld1kcXq8_AAA8QIAAABDAIAEgML5SAgDCs-4EAAAAAAAAAACL_____xgAek7FMgAsoFd7ADz4AHggUrBahBEAAAAA2X9K1COTdIKKRRUAAIJ0KwBXAAACGGUMq3DCAAAAAIgp2_TT5IqF1BqzQA-L32922DV-t8sAAAAAAAAAAJj5P_OPRshtvTBNEIxeuJpfQACANb-AAABs1A0AwJsAOCGHBU2nw-e61wudbqfp83rL_W7By3T6O7wOk13mt_wdHtPT9rdr_G6_6BC0YjBYHYVYbAarwXA02M0OAAAAwJ3___9_PGWbfppcsZBaekBos3IuloOVbeQyLhbG1XKwMSwcNuNqshquZq6R92yAPxiZBkUG9aGYwWB4WQ0GoqLrbbE7nGbPWzM_E7YYrSaTzXI4Wy4mg-FoOBrtz0AslgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgwjKcjFy7kVs2c1jcotnI4RZODJu1auZyrIbL0WCzMKxFr4_pY5tNbJvlFgkGeOxFcJFOZH7LzW95vf2mp9_uVnkuYonmZJFOZJd9abNyLpaDlW3kMi4WxtVysDEsHDbjarIarmaukb9hGU5Grt3ILZs5LG7RbORwCyeGzVo1czlWw-VosFkY1qLXx_SxzSa2zXLf2A0Ws9Vot9jsG7vBYrYa7RabfYfJ9Ex9zka_reT3mGyt21oqsTkNCpfB4v19LtJmtHEzumTGbmdnEmdD2oMx4vf7_X6_3-_3-8UJr0HhOXhUu2nQNF5fjpvdeuM9GBSxRHC6SCeil_F0EUskT4t0ohwsVqPhwuXwDFemlXNksRg2w-HG5JnYjJPVwmMRS5Smi3Sil6j_6CF2w7lktZorRsO5YjZcJQAAAAAAAAAASzDNdBMAAAAAJ4MYLieT3XIBPMT_6QIAAAAAAAAA2OX-MxZmn95WWayxxyDMb7n5La-33_T0290qz5UBPFCTM9vMM4JYq9WyBgAAIIANAAAggJtuvAnMYOTsA5Iq8sCNWi_8B6BCrNVq-XyxVqsl8P___x8!&cmcv=&pix=undefined&cb=1701654714049&uv=3363&tms=1701654714049&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!iiqrc_vB!t45!u2822_vA!ufm&ru=https://himitsu-no-pettoakad.foroactivo.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=42c79668-1251-41bf-9d11-16b9decb4f1d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 a282d57d-6fab-46da-8b03-5fe1589403a0-tuctc66b639
pr-bh.ybp.yahoo.com/sync/taboola/ Frame DEA9 43 B
425 B 87ms
86ms Image
image/gif 2a05:d018:d29:3602:c677:cda8:fdd8:5f9a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/a282d57d-6fab-46da-8b03-5fe1589403a0-tuctc66b639?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8015557&crid=4660561&dast=V8i4MCLAbkIMwtdRtP_RDIQZhb6jae-ikAAABgYED8AAlNNr7lbDZcKyarxVq0mNjcypFjsVbMJs6Ry2MxzRwjIyAZ32AxGmwma9XEOXGLVs7FWjlyzdyymWuwcRknDpdtMgUUMxgML6vBQFR0vS12h9PseWvWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPAA46oiC8AMIABABAAAAQAIAAAAAhYAK_xYELgAAAABgACiA2tcA8MmBIU-Xl0Fld1kcXq8_AAA8QIAAABDAIAEgML5SAgDCs-4EAAAAAAAAAACL_____xgAek7FMgAsoFd7ADz4AHggUrBahBEAAAAA2X9K1COTdIKKRRUAAIJ0KwBXAAACGGUMq3DCAAAAAIgp2_TT5IqF1BqzQA-L32922DV-t8sAAAAAAAAAAJj5P_OPRshtvTBNEIxeuJpfQACANb-AAABs1A0AwJsAOCGHBU2nw-e61wudbqfp83rL_W7By3T6O7wOk13mt_wdHtPT9rdr_G6_6BC0YjBYHYVYbAarwXA02M0OAAAAwJ3___9_PGWbfppcsZBaekBos3IuloOVbeQyLhbG1XKwMSwcNuNqshquZq6R92yAPxiZBkUG9aGYwWB4WQ0GoqLrbbE7nGbPWzM_E7YYrSaTzXI4Wy4mg-FoOBrtz0AslgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgwjKcjFy7kVs2c1jcotnI4RZODJu1auZyrIbL0WCzMKxFr4_pY5tNbJvlFgkGeOxFcJFOZH7LzW95vf2mp9_uVnkuYonmZJFOZJd9abNyLpaDlW3kMi4WxtVysDEsHDbjarIarmaukb9hGU5Grt3ILZs5LG7RbORwCyeGzVo1czlWw-VosFkY1qLXx_SxzSa2zXLf2A0Ws9Vot9jsG7vBYrYa7RabfYfJ9Ex9zka_reT3mGyt21oqsTkNCpfB4v19LtJmtHEzumTGbmdnEmdD2oMx4vf7_X6_3-_3-8UJr0HhOXhUu2nQNF5fjpvdeuM9GBSxRHC6SCeil_F0EUskT4t0ohwsVqPhwuXwDFemlXNksRg2w-HG5JnYjJPVwmMRS5Smi3Sil6j_6CF2w7lktZorRsO5YjZcJQAAAAAAAAAASzDNdBMAAAAAJ4MYLieT3XIBPMT_6QIAAAAAAAAA2OX-MxZmn95WWayxxyDMb7n5La-33_T0290qz5UBPFCTM9vMM4JYq9WyBgAAIIANAAAggJtuvAnMYOTsA5Iq8sCNWi_8B6BCrNVq-XyxVqsl8P___x8!&cmcv=&pix=undefined&cb=1701654714049&uv=3363&tms=1701654714049&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!iiqrc_vB!t45!u2822_vA!ufm&ru=https://himitsu-no-pettoakad.foroactivo.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=42c79668-1251-41bf-9d11-16b9decb4f1d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:c677:cda8:fdd8:5f9a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame DEA9 43 B
145 B 66ms
66ms Image
image/gif 35.156.210.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8015557&crid=4660561&dast=V8i4MCLAbkIMwtdRtP_RDIQZhb6jae-ikAAABgYED8AAlNNr7lbDZcKyarxVq0mNjcypFjsVbMJs6Ry2MxzRwjIyAZ32AxGmwma9XEOXGLVs7FWjlyzdyymWuwcRknDpdtMgUUMxgML6vBQFR0vS12h9PseWvWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPAA46oiC8AMIABABAAAAQAIAAAAAhYAK_xYELgAAAABgACiA2tcA8MmBIU-Xl0Fld1kcXq8_AAA8QIAAABDAIAEgML5SAgDCs-4EAAAAAAAAAACL_____xgAek7FMgAsoFd7ADz4AHggUrBahBEAAAAA2X9K1COTdIKKRRUAAIJ0KwBXAAACGGUMq3DCAAAAAIgp2_TT5IqF1BqzQA-L32922DV-t8sAAAAAAAAAAJj5P_OPRshtvTBNEIxeuJpfQACANb-AAABs1A0AwJsAOCGHBU2nw-e61wudbqfp83rL_W7By3T6O7wOk13mt_wdHtPT9rdr_G6_6BC0YjBYHYVYbAarwXA02M0OAAAAwJ3___9_PGWbfppcsZBaekBos3IuloOVbeQyLhbG1XKwMSwcNuNqshquZq6R92yAPxiZBkUG9aGYwWB4WQ0GoqLrbbE7nGbPWzM_E7YYrSaTzXI4Wy4mg-FoOBrtz0AslgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgwjKcjFy7kVs2c1jcotnI4RZODJu1auZyrIbL0WCzMKxFr4_pY5tNbJvlFgkGeOxFcJFOZH7LzW95vf2mp9_uVnkuYonmZJFOZJd9abNyLpaDlW3kMi4WxtVysDEsHDbjarIarmaukb9hGU5Grt3ILZs5LG7RbORwCyeGzVo1czlWw-VosFkY1qLXx_SxzSa2zXLf2A0Ws9Vot9jsG7vBYrYa7RabfYfJ9Ex9zka_reT3mGyt21oqsTkNCpfB4v19LtJmtHEzumTGbmdnEmdD2oMx4vf7_X6_3-_3-8UJr0HhOXhUu2nQNF5fjpvdeuM9GBSxRHC6SCeil_F0EUskT4t0ohwsVqPhwuXwDFemlXNksRg2w-HG5JnYjJPVwmMRS5Smi3Sil6j_6CF2w7lktZorRsO5YjZcJQAAAAAAAAAASzDNdBMAAAAAJ4MYLieT3XIBPMT_6QIAAAAAAAAA2OX-MxZmn95WWayxxyDMb7n5La-33_T0290qz5UBPFCTM9vMM4JYq9WyBgAAIIANAAAggJtuvAnMYOTsA5Iq8sCNWi_8B6BCrNVq-XyxVqsl8P___x8!&cmcv=&pix=undefined&cb=1701654714049&uv=3363&tms=1701654714049&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!iiqrc_vB!t45!u2822_vA!ufm&ru=https://himitsu-no-pettoakad.foroactivo.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=42c79668-1251-41bf-9d11-16b9decb4f1d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.210.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-210-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame DEA9 0
15 B 68ms
67ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7BE1 281 B
555 B 110ms
63ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8015557&crid=4660561&dast=V8i4MCLAbkIMwtdRtP_RDIQZhb6jae-ikAAABgYED8AAlNNr7lbDZcKyarxVq0mNjcypFjsVbMJs6Ry2MxzRwjIyAZ32AxGmwma9XEOXGLVs7FWjlyzdyymWuwcRknDpdtMgUUMxgML6vBQFR0vS12h9PseWvWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPAA46oiC8AMIABABAAAAQAIAAAAAhYAK_xYELgAAAABgACiA2tcA8MmBIU-Xl0Fld1kcXq8_AAA8QIAAABDAIAEgML5SAgDCs-4EAAAAAAAAAACL_____xgAek7FMgAsoFd7ADz4AHggUrBahBEAAAAA2X9K1COTdIKKRRUAAIJ0KwBXAAACGGUMq3DCAAAAAIgp2_TT5IqF1BqzQA-L32922DV-t8sAAAAAAAAAAJj5P_OPRshtvTBNEIxeuJpfQACANb-AAABs1A0AwJsAOCGHBU2nw-e61wudbqfp83rL_W7By3T6O7wOk13mt_wdHtPT9rdr_G6_6BC0YjBYHYVYbAarwXA02M0OAAAAwJ3___9_PGWbfppcsZBaekBos3IuloOVbeQyLhbG1XKwMSwcNuNqshquZq6R92yAPxiZBkUG9aGYwWB4WQ0GoqLrbbE7nGbPWzM_E7YYrSaTzXI4Wy4mg-FoOBrtz0AslgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgwjKcjFy7kVs2c1jcotnI4RZODJu1auZyrIbL0WCzMKxFr4_pY5tNbJvlFgkGeOxFcJFOZH7LzW95vf2mp9_uVnkuYonmZJFOZJd9abNyLpaDlW3kMi4WxtVysDEsHDbjarIarmaukb9hGU5Grt3ILZs5LG7RbORwCyeGzVo1czlWw-VosFkY1qLXx_SxzSa2zXLf2A0Ws9Vot9jsG7vBYrYa7RabfYfJ9Ex9zka_reT3mGyt21oqsTkNCpfB4v19LtJmtHEzumTGbmdnEmdD2oMx4vf7_X6_3-_3-8UJr0HhOXhUu2nQNF5fjpvdeuM9GBSxRHC6SCeil_F0EUskT4t0ohwsVqPhwuXwDFemlXNksRg2w-HG5JnYjJPVwmMRS5Smi3Sil6j_6CF2w7lktZorRsO5YjZcJQAAAAAAAAAASzDNdBMAAAAAJ4MYLieT3XIBPMT_6QIAAAAAAAAA2OX-MxZmn95WWayxxyDMb7n5La-33_T0290qz5UBPFCTM9vMM4JYq9WyBgAAIIANAAAggJtuvAnMYOTsA5Iq8sCNWi_8B6BCrNVq-XyxVqsl8P___x8!&cmcv=&pix=undefined&cb=1701654714049&uv=3363&tms=1701654714049&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!iiqrc_vB!t45!u2822_vA!ufm&ru=https://himitsu-no-pettoakad.foroactivo.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=42c79668-1251-41bf-9d11-16b9decb4f1d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Dec 2023 01:51:54 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.7.9/ Frame DAD5 439 KB
82 KB 48ms
47ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.9/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_3/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 97bf4937abedd73eacfe93324d5cd5dabccc0f7494b468097f0402d99a1c6947

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Origin: https://himitsu-no-pettoakad.foroactivo.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-meta-mtime: 1701511276
date: Mon, 04 Dec 2023 01:51:54 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 8JD7BW4BE10GP2S9
age: 143376
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1701511290
x-amz-meta-mode: 33188
content-length: 83546
x-amz-id-2: GTnuANAJ4IOJxCe3fCRxpYS6Af9PbyL9Zk8EYyQ02kvxWlE4XfmjHvclHXwjihEzwtkvr0N/1xw=
x-served-by: cache-bma1624-BMA
last-modified: Sat, 02 Dec 2023 10:01:31 GMT
server: AmazonS3-br
x-timer: S1701654714.255326,VS0,VE0
etag: "ab8070e1821ba10c9330788d3120ed3f"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 11834

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 8564 798 B
883 B 62ms
62ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8FSACLAbMfGGwvB6KcBKY-cJgeT0U4SwAAABgYED8AEltNhPHyrJxy1aT5Vq0sEzcwplr4datbLPFyuVceVa-ISAZ52Ti3ExsbsHGY1yLhrvVWmJaLdwi22Kx3A1WztHEZgURNxkOn4OBqOh6W-wOp9nzBixoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3--UAAAAA4AHAUUcPhB9AAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAA0AB1L4GgE8ODHm6vAwqu8vi8Hr9AQDgAQIEAIAABgkAgfGVEgAQnnUnAAAAAAAAAABY_P___8cA0HMqlgFgAb3aA-DBB8ADkQLIIowAAAAAyP5Toh6ZpBNULKoAABCkWwG4AgAQwChjOLUbBgAAAEBM2aafJlcspNaYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEJu64VpgmD0wtX8AgIArPkFBABgo24AAN4EwAk5LGg6HT7XvV7odDtNn9db7ncLXqbT3-F1mOwyv-Xv8Jietr9d43f7RYegFYPB6ijEYjNYDYajwW52AAAAAO78____4ynb9NPkioXU0gMiFsPMZnItVr7lZDGxzDwL08rhcHkWg-HIOZg5tudpW6qa0h4Lq0_ETYbD52AgKrreFrvDafbcz4QtRqvJZLMczpaLyWA4Go5G-zMQi-UATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGBo5HBvLwuNWLowTt2gxmLiFM4dhLZqZXK7VaLNYWFZr0etj-thmE9tmuEWCAR57EVykE5nfcvNbXm-_6em3u1Wei1iiOVmkE9llX7EYZjaTa7HyLSeLiWXmWZhWDofLsxgMR87BzLEvjRyOjWXhcSsXxolbtBhM3MKZw7AWzUwu12q0WSwsq7Xo9TF9bLOJbTPcN3aDxWw12i0m-8ZusJitRrvFZN9hMj1Tn7PRbyv5PSZb67aWSmxOg8JlsHh_n4u0GW3cjC6ZsdvZmcTZkPZgjPj9fr_f7_f7_X5xwmtQeA4e1W4aNI3Xl-Nmt954DwZFLBGcLtKJ6GU8XcQSydMinSh3i4VxYTKsHBbTcrSYDEe7iWswmQyWo91kNVtYxBKl6SKd6CXqP3qI3XAuWa3mitFwrpgNVwkAAAAAAAAAwBJMM90EAAAAwMkghsvJZLdcAA_xf7oAAAAAAAAAAHa5_4yF2ae3VRZr7DEI81tufsvr7Tc9_Xa3ynNlAA_U5Mw284wg1mq1rAEAAAhgAwAACOCmG28CMxg5-4Ckijxwo9YL-RXEaDFY7B-ACrFWq-XzxVqtlsD___9_!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_3/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 47d4e9b714d5fca8932b8f8f6cda664cfe8e8475002246b78b1c6c1544109188

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 04 Dec 2023 01:51:54 GMT
machineid: 3408
server: nginx

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0A5B 46 KB
13 KB 69ms
68ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 45ef75076a87745600acde6abefec30a166fe98981b878868da0e92d54e276da

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 01:51:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 03 Dec 2023 16:27:34 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52570
Connection: keep-alive
Content-Length: 13236
Expires: Mon, 04 Dec 2023 16:28:04 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 78AC 16 KB
6 KB 214ms
64ms Document
text/html 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpbs.prd.audiencerun.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=132063
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Mon, 04 Dec 2023 01:51:54 GMT
expires: Tue, 05 Dec 2023 14:32:57 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ Frame DAD5 89 KB
89 KB 47ms
46ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Mon, 04 Dec 2023 01:51:54 GMT
via: 1.1 9803a30a87f1ec1047cb2b8ad5ecc43e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
age: 605685
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-bma1640-BMA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1701654714.292999,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: gopM2XYfUoVUFmJXQ0440-QEF6IoAyvdLK0EUOquu3M35zK6ZGLwLg==
x-cache-hits: 56733

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame AB00 46 KB
13 KB 77ms
76ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 45ef75076a87745600acde6abefec30a166fe98981b878868da0e92d54e276da

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 01:51:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 03 Dec 2023 16:27:34 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52570
Connection: keep-alive
Content-Length: 13236
Expires: Mon, 04 Dec 2023 16:28:04 GMT

POST
H2 204 bulk Show response
trc.taboola.com/forforumotion-es/log/3/ Frame DAD5 0
372 B 144ms
144ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/forforumotion-es/log/3/bulk?tvi48=13667&tvi50=14101&route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231130-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 98
date: Mon, 04 Dec 2023 01:51:54 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 93170
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-bma1640-BMA
pragma: no-cache
server: nginx
x-timer: S1701654714.299328,VS0,VE98
content-type: image/gif
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.7.9/ Frame 6853 439 KB
82 KB 47ms
46ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.9/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_3/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 97bf4937abedd73eacfe93324d5cd5dabccc0f7494b468097f0402d99a1c6947

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Origin: https://himitsu-no-pettoakad.foroactivo.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-meta-mtime: 1701511276
date: Mon, 04 Dec 2023 01:51:54 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 8JD7BW4BE10GP2S9
age: 143376
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1701511290
x-amz-meta-mode: 33188
content-length: 83546
x-amz-id-2: GTnuANAJ4IOJxCe3fCRxpYS6Af9PbyL9Zk8EYyQ02kvxWlE4XfmjHvclHXwjihEzwtkvr0N/1xw=
x-served-by: cache-bma1624-BMA
last-modified: Sat, 02 Dec 2023 10:01:31 GMT
server: AmazonS3-br
x-timer: S1701654714.338917,VS0,VE0
etag: "ab8070e1821ba10c9330788d3120ed3f"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 11835

GET
H2 200 sync Show response
am-match.taboola.com/ Frame CEB9 577 B
671 B 61ms
60ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8xb4CLAaE5XTldv-EfxMIy-nK7f4J_y4AAABgYED8AMmtFi6Px2RxCye2kVs0W-7WytFmsRauRibfzLjxeFw2IyC51cLl8ZgsbuHENnKLZsvdWjnaLNbC1cjkmxk3Ho_LZgUUMxgML6vBQFR0vS12h9PseevWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8MmBIU-Xl0Fld1kcXq8_AAAAAIAAAAAAIAEgML5SAgDCs-7E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAkDPkrxsLfTHnMYNIgV4RRgAAAABk_ylRj0zSCSoWVf7___utAFwBAAhglDGU-syiOyjxFgYAAABATNmmnyZXLKTWmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCbuuFaYJg9MLV_AICAKz5BQQAYKNuAADeBMAJOSxoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3-0WHoBWDweooxGIzWA2Go8FudgAAAADu_P___-Mp2_TT5IqF1NIDIpbdZjcaDhcz02wxcyyHk-VgNBgOVs7VcDRazryHPKBTNZYfvaUPxQwGw8tqMBAVXW-L3eE0e966-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYrEcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGPO0Wi4mSzWypVp4xaNLCu3xGUyuTWzicU22LgszuFyLXp9TB_bbGLbDLdIMMBjL5KnRTrROHejwWA4Wdk2zt1iOZmZTC7PcDayGVcTw8gym4glmpNFOpFd9hXLbrMbDYeLmWm2mDmWw8lyMBoMByvnajgaLWf-mnM0Gm4mi7VyZdq4RSPLyi1xmUxuzWxisQ02LotzuFyLXh_Txzab2DbDfWM3WMxWo91ism_sBovZarRbTPYdJtMz9Tkb_baS32OytW5rqcTmNChcBov397lIm9HGzeiSGbudnUmcDWkPxojf7_f7_X6_3-8XJ7wGhefgUe2mQdN4fTluduuN92BQxBLBRTqR-S03v-X19puefrtb5bmIJUrTRTrRS8QSwekinYhextNF_UcPsRvOJavVXDEazhWz4SoBAAAAAAAAAFiCaaabAAAAADgZxHA5mezW6SAGw-VitFgugIf4P10AAAAAAAAAALvcf8bC7NPbKos19hiE-S03v-X19puefrtb5bkygAdqcmabfUYQa7Va1gAAAASwAQAABHDTjTeBGUzc_____zgAAAAycugBAACI7wOSKvLAjVov5FcQm8Vqtn8AKsRarVa3G2u1WgENZLeYbXYT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_3/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 7bee53a116878a514fbec6c8cbbc0dc98ae38bdcc4f4b7907d0e6898917faa3c

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 04 Dec 2023 01:51:54 GMT
machineid: 3401
server: nginx

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_6_3/assets/css/ Frame 67FB 60 KB
8 KB 46ms
46ms Stylesheet
text/css 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_6_3/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-meta-mtime: 1701511361
date: Mon, 04 Dec 2023 01:51:54 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: GW3PWMPZ07VVTGMT
age: 143283
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1701511362
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: Qtl8fmuz3AcQ1yO/TfxAO/jMBhlt+EMG2hGyOBC2k2baMQgQ0Lwh7fIQPqcHnb+eR1Rm+xIZT+k=
x-served-by: cache-bma1640-BMA
last-modified: Sat, 02 Dec 2023 10:02:43 GMT
server: AmazonS3-br
x-timer: S1701654714.359372,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 11086

GET
H2 200 cmTagWIDGET_ITEM.js Show response
vidstat.taboola.com/vpaid/units/33_6_3/infra/ Frame 67FB 493 KB
105 KB 47ms
47ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_6_3/infra/cmTagWIDGET_ITEM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: f955584c2704042e9c307f79de1b54aadbe56ea7dd638f352d149e01a9db4aab

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Origin: https://himitsu-no-pettoakad.foroactivo.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-meta-mtime: 1701511321
date: Mon, 04 Dec 2023 01:51:54 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 3JP3JFZFGMTRHN8V
age: 143280
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1701511322
x-amz-meta-mode: 33188
content-length: 107217
x-amz-id-2: 2mL+Ws3mQmPcl4Xxatr4+X0eaOKlhOYTynIHSO7D2Z/TGGWugJF1VRcKKAxhPC3MNu+Nb/pPOTc=
x-served-by: cache-bma1624-BMA
last-modified: Sat, 02 Dec 2023 10:02:03 GMT
server: AmazonS3-br
x-timer: S1701654714.360286,VS0,VE0
etag: "5e801116bda0ad6456401675cb51692a"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 4317

POST
H2 204 visible Show response
trc.taboola.com/forforumotion-es/log/3/ Frame DAD5 0
320 B 143ms
142ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/forforumotion-es/log/3/visible?tvi48=13667&tvi50=14101&route=AM%3AIL%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231130-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 96
date: Mon, 04 Dec 2023 01:51:54 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 92080
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-bma1640-BMA
pragma: no-cache
server: nginx
x-timer: S1701654714.362345,VS0,VE96
content-type: image/gif
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 st
am-vid-events.taboola.com/ Frame DAD5 0
43 B 61ms
60ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=8015557&crid=4660541&dast=V8FSACLAbMfGGwvB6KcBKY-cJgeT0U4SwAAABgYED8AEltNhPHyrJxy1aT5Vq0sEzcwplr4datbLPFyuVceVa-ISAZ52Ti3ExsbsHGY1yLhrvVWmJaLdwi22Kx3A1WztHEZgURNxkOn4OBqOh6W-wOp9nzBixoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3--UAAAAA4AHAUUcPhB9AAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAA0AB1L4GgE8ODHm6vAwqu8vi8Hr9AQDgAQIEAIAABgkAgfGVEgAQnnUnAAAAAAAAAABY_P___8cA0HMqlgFgAb3aA-DBB8ADkQLIIowAAAAAyP5Toh6ZpBNULKoAABCkWwG4AgAQwChjOLUbBgAAAEBM2aafJlcspNaYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEJu64VpgmD0wtX8AgIArPkFBABgo24AAN4EwAk5LGg6HT7XvV7odDtNn9db7ncLXqbT3-F1mOwyv-Xv8Jietr9d43f7RYegFYPB6ijEYjNYDYajwW52AAAAAO78____4ynb9NPkioXU0gMiFsPMZnItVr7lZDGxzDwL08rhcHkWg-HIOZg5tudpW6qa0h4Lq0_ETYbD52AgKrreFrvDafbcz4QtRqvJZLMczpaLyWA4Go5G-zMQi-UATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGBo5HBvLwuNWLowTt2gxmLiFM4dhLZqZXK7VaLNYWFZr0etj-thmE9tmuEWCAR57EVykE5nfcvNbXm-_6em3u1Wei1iiOVmkE9llX7EYZjaTa7HyLSeLiWXmWZhWDofLsxgMR87BzLEvjRyOjWXhcSsXxolbtBhM3MKZw7AWzUwu12q0WSwsq7Xo9TF9bLOJbTPcN3aDxWw12i0m-8ZusJitRrvFZN9hMj1Tn7PRbyv5PSZb67aWSmxOg8JlsHh_n4u0GW3cjC6ZsdvZmcTZkPZgjPj9fr_f7_f7_X5xwmtQeA4e1W4aNI3Xl-Nmt954DwZFLBGcLtKJ6GU8XcQSydMinSh3i4VxYTKsHBbTcrSYDEe7iWswmQyWo91kNVtYxBKl6SKd6CXqP3qI3XAuWa3mitFwrpgNVwkAAAAAAAAAwBJMM90EAAAAwMkghsvJZLdcAA_xf7oAAAAAAAAAAHa5_4yF2ae3VRZr7DEI81tufsvr7Tc9_Xa3ynNlAA_U5Mw284wg1mq1rAEAAAhgAwAACOCmG28CMxg5-4Ckijxwo9YL-RXEaDFY7B-ACrFWq-XzxVqtlsD___9_!&cmcv=&pix=31579697&cb=1701654714348&uv=3363&tms=1701654714348&su=&abt=adxsub-out_vA!adxsub-out_vB!ufm_vA&ru=https://himitsu-no-pettoakad.foroactivo.com/&ft=1&unm=WIDGET_ITEM&
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
content-length: 0
server: nginx

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7BE1 46 KB
13 KB 76ms
75ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 45ef75076a87745600acde6abefec30a166fe98981b878868da0e92d54e276da

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 01:51:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 03 Dec 2023 16:27:34 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52570
Connection: keep-alive
Content-Length: 13236
Expires: Mon, 04 Dec 2023 16:28:04 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame E53C 7 B
380 B 301ms
63ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: f2725c115d816cae2dce6044d9cf3fcf
Expires: 0

POST
H2 204 pm Show response
d.audiencerun.com/ 0
866 B 389ms
389ms XHR
text/plain 3.20.201.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.audiencerun.com/pm
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/f/nat/0.native.js?ver=246935
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.201.250 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-201-250.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
date: Mon, 04 Dec 2023 01:51:54 GMT
access-control-allow-credentials: true
server: nginx

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 8564 70 B
148 B 76ms
76ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8FSACLAbMfGGwvB6KcBKY-cJgeT0U4SwAAABgYED8AEltNhPHyrJxy1aT5Vq0sEzcwplr4datbLPFyuVceVa-ISAZ52Ti3ExsbsHGY1yLhrvVWmJaLdwi22Kx3A1WztHEZgURNxkOn4OBqOh6W-wOp9nzBixoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3--UAAAAA4AHAUUcPhB9AAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAA0AB1L4GgE8ODHm6vAwqu8vi8Hr9AQDgAQIEAIAABgkAgfGVEgAQnnUnAAAAAAAAAABY_P___8cA0HMqlgFgAb3aA-DBB8ADkQLIIowAAAAAyP5Toh6ZpBNULKoAABCkWwG4AgAQwChjOLUbBgAAAEBM2aafJlcspNaYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEJu64VpgmD0wtX8AgIArPkFBABgo24AAN4EwAk5LGg6HT7XvV7odDtNn9db7ncLXqbT3-F1mOwyv-Xv8Jietr9d43f7RYegFYPB6ijEYjNYDYajwW52AAAAAO78____4ynb9NPkioXU0gMiFsPMZnItVr7lZDGxzDwL08rhcHkWg-HIOZg5tudpW6qa0h4Lq0_ETYbD52AgKrreFrvDafbcz4QtRqvJZLMczpaLyWA4Go5G-zMQi-UATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGBo5HBvLwuNWLowTt2gxmLiFM4dhLZqZXK7VaLNYWFZr0etj-thmE9tmuEWCAR57EVykE5nfcvNbXm-_6em3u1Wei1iiOVmkE9llX7EYZjaTa7HyLSeLiWXmWZhWDofLsxgMR87BzLEvjRyOjWXhcSsXxolbtBhM3MKZw7AWzUwu12q0WSwsq7Xo9TF9bLOJbTPcN3aDxWw12i0m-8ZusJitRrvFZN9hMj1Tn7PRbyv5PSZb67aWSmxOg8JlsHh_n4u0GW3cjC6ZsdvZmcTZkPZgjPj9fr_f7_f7_X5xwmtQeA4e1W4aNI3Xl-Nmt954DwZFLBGcLtKJ6GU8XcQSydMinSh3i4VxYTKsHBbTcrSYDEe7iWswmQyWo91kNVtYxBKl6SKd6CXqP3qI3XAuWa3mitFwrpgNVwkAAAAAAAAAwBJMM90EAAAAwMkghsvJZLdcAA_xf7oAAAAAAAAAAHa5_4yF2ae3VRZr7DEI81tufsvr7Tc9_Xa3ynNlAA_U5Mw284wg1mq1rAEAAAhgAwAACOCmG28CMxg5-4Ckijxwo9YL-RXEaDFY7B-ACrFWq-XzxVqtlsD___9_!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 4da1c2ac-9a8b-410b-8fa0-4fde55431a25-tuctc66b638
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 8564 43 B
425 B 80ms
79ms Image
image/gif 2a05:d018:d29:3602:c677:cda8:fdd8:5f9a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/4da1c2ac-9a8b-410b-8fa0-4fde55431a25-tuctc66b638?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:c677:cda8:fdd8:5f9a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 8564 0
15 B 66ms
65ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 sync
x.bidswitch.net/ Frame 8564 43 B
145 B 64ms
63ms Image
image/gif 35.156.210.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8FSACLAbMfGGwvB6KcBKY-cJgeT0U4SwAAABgYED8AEltNhPHyrJxy1aT5Vq0sEzcwplr4datbLPFyuVceVa-ISAZ52Ti3ExsbsHGY1yLhrvVWmJaLdwi22Kx3A1WztHEZgURNxkOn4OBqOh6W-wOp9nzBixoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3--UAAAAA4AHAUUcPhB9AAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAA0AB1L4GgE8ODHm6vAwqu8vi8Hr9AQDgAQIEAIAABgkAgfGVEgAQnnUnAAAAAAAAAABY_P___8cA0HMqlgFgAb3aA-DBB8ADkQLIIowAAAAAyP5Toh6ZpBNULKoAABCkWwG4AgAQwChjOLUbBgAAAEBM2aafJlcspNaYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEJu64VpgmD0wtX8AgIArPkFBABgo24AAN4EwAk5LGg6HT7XvV7odDtNn9db7ncLXqbT3-F1mOwyv-Xv8Jietr9d43f7RYegFYPB6ijEYjNYDYajwW52AAAAAO78____4ynb9NPkioXU0gMiFsPMZnItVr7lZDGxzDwL08rhcHkWg-HIOZg5tudpW6qa0h4Lq0_ETYbD52AgKrreFrvDafbcz4QtRqvJZLMczpaLyWA4Go5G-zMQi-UATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGBo5HBvLwuNWLowTt2gxmLiFM4dhLZqZXK7VaLNYWFZr0etj-thmE9tmuEWCAR57EVykE5nfcvNbXm-_6em3u1Wei1iiOVmkE9llX7EYZjaTa7HyLSeLiWXmWZhWDofLsxgMR87BzLEvjRyOjWXhcSsXxolbtBhM3MKZw7AWzUwu12q0WSwsq7Xo9TF9bLOJbTPcN3aDxWw12i0m-8ZusJitRrvFZN9hMj1Tn7PRbyv5PSZb67aWSmxOg8JlsHh_n4u0GW3cjC6ZsdvZmcTZkPZgjPj9fr_f7_f7_X5xwmtQeA4e1W4aNI3Xl-Nmt954DwZFLBGcLtKJ6GU8XcQSydMinSh3i4VxYTKsHBbTcrSYDEe7iWswmQyWo91kNVtYxBKl6SKd6CXqP3qI3XAuWa3mitFwrpgNVwkAAAAAAAAAwBJMM90EAAAAwMkghsvJZLdcAA_xf7oAAAAAAAAAAHa5_4yF2ae3VRZr7DEI81tufsvr7Tc9_Xa3ynNlAA_U5Mw284wg1mq1rAEAAAhgAwAACOCmG28CMxg5-4Ckijxwo9YL-RXEaDFY7B-ACrFWq-XzxVqtlsD___9_!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.210.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-210-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ Frame 6853 89 KB
89 KB 47ms
46ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Mon, 04 Dec 2023 01:51:54 GMT
via: 1.1 9803a30a87f1ec1047cb2b8ad5ecc43e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
age: 605685
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-bma1640-BMA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1701654714.406940,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: gopM2XYfUoVUFmJXQ0440-QEF6IoAyvdLK0EUOquu3M35zK6ZGLwLg==
x-cache-hits: 56734

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame DAD5 254 B
763 B 47ms
46ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Mon, 04 Dec 2023 01:51:54 GMT
via: 1.1 varnish
x-amz-request-id: 4JKSR0YA3KVH073N
age: 4938
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-served-by: cache-bma1640-BMA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1701654714.411535,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 40
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 294

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame D769 281 B
555 B 63ms
63ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8FSACLAbMfGGwvB6KcBKY-cJgeT0U4SwAAABgYED8AEltNhPHyrJxy1aT5Vq0sEzcwplr4datbLPFyuVceVa-ISAZ52Ti3ExsbsHGY1yLhrvVWmJaLdwi22Kx3A1WztHEZgURNxkOn4OBqOh6W-wOp9nzBixoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3--UAAAAA4AHAUUcPhB9AAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAA0AB1L4GgE8ODHm6vAwqu8vi8Hr9AQDgAQIEAIAABgkAgfGVEgAQnnUnAAAAAAAAAABY_P___8cA0HMqlgFgAb3aA-DBB8ADkQLIIowAAAAAyP5Toh6ZpBNULKoAABCkWwG4AgAQwChjOLUbBgAAAEBM2aafJlcspNaYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEJu64VpgmD0wtX8AgIArPkFBABgo24AAN4EwAk5LGg6HT7XvV7odDtNn9db7ncLXqbT3-F1mOwyv-Xv8Jietr9d43f7RYegFYPB6ijEYjNYDYajwW52AAAAAO78____4ynb9NPkioXU0gMiFsPMZnItVr7lZDGxzDwL08rhcHkWg-HIOZg5tudpW6qa0h4Lq0_ETYbD52AgKrreFrvDafbcz4QtRqvJZLMczpaLyWA4Go5G-zMQi-UATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGBo5HBvLwuNWLowTt2gxmLiFM4dhLZqZXK7VaLNYWFZr0etj-thmE9tmuEWCAR57EVykE5nfcvNbXm-_6em3u1Wei1iiOVmkE9llX7EYZjaTa7HyLSeLiWXmWZhWDofLsxgMR87BzLEvjRyOjWXhcSsXxolbtBhM3MKZw7AWzUwu12q0WSwsq7Xo9TF9bLOJbTPcN3aDxWw12i0m-8ZusJitRrvFZN9hMj1Tn7PRbyv5PSZb67aWSmxOg8JlsHh_n4u0GW3cjC6ZsdvZmcTZkPZgjPj9fr_f7_f7_X5xwmtQeA4e1W4aNI3Xl-Nmt954DwZFLBGcLtKJ6GU8XcQSydMinSh3i4VxYTKsHBbTcrSYDEe7iWswmQyWo91kNVtYxBKl6SKd6CXqP3qI3XAuWa3mitFwrpgNVwkAAAAAAAAAwBJMM90EAAAAwMkghsvJZLdcAA_xf7oAAAAAAAAAAHa5_4yF2ae3VRZr7DEI81tufsvr7Tc9_Xa3ynNlAA_U5Mw284wg1mq1rAEAAAhgAwAACOCmG28CMxg5-4Ckijxwo9YL-RXEaDFY7B-ACrFWq-XzxVqtlsD___9_!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Dec 2023 01:51:54 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 0A5B 7 B
380 B 253ms
64ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 3db54fddb1cb324ce2cdd5a6ec3dc2dd
Expires: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame CEB9 70 B
148 B 76ms
76ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8xb4CLAaE5XTldv-EfxMIy-nK7f4J_y4AAABgYED8AMmtFi6Px2RxCye2kVs0W-7WytFmsRauRibfzLjxeFw2IyC51cLl8ZgsbuHENnKLZsvdWjnaLNbC1cjkmxk3Ho_LZgUUMxgML6vBQFR0vS12h9PseevWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8MmBIU-Xl0Fld1kcXq8_AAAAAIAAAAAAIAEgML5SAgDCs-7E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAkDPkrxsLfTHnMYNIgV4RRgAAAABk_ylRj0zSCSoWVf7___utAFwBAAhglDGU-syiOyjxFgYAAABATNmmnyZXLKTWmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCbuuFaYJg9MLV_AICAKz5BQQAYKNuAADeBMAJOSxoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3-0WHoBWDweooxGIzWA2Go8FudgAAAADu_P___-Mp2_TT5IqF1NIDIpbdZjcaDhcz02wxcyyHk-VgNBgOVs7VcDRazryHPKBTNZYfvaUPxQwGw8tqMBAVXW-L3eE0e966-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYrEcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGPO0Wi4mSzWypVp4xaNLCu3xGUyuTWzicU22LgszuFyLXp9TB_bbGLbDLdIMMBjL5KnRTrROHejwWA4Wdk2zt1iOZmZTC7PcDayGVcTw8gym4glmpNFOpFd9hXLbrMbDYeLmWm2mDmWw8lyMBoMByvnajgaLWf-mnM0Gm4mi7VyZdq4RSPLyi1xmUxuzWxisQ02LotzuFyLXh_Txzab2DbDfWM3WMxWo91ism_sBovZarRbTPYdJtMz9Tkb_baS32OytW5rqcTmNChcBov397lIm9HGzeiSGbudnUmcDWkPxojf7_f7_X6_3-8XJ7wGhefgUe2mQdN4fTluduuN92BQxBLBRTqR-S03v-X19puefrtb5bmIJUrTRTrRS8QSwekinYhextNF_UcPsRvOJavVXDEazhWz4SoBAAAAAAAAAFiCaaabAAAAADgZxHA5mezW6SAGw-VitFgugIf4P10AAAAAAAAAALvcf8bC7NPbKos19hiE-S03v-X19puefrtb5bkygAdqcmabfUYQa7Va1gAAAASwAQAABHDTjTeBGUzc_____zgAAAAycugBAACI7wOSKvLAjVov5FcQm8Vqtn8AKsRarVa3G2u1WgENZLeYbXYT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 f9448321-9e4c-4d2e-bedd-36bb60ceb989-tuctc66b638
pr-bh.ybp.yahoo.com/sync/taboola/ Frame CEB9 43 B
425 B 75ms
75ms Image
image/gif 2a05:d018:d29:3602:c677:cda8:fdd8:5f9a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/f9448321-9e4c-4d2e-bedd-36bb60ceb989-tuctc66b638?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:c677:cda8:fdd8:5f9a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame AB00 7 B
380 B 251ms
63ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame B0AF 281 B
555 B 64ms
64ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8xb4CLAaE5XTldv-EfxMIy-nK7f4J_y4AAABgYED8AMmtFi6Px2RxCye2kVs0W-7WytFmsRauRibfzLjxeFw2IyC51cLl8ZgsbuHENnKLZsvdWjnaLNbC1cjkmxk3Ho_LZgUUMxgML6vBQFR0vS12h9PseevWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8MmBIU-Xl0Fld1kcXq8_AAAAAIAAAAAAIAEgML5SAgDCs-7E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAkDPkrxsLfTHnMYNIgV4RRgAAAABk_ylRj0zSCSoWVf7___utAFwBAAhglDGU-syiOyjxFgYAAABATNmmnyZXLKTWmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCbuuFaYJg9MLV_AICAKz5BQQAYKNuAADeBMAJOSxoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3-0WHoBWDweooxGIzWA2Go8FudgAAAADu_P___-Mp2_TT5IqF1NIDIpbdZjcaDhcz02wxcyyHk-VgNBgOVs7VcDRazryHPKBTNZYfvaUPxQwGw8tqMBAVXW-L3eE0e966-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYrEcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGPO0Wi4mSzWypVp4xaNLCu3xGUyuTWzicU22LgszuFyLXp9TB_bbGLbDLdIMMBjL5KnRTrROHejwWA4Wdk2zt1iOZmZTC7PcDayGVcTw8gym4glmpNFOpFd9hXLbrMbDYeLmWm2mDmWw8lyMBoMByvnajgaLWf-mnM0Gm4mi7VyZdq4RSPLyi1xmUxuzWxisQ02LotzuFyLXh_Txzab2DbDfWM3WMxWo91ism_sBovZarRbTPYdJtMz9Tkb_baS32OytW5rqcTmNChcBov397lIm9HGzeiSGbudnUmcDWkPxojf7_f7_X6_3-8XJ7wGhefgUe2mQdN4fTluduuN92BQxBLBRTqR-S03v-X19puefrtb5bmIJUrTRTrRS8QSwekinYhextNF_UcPsRvOJavVXDEazhWz4SoBAAAAAAAAAFiCaaabAAAAADgZxHA5mezW6SAGw-VitFgugIf4P10AAAAAAAAAALvcf8bC7NPbKos19hiE-S03v-X19puefrtb5bkygAdqcmabfUYQa7Va1gAAAASwAQAABHDTjTeBGUzc_____zgAAAAycugBAACI7wOSKvLAjVov5FcQm8Vqtn8AKsRarVa3G2u1WgENZLeYbXYT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Dec 2023 01:51:54 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 5eyky1py1w
d.audiencerun.com/r/spn/1515303519418427/0.11159999999999999/ 43 B
881 B 312ms
312ms Image
image/gif 3.20.201.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.audiencerun.com/r/spn/1515303519418427/0.11159999999999999/5eyky1py1w
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.201.250 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-201-250.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-type: image/gif

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.7.9/ Frame 67FB 439 KB
82 KB 47ms
46ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.9/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_3/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 97bf4937abedd73eacfe93324d5cd5dabccc0f7494b468097f0402d99a1c6947

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Origin: https://himitsu-no-pettoakad.foroactivo.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-meta-mtime: 1701511276
date: Mon, 04 Dec 2023 01:51:54 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 8JD7BW4BE10GP2S9
age: 143376
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1701511290
x-amz-meta-mode: 33188
content-length: 83546
x-amz-id-2: GTnuANAJ4IOJxCe3fCRxpYS6Af9PbyL9Zk8EYyQ02kvxWlE4XfmjHvclHXwjihEzwtkvr0N/1xw=
x-served-by: cache-bma1624-BMA
last-modified: Sat, 02 Dec 2023 10:01:31 GMT
server: AmazonS3-br
x-timer: S1701654715.535824,VS0,VE0
etag: "ab8070e1821ba10c9330788d3120ed3f"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 11836

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 5BD7 798 B
892 B 61ms
61ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8i4MCLAbkIMwtdRtP_RDIQZhb6jae-ikAAABgYED8AAlNNr7lbDZcKyarxVq0mNjcypFjsVbMJs6Ry2MxzRwjIyAZ32AxGmwma9XEOXGLVs7FWjlyzdyymWuwcRknDpdtMgUUMxgML6vBQFR0vS12h9PseWvWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPAA46oiC8AMIABABAAAAQAIAAAAAhYAK_xYELgAAAABgACiA2tcA8MmBIU-Xl0Fld1kcXq8_AAA8QIAAABDAIAEgML5SAgDCs-4EAAAAAAAAAACL_____xgAek7FMgAsoFd7ADz4AHggUrBahBEAAAAA2X9K1COTdIKKRRUAAIJ0KwBXAAACGGUMq3DCAAAAAIgp2_TT5IqF1BqzQA-L32922DV-t8sAAAAAAAAAAJj5P_OPRshtvTBNEIxeuJpfQACANb-AAABs1A0AwJsAOCGHBU2nw-e61wudbqfp83rL_W7By3T6O7wOk13mt_wdHtPT9rdr_G6_6BC0YjBYHYVYbAarwXA02M0OAAAAwJ3___9_PGWbfppcsZBaekBos3IuloOVbeQyLhbG1XKwMSwcNuNqshquZq6R92yAPxiZBkUG9aGYwWB4WQ0GoqLrbbE7nGbPWzM_E7YYrSaTzXI4Wy4mg-FoOBrtz0AslgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgwjKcjFy7kVs2c1jcotnI4RZODJu1auZyrIbL0WCzMKxFr4_pY5tNbJvlFgkGeOxFcJFOZH7LzW95vf2mp9_uVnkuYonmZJFOZJd9abNyLpaDlW3kMi4WxtVysDEsHDbjarIarmaukb9hGU5Grt3ILZs5LG7RbORwCyeGzVo1czlWw-VosFkY1qLXx_SxzSa2zXLf2A0Ws9Vot9jsG7vBYrYa7RabfYfJ9Ex9zka_reT3mGyt21oqsTkNCpfB4v19LtJmtHEzumTGbmdnEmdD2oMx4vf7_X6_3-_3-8UJr0HhOXhUu2nQNF5fjpvdeuM9GBSxRHC6SCeil_F0EUskT4t0ohwsVqPhwuXwDFemlXNksRg2w-HG5JnYjJPVwmMRS5Smi3Sil6j_6CF2w7lktZorRsO5YjZcJQAAAAAAAAAASzDNdBMAAAAAJ4MYLieT3XIBPMT_6QIAAAAAAAAA2OX-MxZmn95WWayxxyDMb7n5La-33_T0290qz5UBPFCTM9vMM4JYq9WyBgAAIIANAAAggJtuvAnMYOTsA5Iq8sCNWi_8B6BCrNVq-XyxVqsl8P___x8!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_3/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: c230de4fe5d87b0cb5449c152bcaa64b4da9d3f7ed11e898835c7a350fe3e262

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 04 Dec 2023 01:51:54 GMT
machineid: 3402
server: nginx

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 7BE1 7 B
380 B 192ms
63ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: f2725c115d816cae2dce6044d9cf3fcf
Expires: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D769 46 KB
13 KB 75ms
75ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 45ef75076a87745600acde6abefec30a166fe98981b878868da0e92d54e276da

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 01:51:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 03 Dec 2023 16:27:34 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52570
Connection: keep-alive
Content-Length: 13236
Expires: Mon, 04 Dec 2023 16:28:04 GMT

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ Frame 67FB 89 KB
89 KB 46ms
46ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Mon, 04 Dec 2023 01:51:54 GMT
via: 1.1 9803a30a87f1ec1047cb2b8ad5ecc43e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
age: 605685
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-bma1640-BMA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1701654715.553442,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: gopM2XYfUoVUFmJXQ0440-QEF6IoAyvdLK0EUOquu3M35zK6ZGLwLg==
x-cache-hits: 56735

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B0AF 46 KB
13 KB 75ms
75ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 45ef75076a87745600acde6abefec30a166fe98981b878868da0e92d54e276da

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 01:51:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 03 Dec 2023 16:27:34 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52570
Connection: keep-alive
Content-Length: 13236
Expires: Mon, 04 Dec 2023 16:28:04 GMT

GET
H2 200 floor-refresh Show response
d.audiencerun.com/ 13 B
861 B 491ms
158ms XHR
text/html 3.20.201.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.audiencerun.com/floor-refresh?zoneHitId=e54afa751a1fa3b9f00c2ce64c3b3260&refreshOccurrence=1
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/f/nat/0.native.js?ver=246935
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.201.250 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-201-250.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b212347b0bc906eaa433a4b3cbc5ebc931c72228c1e5707b8798d9dedd37bf92

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Dec 2023 01:51:54 GMT
server: nginx
content-length: 13
content-type: text/html; charset=UTF-8

GET
H2 200 ip
d.audiencerun.com/ps/ 43 B
877 B 218ms
217ms Image
image/gif 3.20.201.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.audiencerun.com/ps/ip?sk=5eyky1py1w&zhid=e54afa751a1fa3b9f00c2ce64c3b3260&iid=1515303519418427&pcid=1298&cpm=0.11159999999999999&pm_guid=1959ea1f-315f-4cea-a405-95fd6889f8f7
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.201.250 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-201-250.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-type: image/gif

GET
H2 200 e54afa751a1fa3b9f00c2ce64c3b3260
d.audiencerun.com/c/5eyky1py1w/ps/hp/ 43 B
882 B 214ms
214ms Image
image/gif 3.20.201.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.audiencerun.com/c/5eyky1py1w/ps/hp/e54afa751a1fa3b9f00c2ce64c3b3260
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.201.250 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-201-250.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-type: image/gif

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 78AC 0
42 B 213ms
65ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=82135010&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpbs.prd.audiencerun.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:53 GMT
content-length: 0

POST
H2 204 bulk Show response
trc.taboola.com/forforumotion-es/log/3/ Frame 6853 0
372 B 145ms
144ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/forforumotion-es/log/3/bulk?tvi48=-48&tvi50=13156&route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231130-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 97
date: Mon, 04 Dec 2023 01:51:54 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 93154
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-bma1640-BMA
pragma: no-cache
server: nginx
x-timer: S1701654715.618630,VS0,VE97
content-type: image/gif
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9761 0
466 B 250ms
84ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHfi88DEOKAs84FGPORk_4BMAE&v=APEucNVY4q97Sw5mc57ZgMVpQCwu8NKJM5K73MEFenRR2FYG8XP6FIebV3cjJGOlGGJkj8bJYvujTC1Sv-c7Lunz-v2L5r3Tqrba0jhAtXj5QYj9DGtkzOqOCBAKmmuzTNzFcZUmtYlnX-HUic38FKGskLVkBVErCRHRJAIY06OKHgIr3zviMcQ

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 01:51:54 GMT
expires: Mon, 04 Dec 2023 01:51:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 138D 89 KB
31 KB 256ms
86ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31498
x-xss-protection: 0
server: cafe
etag: 4296746511219988724
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 01:51:54 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 138D 42 B
173 B 332ms
163ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BdYLDAbM0Zw8k8ZJpYXb1zNEYnQ-J-Vf7LoW5xBKL5Y5iCdWIYYxAmkINqF7y0IbSP9wjc1CPHhsJ-560-urDshx2IsExWSfyJYGI6pIX_Rq_ATZQ

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 138D 0
58 B 332ms
164ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7855228892013358960&x=8&ct=119

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 9e7a6d32-3610-4e13-a041-de7dcdd86af6
beacon-ams3.rubiconproject.com/beacon/d/ Frame 138D 43 B
227 B 300ms
61ms Image
image/avif 2602:803:c003:200::57
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/9e7a6d32-3610-4e13-a041-de7dcdd86af6?oo=0&accountId=19034&siteId=378238&zoneId=2088184&sizeId=2&e=6A1E40E384DA563B7A5CBFBA6064AEA15935E27158E4BD3DC9BE7C65F1008E035DDC6C681BA34712E15FE0FA5E688C5CB8B520C669668569C7D796B8CD03E72ED6121778F40EC8C49C7D6BB08757D79F4251CF53659DD8EAEAA54FF9F44523AB406BB5441BC01F068D292EA301012A55D17AA6E925ECFCC055533401B1E5C7FD2605645952F60178A2E83AF93D8571DD7B0D163A3F529E820CB5794EFB76117807F820340E73112C72BBA9508CE1C1F126AF36F35CBDA5BEE82A954C1004678A

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c003:200::57 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:54 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 5BD7 70 B
148 B 78ms
78ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8i4MCLAbkIMwtdRtP_RDIQZhb6jae-ikAAABgYED8AAlNNr7lbDZcKyarxVq0mNjcypFjsVbMJs6Ry2MxzRwjIyAZ32AxGmwma9XEOXGLVs7FWjlyzdyymWuwcRknDpdtMgUUMxgML6vBQFR0vS12h9PseWvWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPAA46oiC8AMIABABAAAAQAIAAAAAhYAK_xYELgAAAABgACiA2tcA8MmBIU-Xl0Fld1kcXq8_AAA8QIAAABDAIAEgML5SAgDCs-4EAAAAAAAAAACL_____xgAek7FMgAsoFd7ADz4AHggUrBahBEAAAAA2X9K1COTdIKKRRUAAIJ0KwBXAAACGGUMq3DCAAAAAIgp2_TT5IqF1BqzQA-L32922DV-t8sAAAAAAAAAAJj5P_OPRshtvTBNEIxeuJpfQACANb-AAABs1A0AwJsAOCGHBU2nw-e61wudbqfp83rL_W7By3T6O7wOk13mt_wdHtPT9rdr_G6_6BC0YjBYHYVYbAarwXA02M0OAAAAwJ3___9_PGWbfppcsZBaekBos3IuloOVbeQyLhbG1XKwMSwcNuNqshquZq6R92yAPxiZBkUG9aGYwWB4WQ0GoqLrbbE7nGbPWzM_E7YYrSaTzXI4Wy4mg-FoOBrtz0AslgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgwjKcjFy7kVs2c1jcotnI4RZODJu1auZyrIbL0WCzMKxFr4_pY5tNbJvlFgkGeOxFcJFOZH7LzW95vf2mp9_uVnkuYonmZJFOZJd9abNyLpaDlW3kMi4WxtVysDEsHDbjarIarmaukb9hGU5Grt3ILZs5LG7RbORwCyeGzVo1czlWw-VosFkY1qLXx_SxzSa2zXLf2A0Ws9Vot9jsG7vBYrYa7RabfYfJ9Ex9zka_reT3mGyt21oqsTkNCpfB4v19LtJmtHEzumTGbmdnEmdD2oMx4vf7_X6_3-_3-8UJr0HhOXhUu2nQNF5fjpvdeuM9GBSxRHC6SCeil_F0EUskT4t0ohwsVqPhwuXwDFemlXNksRg2w-HG5JnYjJPVwmMRS5Smi3Sil6j_6CF2w7lktZorRsO5YjZcJQAAAAAAAAAASzDNdBMAAAAAJ4MYLieT3XIBPMT_6QIAAAAAAAAA2OX-MxZmn95WWayxxyDMb7n5La-33_T0290qz5UBPFCTM9vMM4JYq9WyBgAAIIANAAAggJtuvAnMYOTsA5Iq8sCNWi_8B6BCrNVq-XyxVqsl8P___x8!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 a282d57d-6fab-46da-8b03-5fe1589403a0-tuctc66b639
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 5BD7 43 B
425 B 80ms
80ms Image
image/gif 2a05:d018:d29:3602:c677:cda8:fdd8:5f9a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/a282d57d-6fab-46da-8b03-5fe1589403a0-tuctc66b639?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:c677:cda8:fdd8:5f9a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 5BD7 0
15 B 66ms
65ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 sync
x.bidswitch.net/ Frame 5BD7 43 B
145 B 63ms
63ms Image
image/gif 35.156.210.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8i4MCLAbkIMwtdRtP_RDIQZhb6jae-ikAAABgYED8AAlNNr7lbDZcKyarxVq0mNjcypFjsVbMJs6Ry2MxzRwjIyAZ32AxGmwma9XEOXGLVs7FWjlyzdyymWuwcRknDpdtMgUUMxgML6vBQFR0vS12h9PseWvWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPAA46oiC8AMIABABAAAAQAIAAAAAhYAK_xYELgAAAABgACiA2tcA8MmBIU-Xl0Fld1kcXq8_AAA8QIAAABDAIAEgML5SAgDCs-4EAAAAAAAAAACL_____xgAek7FMgAsoFd7ADz4AHggUrBahBEAAAAA2X9K1COTdIKKRRUAAIJ0KwBXAAACGGUMq3DCAAAAAIgp2_TT5IqF1BqzQA-L32922DV-t8sAAAAAAAAAAJj5P_OPRshtvTBNEIxeuJpfQACANb-AAABs1A0AwJsAOCGHBU2nw-e61wudbqfp83rL_W7By3T6O7wOk13mt_wdHtPT9rdr_G6_6BC0YjBYHYVYbAarwXA02M0OAAAAwJ3___9_PGWbfppcsZBaekBos3IuloOVbeQyLhbG1XKwMSwcNuNqshquZq6R92yAPxiZBkUG9aGYwWB4WQ0GoqLrbbE7nGbPWzM_E7YYrSaTzXI4Wy4mg-FoOBrtz0AslgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgwjKcjFy7kVs2c1jcotnI4RZODJu1auZyrIbL0WCzMKxFr4_pY5tNbJvlFgkGeOxFcJFOZH7LzW95vf2mp9_uVnkuYonmZJFOZJd9abNyLpaDlW3kMi4WxtVysDEsHDbjarIarmaukb9hGU5Grt3ILZs5LG7RbORwCyeGzVo1czlWw-VosFkY1qLXx_SxzSa2zXLf2A0Ws9Vot9jsG7vBYrYa7RabfYfJ9Ex9zka_reT3mGyt21oqsTkNCpfB4v19LtJmtHEzumTGbmdnEmdD2oMx4vf7_X6_3-_3-8UJr0HhOXhUu2nQNF5fjpvdeuM9GBSxRHC6SCeil_F0EUskT4t0ohwsVqPhwuXwDFemlXNksRg2w-HG5JnYjJPVwmMRS5Smi3Sil6j_6CF2w7lktZorRsO5YjZcJQAAAAAAAAAASzDNdBMAAAAAJ4MYLieT3XIBPMT_6QIAAAAAAAAA2OX-MxZmn95WWayxxyDMb7n5La-33_T0290qz5UBPFCTM9vMM4JYq9WyBgAAIIANAAAggJtuvAnMYOTsA5Iq8sCNWi_8B6BCrNVq-XyxVqsl8P___x8!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.210.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-210-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A9A6 281 B
555 B 66ms
66ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8i4MCLAbkIMwtdRtP_RDIQZhb6jae-ikAAABgYED8AAlNNr7lbDZcKyarxVq0mNjcypFjsVbMJs6Ry2MxzRwjIyAZ32AxGmwma9XEOXGLVs7FWjlyzdyymWuwcRknDpdtMgUUMxgML6vBQFR0vS12h9PseWvWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPAA46oiC8AMIABABAAAAQAIAAAAAhYAK_xYELgAAAABgACiA2tcA8MmBIU-Xl0Fld1kcXq8_AAA8QIAAABDAIAEgML5SAgDCs-4EAAAAAAAAAACL_____xgAek7FMgAsoFd7ADz4AHggUrBahBEAAAAA2X9K1COTdIKKRRUAAIJ0KwBXAAACGGUMq3DCAAAAAIgp2_TT5IqF1BqzQA-L32922DV-t8sAAAAAAAAAAJj5P_OPRshtvTBNEIxeuJpfQACANb-AAABs1A0AwJsAOCGHBU2nw-e61wudbqfp83rL_W7By3T6O7wOk13mt_wdHtPT9rdr_G6_6BC0YjBYHYVYbAarwXA02M0OAAAAwJ3___9_PGWbfppcsZBaekBos3IuloOVbeQyLhbG1XKwMSwcNuNqshquZq6R92yAPxiZBkUG9aGYwWB4WQ0GoqLrbbE7nGbPWzM_E7YYrSaTzXI4Wy4mg-FoOBrtz0AslgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgwjKcjFy7kVs2c1jcotnI4RZODJu1auZyrIbL0WCzMKxFr4_pY5tNbJvlFgkGeOxFcJFOZH7LzW95vf2mp9_uVnkuYonmZJFOZJd9abNyLpaDlW3kMi4WxtVysDEsHDbjarIarmaukb9hGU5Grt3ILZs5LG7RbORwCyeGzVo1czlWw-VosFkY1qLXx_SxzSa2zXLf2A0Ws9Vot9jsG7vBYrYa7RabfYfJ9Ex9zka_reT3mGyt21oqsTkNCpfB4v19LtJmtHEzumTGbmdnEmdD2oMx4vf7_X6_3-_3-8UJr0HhOXhUu2nQNF5fjpvdeuM9GBSxRHC6SCeil_F0EUskT4t0ohwsVqPhwuXwDFemlXNksRg2w-HG5JnYjJPVwmMRS5Smi3Sil6j_6CF2w7lktZorRsO5YjZcJQAAAAAAAAAASzDNdBMAAAAAJ4MYLieT3XIBPMT_6QIAAAAAAAAA2OX-MxZmn95WWayxxyDMb7n5La-33_T0290qz5UBPFCTM9vMM4JYq9WyBgAAIIANAAAggJtuvAnMYOTsA5Iq8sCNWi_8B6BCrNVq-XyxVqsl8P___x8!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Dec 2023 01:51:54 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame D769 7 B
380 B 90ms
63ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 3db54fddb1cb324ce2cdd5a6ec3dc2dd
Expires: 0

POST
H2 204 bulk Show response
trc.taboola.com/forforumotion-es/log/3/ Frame 67FB 0
69 B 142ms
141ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/forforumotion-es/log/3/bulk?tvi2=-2&tvi48=12019&route=AM%3AIL%3AV&lti=verify-ri-changes_ctrl&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231130-25-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 95
date: Mon, 04 Dec 2023 01:51:54 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 92083
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-bma1640-BMA
pragma: no-cache
server: nginx
x-timer: S1701654715.664472,VS0,VE95
content-type: image/gif
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame B0AF 7 B
380 B 80ms
63ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 6853 254 B
711 B 48ms
46ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Mon, 04 Dec 2023 01:51:54 GMT
via: 1.1 varnish
x-amz-request-id: 4JKSR0YA3KVH073N
age: 4938
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-served-by: cache-bma1640-BMA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1701654715.680417,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 93
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 295

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A9A6 46 KB
13 KB 75ms
75ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 45ef75076a87745600acde6abefec30a166fe98981b878868da0e92d54e276da

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 01:51:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 03 Dec 2023 16:27:34 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52570
Connection: keep-alive
Content-Length: 13236
Expires: Mon, 04 Dec 2023 16:28:04 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 67FB 254 B
330 B 46ms
46ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Mon, 04 Dec 2023 01:51:54 GMT
via: 1.1 varnish
x-amz-request-id: 4JKSR0YA3KVH073N
age: 4938
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-served-by: cache-bma1640-BMA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1701654715.714260,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 60
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 296

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame A9A6 7 B
380 B 64ms
63ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H/1.1

200
OK

setuid
pbs.prd.audiencerun.com//
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fpbs.prd.audiencerun.com%2F%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D%26gdpr_...
https://pbs.prd.audiencerun.com//setuid?bidder=smartadserver&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=6037653639839682426

86 B
582 B

162ms
161ms

Image
image/png

3.139.153.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbs.prd.audiencerun.com//setuid?bidder=smartadserver&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=6037653639839682426
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: HTTP/1.1
Server: 3.139.153.231 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-153-231.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 01:51:55 GMT
Vary: Accept-Encoding, Origin
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 86
Expires: 0

Redirect headers

location: https://pbs.prd.audiencerun.com//setuid?bidder=smartadserver&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=6037653639839682426
date: Mon, 04 Dec 2023 01:51:54 GMT
content-length: 0

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 138D 0
56 B 108ms
107ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5922284103695&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 138D 0
56 B 107ms
106ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5922284103695&version=m202309260101&ct=119&x=8&cor=7855228892013359000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 138D 93 KB
39 KB 110ms
109ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7sE8zgZIBXVEF-Cggrm9M5vshs74_ZWkPhWKv9tnG0F12ZUMpwGII-3mtZGPVihosKZC564qvWpQ4W0EssFJul9H74TThGTYBA7uNdX5iVfYS3m4gY_tK-AmBYD_FOHd-nQxhWjugJxKs7VLgKfCRx-KNtaFnk3GmHLC6FYY5qQ1pDK_5reeKdjz3KY0JIhyOJk3x&cry=1&dbm_d=AKAmf-BSIFL-X6aBM82dZAqVGJz08WPPi-gg1Pvo5e7nlU03I5GRZV59IoqxTnq9YWZctahHbFsdabEi6lZZyFBbVyuQIKCkNcJTB1t0_ougAZwq0mydFCWt2YjsiaI1DuOgsw1Mo-m_zbyZf64S3GY1h3WnIuS1X9CbIEeXYS8Fq5sjyMPz4IBzPHKgElUo4bNzo5ofexmHS0AHx9aBcX8BQiDDRniaH82g70R5tjiK2e9FfgWf7k4cuBnBfWIIdDD7spMH270hu0k99mzD-tJNnSfKvPNKo2hugYhw2mhJXpkCfmaU7qygcspxwLWfBQg4Is1vCIUU18e6jQNumvTKoql_yx3iBDbouHjj0TPvYvQonmqwe2gqvEUxHnKnK93_VFWOoWfxG7MXVuImPeJIp3-K8tt2vVEieSxFHQ0DDqMTiX0tS92L39RvOcTemn77h5ZraB4MOJbgLxXvz40BFtvufu_xDEosdf4yiQheMFeXUC7CwkLS6NHg5zt48pxYvqd_yv1iiYaepizPzKap3rgOp5ICEpClO_JUJP7UEZNRrH725yy4BQKP8xp-8gD_EGMYw1mx-49Z8CfA-8Do01mmL8by5sK_7w1JZbPL-MHOpoi6UXdaYpPoJVSN90BkL399YRoSqiK-GA-71eAQmWstwyJPyD3bg3ZYgpsnUxuxipwe79JthyuYXomVjixmDnvJeT6rthKXzOxmGRT2yaIqp_TjepSxh_6hFRzB6c5pUgfWn-hXL5MQqY1bviLMZBBVWDB0A2GR8OElWvtA5lHHEAOx2ZnGm_HmbaDCusOFELn6yN3Z7AsOvEzo0X4TOMVL2tSdKczpDdbBnKNmqq8WW_FtnXM4HJo4SDDvY8ZWL_WNmuAzQV_QGMwjfQ8r_TWcInYxpFJRIU-RuP2FjXD7BiJtsatL2PntgneuBJNME8n7hhpwIVXTATCPedGvOXdK07ooU5SYBqWnlflrRoiVjWdeOEkNMTtjhrWfQtQaoWUHyd6pN7b4YjwRv51hR63D9TuvksVW7ChmnWYodp9gWfFN6nTsaiuvCm9tGwn3Uh5hp8-50ZoS9NYmMId1LeqWQHqbvXrOcHD28NhaG5oWeO6l4_CGbi1U7MWWfvdUuic0sNTa5DKdjzA0AoM-G5nAfJyTd8QZNk2bWNzxIc1zhOW4Rj1DqQqym4qBli61F6ZG-BcWytaldJj2nsEqDrxot2qv03QOYZirU1ordHUpDHQsk9Ubh7nJYWsnDobkIpOhiXCyThk7PwMbHUBz62xOWFcGpgb6MF0VRAWRAAe00gMVxHReSLXibJk1ITuo91HMcpSM6GY6qHOb2GrIA6-Mb4L6B1_OyxhqZmNTyydGc2ia6PTHl9xieyD1s1REqvCR-Aa3Ox3u2zbzgskjRvOuxzeozAguLUJKuZ-ARGPRNdu18GZv7Vyo7Mk2WA45iBEVDT8651ZlvvM6aE3vLB70bAwn0fuuA3pw4VWSbbWSzeXzSi9h9hcxo6PLUEXAygcLL2PtI5sg-lTwMcArQfWndn2NwWsOQ1Cp86v8wAp2quUFwszVh3spom2pxdctRdzVOEXoz62uZnvFXI18z4-aMsUoi3VtgMZtVUbE0meySzqxWPJE4wjif7mfPsGKvucGbhiMFMJpcvGfY2S0hkOvvwHym6b8vIP--cBZml_QXwDVWPX5AKxlrAj1M7TvKNN4XO1ssqnbKZ2IifPp3pIcp8ZIswFlPH5lnqvc3SKZT5Ne7zHvkVsBbqNFANuqBW-InDG4iEv3kyUYzhUW4qHpIyWyCG-bv8VcRDNFHEFVc2ygYabqO3SIzvuuMjrmlJ8ZgZ5nYJFOo6Dr3IlvIaaL9ZFqchbmyF-x1721NhvmbYTgL0AX2M4Ui9N_P9j06F2Kv69xy8ADSH0lIMeO9NkHW_QQh4wwbuuFEFtDjLe602ZZm8wu-3S35gbDpVYcbyai82-j8FtZlAFZdknaDQJiwsKuIaTfaEi4ko4usRrAi7dvgYdDkEiBRuNvqYjPI2ZVKyEMG3R-qYN6MIJfQWFApSNObA8s2bLXnMnvBFX6uL8X4V4YCeRRu8AH_PcixseOmZxEJz37StUCc9qvqc5ZEj29WOzZdRmnJNTI6J_r6w85r2GUVTFHUv2UXOIP_IA0a7satBtXFyTJNXfo9GzmYz5vQq0gBlpostUHV2UpeOc4Bpe77zhBxNchwjq6FeVtjWQr3NC1WNCTKiMKAKfTfrtqvEDcTkuYUHzqOW9_gTrFpJLkkwZpipyYenFGskLcoTqLCV3__7ll6Yu7sg-pODijDrzv6DQ3Exv78nrBNg_d6Y2JQOObHW-IhwTAAXA27bas1RGUt-MeoK9tw8wIFwrxDH4I2t4XL69vyxq_kFeUBjHzPxJi5igXH-Y9nzSEvplStIP_IAXl3YW0IKYHmq25YvPdBcysO_9i_8aW54D1Pi1id6c18QIhvUWwdKO0tIxdv9MNBLiJ1G_Co0rTfw-Pbm9kupBVi1WTjVtJkE9E0UZVjeWMy6l1cOmCrxQVCAvQvMY8g25pisrT7ClJG4ehMPOBl9ZhG3k3NJKhpnMeLqYsYg3z6A0VU_-NB0hrV-De8idyDxzbjMvR8gTKQCwbQJiCurvv6mtgzhY2kitqQ_2hzFIyYAG_hM3ArN4mhYMjeHNpsdH0YffidrGBU0-gzYan4aWJbGRcwp3SH2v0llUN1MIJ-sfEmAeA2ccmrH9LPX0wsv4wGlYsSkDUi3CEG-OhtOTzcymym6HtR2qsl5PzUle6CrAsOnogvcBtdRn8JBitb6qLQv20dZ-Je3s2fYq_3hpjPG4_Jkm7Dqndns7G4HOOjoml2_ipFZPA4nhgFcDgPix1X7hO5PzRBB2A6zTOKoCIHb4WqdygfoBlCtZK8rbWtYmjxt4FSAOQ3qeGLFoWyrRFK5AqHv5BEwJ77VYY7uNkaTMNSUnQHRqVvyOwdob1aO9uLVviEZMHaI9LLDw9VW6ooj6cqCNwLK7QAEQCpisk0qv-I2WNNrC2aI0ZdBm57akf9JvvdkhiJ8-DR4N8fy6h2kNn8mIIwSop_lfB42Fl7MzjKiEE0uuAAT_v8hX_oP0Hle5b7sVjrLpcprydeLdTYlANFPbi0BA8K_ex09XM2ysiXFdQJlofvRcDfZf43vFs72xaMeea624OPY8nscrPCmhIStlDr09m981dh6ReNgZsLyER1iW776YOP7Cv1Edu-P1MtCiZlGNLYoJAI4WPYWmD1c3JJFsNy4o53TePw8qI3kulvxHi87eZ-W-0Jj59YcVJKa80UFtwGoD9ZjOZziMZ15-0Vd5DVFpBZywhr19kvQIbo6ZDbAGdToz4kv7-Q4_jlnADthnIMRu4xV_zSzQtSRp0zHO-XuJlbgzsRuayHZk0qUJA45gAmbABGLw8HEs9dyxUbQ1L8j4_CW5zcJxuxS1WqEph9l1ImAe8F2UgJzkhN7ChqLMgYWpFrZwGZfWx4TPVJyJ0HW2rp5sgJ9QI-sYHpYFENGqPMe3k96JZozUKQsmRpx5_7KsfISTV0aF9axAnaYAeujskpjdZiUb4honNO50xvYSoj5yzMpg-0wUsaGiR52-HW_EjlhLRQtCMLueNJITFXkEf8AMXDy-KVuJb-apkndoqdq22pTvMrbv7OED3cqNqrrY03D-2tAe_XKvUN4OTJzfjTM5zss3EeYxNYtRKh-8hLEATtPDLI-2vwD1Ve-Hv4Piud6pwG6ixJnXIkgJJDP3JIyqTxG_OPat0-eSxdq_IRuH6myGcBwQawVSOSPWcvF9V1LJ7tTN60iVd-mRdP1oRTgy6wE4-QK5-DXTE4nRncG_a4Q0_Fou2SLdeiw&pr=8%3AC7379B45F7E551AD&cid=CAQSMgDICaaNi_4UrI-t2dIDA47-tH4b6b-ehHXX0z6YeZzrUZFEae0qlSOML9oNzbSB6EZHGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F&ds=l&xdt=0&iif=1&cor=7855228892013359000&adk=4043765779&idt=332&cac=0&dtd=45

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f49c72f63a3bc2d4b02204d59eaee03fefc25bcdab9abc834c3841541db3bd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39477
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe Show response
ssp-sync.criteo.com/user-sync/ Frame FBAC 43 B
219 B 219ms
64ms Document
text/html 2a02:2638:3::6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp-sync.criteo.com/user-sync/iframe?gdprapplies=&gdpr=&ccpa=&redir=https%3A%2F%2Fpbs.prd.audiencerun.com%2F%2Fsetuid%3Fbidder%3Dcriteo%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24%7BCRITEO_USER_ID%7D&profile=230

Requested by

Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c78038539d61fb4a84b70308e1a825d638cfacc207299b6fe6fb5d8fb1e8497f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 01:51:55 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 138D 111 KB
39 KB 239ms
72ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Origin: https://himitsu-no-pettoakad.foroactivo.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:37:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Dec 2023 22:37:50 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 138D 11 KB
4 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7sE8zgZIBXVEF-Cggrm9M5vshs74_ZWkPhWKv9tnG0F12ZUMpwGII-3mtZGPVihosKZC564qvWpQ4W0EssFJul9H74TThGTYBA7uNdX5iVfYS3m4gY_tK-AmBYD_FOHd-nQxhWjugJxKs7VLgKfCRx-KNtaFnk3GmHLC6FYY5qQ1pDK_5reeKdjz3KY0JIhyOJk3x&cry=1&dbm_d=AKAmf-BSIFL-X6aBM82dZAqVGJz08WPPi-gg1Pvo5e7nlU03I5GRZV59IoqxTnq9YWZctahHbFsdabEi6lZZyFBbVyuQIKCkNcJTB1t0_ougAZwq0mydFCWt2YjsiaI1DuOgsw1Mo-m_zbyZf64S3GY1h3WnIuS1X9CbIEeXYS8Fq5sjyMPz4IBzPHKgElUo4bNzo5ofexmHS0AHx9aBcX8BQiDDRniaH82g70R5tjiK2e9FfgWf7k4cuBnBfWIIdDD7spMH270hu0k99mzD-tJNnSfKvPNKo2hugYhw2mhJXpkCfmaU7qygcspxwLWfBQg4Is1vCIUU18e6jQNumvTKoql_yx3iBDbouHjj0TPvYvQonmqwe2gqvEUxHnKnK93_VFWOoWfxG7MXVuImPeJIp3-K8tt2vVEieSxFHQ0DDqMTiX0tS92L39RvOcTemn77h5ZraB4MOJbgLxXvz40BFtvufu_xDEosdf4yiQheMFeXUC7CwkLS6NHg5zt48pxYvqd_yv1iiYaepizPzKap3rgOp5ICEpClO_JUJP7UEZNRrH725yy4BQKP8xp-8gD_EGMYw1mx-49Z8CfA-8Do01mmL8by5sK_7w1JZbPL-MHOpoi6UXdaYpPoJVSN90BkL399YRoSqiK-GA-71eAQmWstwyJPyD3bg3ZYgpsnUxuxipwe79JthyuYXomVjixmDnvJeT6rthKXzOxmGRT2yaIqp_TjepSxh_6hFRzB6c5pUgfWn-hXL5MQqY1bviLMZBBVWDB0A2GR8OElWvtA5lHHEAOx2ZnGm_HmbaDCusOFELn6yN3Z7AsOvEzo0X4TOMVL2tSdKczpDdbBnKNmqq8WW_FtnXM4HJo4SDDvY8ZWL_WNmuAzQV_QGMwjfQ8r_TWcInYxpFJRIU-RuP2FjXD7BiJtsatL2PntgneuBJNME8n7hhpwIVXTATCPedGvOXdK07ooU5SYBqWnlflrRoiVjWdeOEkNMTtjhrWfQtQaoWUHyd6pN7b4YjwRv51hR63D9TuvksVW7ChmnWYodp9gWfFN6nTsaiuvCm9tGwn3Uh5hp8-50ZoS9NYmMId1LeqWQHqbvXrOcHD28NhaG5oWeO6l4_CGbi1U7MWWfvdUuic0sNTa5DKdjzA0AoM-G5nAfJyTd8QZNk2bWNzxIc1zhOW4Rj1DqQqym4qBli61F6ZG-BcWytaldJj2nsEqDrxot2qv03QOYZirU1ordHUpDHQsk9Ubh7nJYWsnDobkIpOhiXCyThk7PwMbHUBz62xOWFcGpgb6MF0VRAWRAAe00gMVxHReSLXibJk1ITuo91HMcpSM6GY6qHOb2GrIA6-Mb4L6B1_OyxhqZmNTyydGc2ia6PTHl9xieyD1s1REqvCR-Aa3Ox3u2zbzgskjRvOuxzeozAguLUJKuZ-ARGPRNdu18GZv7Vyo7Mk2WA45iBEVDT8651ZlvvM6aE3vLB70bAwn0fuuA3pw4VWSbbWSzeXzSi9h9hcxo6PLUEXAygcLL2PtI5sg-lTwMcArQfWndn2NwWsOQ1Cp86v8wAp2quUFwszVh3spom2pxdctRdzVOEXoz62uZnvFXI18z4-aMsUoi3VtgMZtVUbE0meySzqxWPJE4wjif7mfPsGKvucGbhiMFMJpcvGfY2S0hkOvvwHym6b8vIP--cBZml_QXwDVWPX5AKxlrAj1M7TvKNN4XO1ssqnbKZ2IifPp3pIcp8ZIswFlPH5lnqvc3SKZT5Ne7zHvkVsBbqNFANuqBW-InDG4iEv3kyUYzhUW4qHpIyWyCG-bv8VcRDNFHEFVc2ygYabqO3SIzvuuMjrmlJ8ZgZ5nYJFOo6Dr3IlvIaaL9ZFqchbmyF-x1721NhvmbYTgL0AX2M4Ui9N_P9j06F2Kv69xy8ADSH0lIMeO9NkHW_QQh4wwbuuFEFtDjLe602ZZm8wu-3S35gbDpVYcbyai82-j8FtZlAFZdknaDQJiwsKuIaTfaEi4ko4usRrAi7dvgYdDkEiBRuNvqYjPI2ZVKyEMG3R-qYN6MIJfQWFApSNObA8s2bLXnMnvBFX6uL8X4V4YCeRRu8AH_PcixseOmZxEJz37StUCc9qvqc5ZEj29WOzZdRmnJNTI6J_r6w85r2GUVTFHUv2UXOIP_IA0a7satBtXFyTJNXfo9GzmYz5vQq0gBlpostUHV2UpeOc4Bpe77zhBxNchwjq6FeVtjWQr3NC1WNCTKiMKAKfTfrtqvEDcTkuYUHzqOW9_gTrFpJLkkwZpipyYenFGskLcoTqLCV3__7ll6Yu7sg-pODijDrzv6DQ3Exv78nrBNg_d6Y2JQOObHW-IhwTAAXA27bas1RGUt-MeoK9tw8wIFwrxDH4I2t4XL69vyxq_kFeUBjHzPxJi5igXH-Y9nzSEvplStIP_IAXl3YW0IKYHmq25YvPdBcysO_9i_8aW54D1Pi1id6c18QIhvUWwdKO0tIxdv9MNBLiJ1G_Co0rTfw-Pbm9kupBVi1WTjVtJkE9E0UZVjeWMy6l1cOmCrxQVCAvQvMY8g25pisrT7ClJG4ehMPOBl9ZhG3k3NJKhpnMeLqYsYg3z6A0VU_-NB0hrV-De8idyDxzbjMvR8gTKQCwbQJiCurvv6mtgzhY2kitqQ_2hzFIyYAG_hM3ArN4mhYMjeHNpsdH0YffidrGBU0-gzYan4aWJbGRcwp3SH2v0llUN1MIJ-sfEmAeA2ccmrH9LPX0wsv4wGlYsSkDUi3CEG-OhtOTzcymym6HtR2qsl5PzUle6CrAsOnogvcBtdRn8JBitb6qLQv20dZ-Je3s2fYq_3hpjPG4_Jkm7Dqndns7G4HOOjoml2_ipFZPA4nhgFcDgPix1X7hO5PzRBB2A6zTOKoCIHb4WqdygfoBlCtZK8rbWtYmjxt4FSAOQ3qeGLFoWyrRFK5AqHv5BEwJ77VYY7uNkaTMNSUnQHRqVvyOwdob1aO9uLVviEZMHaI9LLDw9VW6ooj6cqCNwLK7QAEQCpisk0qv-I2WNNrC2aI0ZdBm57akf9JvvdkhiJ8-DR4N8fy6h2kNn8mIIwSop_lfB42Fl7MzjKiEE0uuAAT_v8hX_oP0Hle5b7sVjrLpcprydeLdTYlANFPbi0BA8K_ex09XM2ysiXFdQJlofvRcDfZf43vFs72xaMeea624OPY8nscrPCmhIStlDr09m981dh6ReNgZsLyER1iW776YOP7Cv1Edu-P1MtCiZlGNLYoJAI4WPYWmD1c3JJFsNy4o53TePw8qI3kulvxHi87eZ-W-0Jj59YcVJKa80UFtwGoD9ZjOZziMZ15-0Vd5DVFpBZywhr19kvQIbo6ZDbAGdToz4kv7-Q4_jlnADthnIMRu4xV_zSzQtSRp0zHO-XuJlbgzsRuayHZk0qUJA45gAmbABGLw8HEs9dyxUbQ1L8j4_CW5zcJxuxS1WqEph9l1ImAe8F2UgJzkhN7ChqLMgYWpFrZwGZfWx4TPVJyJ0HW2rp5sgJ9QI-sYHpYFENGqPMe3k96JZozUKQsmRpx5_7KsfISTV0aF9axAnaYAeujskpjdZiUb4honNO50xvYSoj5yzMpg-0wUsaGiR52-HW_EjlhLRQtCMLueNJITFXkEf8AMXDy-KVuJb-apkndoqdq22pTvMrbv7OED3cqNqrrY03D-2tAe_XKvUN4OTJzfjTM5zss3EeYxNYtRKh-8hLEATtPDLI-2vwD1Ve-Hv4Piud6pwG6ixJnXIkgJJDP3JIyqTxG_OPat0-eSxdq_IRuH6myGcBwQawVSOSPWcvF9V1LJ7tTN60iVd-mRdP1oRTgy6wE4-QK5-DXTE4nRncG_a4Q0_Fou2SLdeiw&pr=8%3AC7379B45F7E551AD&cid=CAQSMgDICaaNi_4UrI-t2dIDA47-tH4b6b-ehHXX0z6YeZzrUZFEae0qlSOML9oNzbSB6EZHGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F&ds=l&xdt=0&iif=1&cor=7855228892013359000&adk=4043765779&idt=332&cac=0&dtd=45

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:58:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 19:58:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 138D 31 KB
12 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10806
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:51:49 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 138D 41 KB
14 KB 231ms
69ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 16:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120873
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 16:17:22 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame FDA5 281 B
555 B 63ms
63ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=no
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Dec 2023 01:51:55 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame DAD5 3 KB
2 KB 46ms
46ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231130-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Dec 2023 01:51:55 GMT
x-amz-request-id: 1DGZ05DH1P86RA2T
age: 2763
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1347
x-amz-id-2: RvIdgLbQ5E0c2UkYpZnQYRan/mMO1Rhxg9+xUbsOivYmFJniKRFpD8ng1SI0mQyXh24KwG1yZdY=
x-served-by: cache-bma1640-BMA
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
server: AmazonS3
x-timer: S1701654715.240298,VS0,VE0
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
vary: Accept-Encoding
content-type: application/javascript
abp: 30
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 617

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FDA5 46 KB
13 KB 76ms
75ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=no
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 45ef75076a87745600acde6abefec30a166fe98981b878868da0e92d54e276da

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 01:51:55 GMT
Content-Encoding: gzip
Last-Modified: Sun, 03 Dec 2023 16:27:34 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52569
Connection: keep-alive
Content-Length: 13236
Expires: Mon, 04 Dec 2023 16:28:04 GMT

GET
H2 200 / Show response
pips.taboola.com/ Frame DAD5 4 B
135 B 52ms
46ms XHR
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by: cache-bma1624-BMA
date: Mon, 04 Dec 2023 01:51:55 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ Frame DAD5 0
82 B 408ms
129ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=4da1c2ac-9a8b-410b-8fa0-4fde55431a25-tuctc66b638&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Dec 2023 01:51:55 GMT
cache-control: no-store
server: nginx

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame FDA5 7 B
380 B 64ms
64ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H2 200 isyn Show response
prebid.a-mo.net/ Frame 2464 163 B
306 B 60ms
60ms Document
text/html 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&s=pbs&cb=https%3A%2F%2Fpbs.prd.audiencerun.com%2F%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: c50df34f7e5841ef084c8ae8fc9d1ec543c0dd04b6afa2a49aeb0e6f65b8be77

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 04 Dec 2023 01:51:54 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 30D0 38 KB
13 KB 72ms
71ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
age: 221308
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 12:23:27 GMT
expires: Sat, 30 Nov 2024 12:23:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK setuid
pbs.prd.audiencerun.com// Frame 2464 0
763 B 173ms
172ms Image
text/html 3.139.153.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbs.prd.audiencerun.com//setuid?bidder=amx&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=
Requested by: Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&s=pbs&cb=https%3A%2F%2Fpbs.prd.audiencerun.com%2F%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.139.153.231 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-153-231.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 01:51:55 GMT
Vary: Accept-Encoding, Origin
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 n1.js Show response
assets.a-mo.net/js/ Frame 2464 4 KB
2 KB 164ms
56ms Script
text/javascript 2606:4700::6813:9e13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.a-mo.net/js/n1.js
Requested by: Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&s=pbs&cb=https%3A%2F%2Fpbs.prd.audiencerun.com%2F%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59044c0e5cf5820448373e4ede00b8d1f0b45dc331b2d9c71a5d707b1d1f0dee

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:55 GMT
via: 1.1 28bed1803be3c3dac5d1cab9aa7edf84.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-cf-pop: CPH50-P1
age: 580
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 17 Nov 2023 21:37:06 GMT
server: cloudflare
etag: W/"594c94f05d6e65f49ee3acdd5d971b89"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-ray: 830068346d1d56b9-OSL
x-amz-cf-id: XlHiqsEJW_xaljuFt_DXIPoYvDuKez-RcJxf9x-ctQqmT6GIZMe_hg==
expires: Mon, 04 Dec 2023 02:51:55 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 138D 0
0 301ms
121ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstyDGmlvgenon4tLJ3lHIpt-s9VyOQB2ZeT1wtEKVS-pNKcQhYnCoTd1wNhGjRGTy6wj-n6K15CDLvZhNGFAIf8vIIscI2Ay8T3dkUvo2SOK-C-4cjNmL5JHHuwu-8FVipkCyz1skCfsZuJH4qFw99ru-y8f2wb54LsZSTqieySP923hNxB6ew4366K7aU3zYzqHVWmXK36LYJr4mHBTnjI3sA2GILE--2rqjk3DHapdPy-ueN5bwDjFvTH6PPScW6W5T323cqQyTvwcJV7hMIAc0YKteUwCZ2oDQoUrFtsxITyr09s_ueLnvRhoC7J1FCzm1vApLuTMA4Ihc0RiiOQ8owIyEyUwpEMzdKbgi-wkQmrJMLHqQVDx9t0EXvXFpLF9SLEnzIBl6qH1dbEaqOM1IMpSgRz0odUcduFoZ5MW-V9ZmfY6QMz4CKQz_hWZNiHwlCY1AoIcAgEf4Mfw31TdYMqK-0D7k-YrIgpyndRWO2SKez-dHUogo5WRK1Gqi8LO6nqXCu1aR7zRirrDI85Gjf1CxLUFim45-STjcmQEYCZ90abzW7T8-Cu29xGsFOvRFR8ul9Xtd3WqiXeC7q7TG1jhIGhDFTQVJHupDUAVytuIp2L2EywWCt4vh-iur-eo_V7DCPfJjkzzAbOLfYGa5yvpcNvNSkyyNQeXLT7Ls2V67KBvaAEUV_hBsglBhKSkpE1dl4xI5r6JThlWyNohIG_QZK1Zovzki-aiFBk5SyDy7Fhsf2tqjvkHccZrfxzppRBTMynAXZVHbHhy0qTL4y34q4DCyH0l85LC4X5lSPQRq7aao2cmSw06QYlMRW9Vkm0kwD2o8Lvz6ZJdBvgqst06wfjZcaZOHm2q9cO4igyQuRvkJ8SY1SBmJGr1xPLT8CZIWd38aFslTC6xDCSpTTtKuAc6xNhot3pL9hbJd65-D3-uFpFGtukZ1hZvO9bfRjTVwsu1R3Qj01e8ihh_RNPb8sWnrqrfMRAB7rLm8S_0TSc9gp7tXk228teiQRKgspJjzC1CjdcToegMKnPh9vXo9UQExvFzhpBgKdB87zkvyRKx71qH-MFf26wpECKzIUEkh5kKEdwB3DkcKKNqANIBBId09c1n9Pj_zxbIIpv0zcwwwGBu4mSaMT5nNfHmkaWc5_whae9VeIegBd7A7ggEwJldA6BQfYA1nyfHTABrzV5NoU8xTPU967yAF4Y8iqyTPinznJegG7zHZYte0IGKLTpjZFdhYMFXKvOROp8wE7gVYSjviKFqFK8fYVit7HNJ2RsTtAPi2Iuj8nHsH4AeFLuw9P97PmRTAMp_vHjwevwa15eGs4Ztg8qGVG9&sai=AMfl-YTMv2vDbYlGrqucnhOCkcSYUol-mg1I0Q9UOPDdKQhv808rmUeVIF5PPxuVxWsgqEZelXd9eHXbyiDVTyu6T_faE7Tjs9wtH67L9_uc9CeVSxlLxU53RQYS6fG1nQIjVSKf0Gaw6F4VBAHQHdL5y-TvlyD6-_O7_exUXRG56yt5U3nvwJRjVuXLVmNxOkJSJaQoSHiquN0CTY4QWu3GncXUsjknH4aa6WMkI5nhvveFKjzfIWlh4sCxXTg&sig=Cg0ArKJSzAC-mYIVqzmWEAE&uach_m=%5BUACH%5D&pr=8:C7379B45F7E551AD&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=341&cbvp=1&cisv=r20231129.94127&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 01:51:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 9563874930507806444
s0.2mdn.net/simgad/ Frame 138D 91 KB
91 KB 220ms
73ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9563874930507806444

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8057644665b99473c56ccab9d9b2d86640c6a71d9b2aec26da89f55655498349

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:48:35 GMT
x-content-type-options: nosniff
age: 223400
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92918
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 09:09:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 11:48:35 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame 6853 3 KB
1 KB 46ms
46ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231130-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Dec 2023 01:51:55 GMT
x-amz-request-id: 1DGZ05DH1P86RA2T
age: 2764
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1347
x-amz-id-2: RvIdgLbQ5E0c2UkYpZnQYRan/mMO1Rhxg9+xUbsOivYmFJniKRFpD8ng1SI0mQyXh24KwG1yZdY=
x-served-by: cache-bma1640-BMA
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
server: AmazonS3
x-timer: S1701654716.582188,VS0,VE0
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
vary: Accept-Encoding
content-type: application/javascript
abp: 47
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 618

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 30D0 39 KB
15 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 12:58:53 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame 67FB 3 KB
1 KB 47ms
46ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231130-25-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Dec 2023 01:51:55 GMT
x-amz-request-id: 1DGZ05DH1P86RA2T
age: 2764
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1347
x-amz-id-2: RvIdgLbQ5E0c2UkYpZnQYRan/mMO1Rhxg9+xUbsOivYmFJniKRFpD8ng1SI0mQyXh24KwG1yZdY=
x-served-by: cache-bma1640-BMA
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
server: AmazonS3
x-timer: S1701654716.629175,VS0,VE0
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
vary: Accept-Encoding
content-type: application/javascript
abp: 44
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 619

GET
H2 200 / Show response
pips.taboola.com/ Frame 6853 4 B
38 B 46ms
46ms XHR
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by: cache-bma1624-BMA
date: Mon, 04 Dec 2023 01:51:55 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 403 / Show response
onetag-sys.com/usync/ Frame 64A7 0
94 B 64ms
62ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?redir=https%3A%2F%2Fpbs.prd.audiencerun.com%2F%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000

GET
H2 204 / Show response
cds.taboola.com/ Frame 6853 0
82 B 464ms
129ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=f9448321-9e4c-4d2e-bedd-36bb60ceb989-tuctc66b638&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Dec 2023 01:51:56 GMT
cache-control: no-store
server: nginx

GET
H2 200 / Show response
pips.taboola.com/ Frame 67FB 4 B
38 B 46ms
46ms XHR
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by: cache-bma1624-BMA
date: Mon, 04 Dec 2023 01:51:55 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

setuid
pbs.prd.audiencerun.com//
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fpbs.prd.audiencerun.com%2F%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
https://pbs.prd.audiencerun.com//setuid?bidder=appnexus&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=9166068716408060964

86 B
958 B

166ms
166ms

Image
image/png

3.139.153.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbs.prd.audiencerun.com//setuid?bidder=appnexus&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=9166068716408060964
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: HTTP/1.1
Server: 3.139.153.231 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-153-231.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 01:51:55 GMT
Vary: Accept-Encoding, Origin
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 86
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:55 GMT
an-x-request-uuid: e6f32124-4e39-490d-a78b-9a31dcbacda7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://pbs.prd.audiencerun.com//setuid?bidder=appnexus&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=9166068716408060964
x-proxy-origin: 178.255.148.168; 178.255.148.168; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 / Show response
cds.taboola.com/ Frame 67FB 0
82 B 771ms
125ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=a282d57d-6fab-46da-8b03-5fe1589403a0-tuctc66b639&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Dec 2023 01:51:56 GMT
cache-control: no-store
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30D0 0
20 B 109ms
108ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BCYO4uzBtZfWdAsLLgQey8J7ICwAAAAA4AeAEAg&bg=!rq2lreLNAAY3kmNgF5I7ADQBe5WfOBdFE-_A9KezkNR8PbGdzHInpmgzi5is1J6vvnmoNHsY4dlDAKI7LFcp6wSK4hU_AgAAAFNSAAAABGgBBwoALTis5dMVc_VU7MS8h9RG1cqMX8sM-PVyu5aDF2KQv1cWLHiGLIL2Zn7nf-eWsZkC-Fkf8lhN5H3YuZkmiTTSnD6QM32IYcCM4NIcUml5BrIxm6XfzdWYGhHoExY9FO-lAyprdNtIWFgfbo_koDhDMOHLo0DlwXV8AfG-g2jF4FMH3arFFqhzi6EczpYcQ4hE8y5MaxvSGrW9ffIKae_m1aFb98mDvVtTWF75v64ldpzqn9Xlc0J4eYI60p5MlBsPvJD1qoQ96CfxeZZFbXCz0FI8hoO1fH5XboXrKlngZEsTQ5HzCiEDUoMKaiatQ75gxSqoWk0kXetTd-H8u4cCtIz-2wSOe8cSEtmhS17IY8mO7VX3fNGRSeClODS37RjlUGa5rFVObIK19UlW9JdYURCRb1VwfVCdARtOOTitunhL6lgWQM1kQY-ETEhRmNAwLh2kLER-SpGrfOwMXqWJ1uWcOFfwumoTi5cTugY-WW9qyfkB_OO2onICqA1MK1cesIzQzUwCfASPdHbTeB9z9LnhlGbmMWJbjF3q7JvI8RtguAvHOf2NFdZnpDvF6JbDbQ1dhJ5hqnT8fqeqo8YijG2RLow4u4NIWs7_Es-hKp1v7O5Q43Pr5Nhvi2D8sE2OMf86dMJoM3nCHq_1QummNhOz--ybYK7O3ODW5A28DRmsGVyXS3W-GB3OGh56_QD9Xsdkytk7P32KG1pe6pcem7o3XSBb9026Hs4mrkmp6brAPPeyvpwHH3oFz4xUGUcG-qAxTojk5zlzB05Q7idFar6H3zYWr0qH0Fz4h-0oAZnmD2dy2oGY6ly38pkZzURybjsfNA0oIVVsVHg6KQoxbnaeDq4vOSaQIu4LKsUhSfJiyiyagqP_RssvCmYtsq9BUV9D7wJ30jgprkYxkbL7T_5tIKHWGkYhVTXEdeq5FPBKtAcndSEXDHFfk_tpaRMSw93ajCndBZBRR9MTp7eUtQUraZCDCjXVUDfSk79WYTPnrI1Qp2W7XS_bCLnbBfzILl0ZJsXxA0s3lF0pQVcmP1zIrYaH_uvUfFjMdr0wp9xBZVgoKCHkrL8

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 138D 202 KB
64 KB 423ms
248ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 01:51:56 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 138D 0
0 110ms
109ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstyDGmlvgenon4tLJ3lHIpt-s9VyOQB2ZeT1wtEKVS-pNKcQhYnCoTd1wNhGjRGTy6wj-n6K15CDLvZhNGFAIf8vIIscI2Ay8T3dkUvo2SOK-C-4cjNmL5JHHuwu-8FVipkCyz1skCfsZuJH4qFw99ru-y8f2wb54LsZSTqieySP923hNxB6ew4366K7aU3zYzqHVWmXK36LYJr4mHBTnjI3sA2GILE--2rqjk3DHapdPy-ueN5bwDjFvTH6PPScW6W5T323cqQyTvwcJV7hMIAc0YKteUwCZ2oDQoUrFtsxITyr09s_ueLnvRhoC7J1FCzm1vApLuTMA4Ihc0RiiOQ8owIyEyUwpEMzdKbgi-wkQmrJMLHqQVDx9t0EXvXFpLF9SLEnzIBl6qH1dbEaqOM1IMpSgRz0odUcduFoZ5MW-V9ZmfY6QMz4CKQz_hWZNiHwlCY1AoIcAgEf4Mfw31TdYMqK-0D7k-YrIgpyndRWO2SKez-dHUogo5WRK1Gqi8LO6nqXCu1aR7zRirrDI85Gjf1CxLUFim45-STjcmQEYCZ90abzW7T8-Cu29xGsFOvRFR8ul9Xtd3WqiXeC7q7TG1jhIGhDFTQVJHupDUAVytuIp2L2EywWCt4vh-iur-eo_V7DCPfJjkzzAbOLfYGa5yvpcNvNSkyyNQeXLT7Ls2V67KBvaAEUV_hBsglBhKSkpE1dl4xI5r6JThlWyNohIG_QZK1Zovzki-aiFBk5SyDy7Fhsf2tqjvkHccZrfxzppRBTMynAXZVHbHhy0qTL4y34q4DCyH0l85LC4X5lSPQRq7aao2cmSw06QYlMRW9Vkm0kwD2o8Lvz6ZJdBvgqst06wfjZcaZOHm2q9cO4igyQuRvkJ8SY1SBmJGr1xPLT8CZIWd38aFslTC6xDCSpTTtKuAc6xNhot3pL9hbJd65-D3-uFpFGtukZ1hZvO9bfRjTVwsu1R3Qj01e8ihh_RNPb8sWnrqrfMRAB7rLm8S_0TSc9gp7tXk228teiQRKgspJjzC1CjdcToegMKnPh9vXo9UQExvFzhpBgKdB87zkvyRKx71qH-MFf26wpECKzIUEkh5kKEdwB3DkcKKNqANIBBId09c1n9Pj_zxbIIpv0zcwwwGBu4mSaMT5nNfHmkaWc5_whae9VeIegBd7A7ggEwJldA6BQfYA1nyfHTABrzV5NoU8xTPU967yAF4Y8iqyTPinznJegG7zHZYte0IGKLTpjZFdhYMFXKvOROp8wE7gVYSjviKFqFK8fYVit7HNJ2RsTtAPi2Iuj8nHsH4AeFLuw9P97PmRTAMp_vHjwevwa15eGs4Ztg8qGVG9&sai=AMfl-YTMv2vDbYlGrqucnhOCkcSYUol-mg1I0Q9UOPDdKQhv808rmUeVIF5PPxuVxWsgqEZelXd9eHXbyiDVTyu6T_faE7Tjs9wtH67L9_uc9CeVSxlLxU53RQYS6fG1nQIjVSKf0Gaw6F4VBAHQHdL5y-TvlyD6-_O7_exUXRG56yt5U3nvwJRjVuXLVmNxOkJSJaQoSHiquN0CTY4QWu3GncXUsjknH4aa6WMkI5nhvveFKjzfIWlh4sCxXTg&sig=Cg0ArKJSzAC-mYIVqzmWEAE&uach_m=%5BUACH%5D&pr=8:C7379B45F7E551AD&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=709&vt=11&dtpt=368&dett=3&cstd=703&cisv=r20231129.94127&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 728x90.html Show response
s0.2mdn.net/sadbundle/6543346977231339520/728x90/ Frame 8A45 8 KB
3 KB 73ms
72ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6543346977231339520/728x90/728x90.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96e119c45451cc899e0468dcc2f97fe345230de3cb74a0b8402495bc64404a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 98325
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2785
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 22:33:10 GMT
expires: Sun, 01 Dec 2024 22:33:10 GMT
last-modified: Tue, 14 Nov 2023 09:08:32 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 server_match
ad.360yield.com/ 43 B
198 B 73ms
73ms Image
image/gif 54.228.143.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&r=https%3A%2F%2Fpbs.prd.audiencerun.com%2F%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.228.143.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-143-85.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Dec 2023 01:51:55 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 8A45 236 KB
63 KB 228ms
74ms Script
text/javascript 2a02:26f0:3100::1735:2a09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6543346977231339520/728x90/728x90.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3100::1735:2a09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:56 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Mon, 04 Dec 2023 02:06:56 GMT

GET
H3 200 728x90.js Show response
s0.2mdn.net/sadbundle/6543346977231339520/728x90/ Frame 8A45 41 KB
5 KB 73ms
73ms Script
application/x-javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6543346977231339520/728x90/728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6543346977231339520/728x90/728x90.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

167441c39c348884492d7ad546f549cb129ab04a08691382c12fdabfb840af34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6543346977231339520/728x90/728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:33:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137898
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5032
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 09:08:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 01 Dec 2024 11:33:38 GMT

GET
H/1.1

200
OK

setuid
pbs.prd.audiencerun.com/
Redirect Chain

https://inv-nets.admixer.net/adxcm.aspx?gdpr=&gdpr_consent=&us_privacy=&redir=1&rurl=https%3A%2F%2Fpbs.prd.audiencerun.com%2F%2Fsetuid%3Fbidder%3Dadmixer%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_...
https://pbs.prd.audiencerun.com/setuid?bidder=admixer&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=b3d1626bfcc447ecbab432f3553405fc

86 B
1 KB

172ms
171ms

Image
image/png

3.139.153.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbs.prd.audiencerun.com/setuid?bidder=admixer&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=b3d1626bfcc447ecbab432f3553405fc
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: HTTP/1.1
Server: 3.139.153.231 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-153-231.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 01:51:56 GMT
Vary: Accept-Encoding, Origin
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 86
Expires: 0

Redirect headers

date: Mon, 04 Dec 2023 01:51:56 GMT
server: nginx
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
location: https://pbs.prd.audiencerun.com/setuid?bidder=admixer&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=b3d1626bfcc447ecbab432f3553405fc
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

setuid
pbs.prd.audiencerun.com//
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fpbs.prd.audiencerun.com%2F%2Fsetuid%3Fbidder%3Dmedianet%26g...
https://pbs.prd.audiencerun.com//setuid?bidder=medianet&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=0000EEA

86 B
1 KB

161ms
160ms

Image
image/png

3.139.153.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbs.prd.audiencerun.com//setuid?bidder=medianet&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=0000EEA
Requested by: Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/
Protocol: HTTP/1.1
Server: 3.139.153.231 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-153-231.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 01:51:56 GMT
Vary: Accept-Encoding, Origin
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 86
Expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Mon, 04 Dec 2023 01:51:56 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location: https://pbs.prd.audiencerun.com//setuid?bidder=medianet&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=0000EEA
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Mon, 04 Dec 2023 01:51:56 GMT

GET
H3 200 728x90_atlas_1.png
s0.2mdn.net/sadbundle/6543346977231339520/728x90/images/ Frame 8A45 1 MB
1 MB 74ms
74ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6543346977231339520/728x90/images/728x90_atlas_1.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6368c52828ed3bb8b0fe4ef24157bed537edba9b93b22c942b58c3fceaff74cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6543346977231339520/728x90/728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:03:21 GMT
x-content-type-options: nosniff
age: 186515
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1153287
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 09:08:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 22:03:21 GMT

GET
H3 200 728x90_atlas_2.png
s0.2mdn.net/sadbundle/6543346977231339520/728x90/images/ Frame 8A45 1 MB
1 MB 74ms
74ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6543346977231339520/728x90/images/728x90_atlas_2.png

Requested by

Host: himitsu-no-pettoakad.foroactivo.com
URL: https://himitsu-no-pettoakad.foroactivo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26123d76b91de88eb7d5b8e922ab1f1d4e8a2f87c33a83a2648ecceec8de6add

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6543346977231339520/728x90/728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 19:32:35 GMT
x-content-type-options: nosniff
age: 195561
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1088088
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 09:08:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 19:32:35 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4028 15 KB
6 KB 72ms
71ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=himitsu-no-pettoakad.foroactivo.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 01:51:55 GMT
server: Kestrel
server-processing-duration-in-ticks: 343166
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4028
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=foroactivo.com&sn=ChromeSyncframe&so=0&topUrl=himitsu-no-pettoakad.foroactivo.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=TGOcPXxqS0gvQ2ZmWXdBUTZsekhrUm1BOUh5N3M4MExCUXlEMWRGWUZjdVhYTWRpWE5YNk5UanZ5MFZFL2t2V0x6ZWkrLzZTOUR5VXdLREt6ZlFvUTNUUG1YKzFXTmZEaFhSS01lRjJmVk9lS1pNTk1jSDJubE9NWHVMTz...

417 B
666 B

70ms
64ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=TGOcPXxqS0gvQ2ZmWXdBUTZsekhrUm1BOUh5N3M4MExCUXlEMWRGWUZjdVhYTWRpWE5YNk5UanZ5MFZFL2t2V0x6ZWkrLzZTOUR5VXdLREt6ZlFvUTNUUG1YKzFXTmZEaFhSS01lRjJmVk9lS1pNTk1jSDJubE9NWHVMTzh2aDhtSFVyNXkwOU44dUVxS1UwUjluNTJIczlMcENOUThFQlZKUzZDVjQyWW82dWthTTd3Z0s0WndOVVArZVpibkFqb0tuaHZ0ZTJoc1NyaXJ3d0kzeEpscVR5U0oydU5CWVZvckg1Zm9MbVlsdGFkcm15YzdOMExUN3dwQlBxT3BURCtSMzZzYVJ0cVV3TVZFYzdnUStLVzdSdkRsQT09fA&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

16ac2f860bf60e7e38246d9900b4cf2b7a4ab9faeacaa59aa8afabd5f2c55345

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:56 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1111902
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=TGOcPXxqS0gvQ2ZmWXdBUTZsekhrUm1BOUh5N3M4MExCUXlEMWRGWUZjdVhYTWRpWE5YNk5UanZ5MFZFL2t2V0x6ZWkrLzZTOUR5VXdLREt6ZlFvUTNUUG1YKzFXTmZEaFhSS01lRjJmVk9lS1pNTk1jSDJubE9NWHVMTzh2aDhtSFVyNXkwOU44dUVxS1UwUjluNTJIczlMcENOUThFQlZKUzZDVjQyWW82dWthTTd3Z0s0WndOVVArZVpibkFqb0tuaHZ0ZTJoc1NyaXJ3d0kzeEpscVR5U0oydU5CWVZvckg1Zm9MbVlsdGFkcm15YzdOMExUN3dwQlBxT3BURCtSMzZzYVJ0cVV3TVZFYzdnUStLVzdSdkRsQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 246030
content-length: 0
expires: 0

GET
H3 200 728x90_atlas_3.png
s0.2mdn.net/sadbundle/6543346977231339520/728x90/images/ Frame 8A45 1 MB
1 MB 75ms
74ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6543346977231339520/728x90/images/728x90_atlas_3.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a2ea938952c4cfc04f4bb75a732cbf14ddf2ed2b5a5dcb505878f161638affa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6543346977231339520/728x90/728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:33:10 GMT
x-content-type-options: nosniff
age: 98326
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1075061
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 09:08:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 01 Dec 2024 22:33:10 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 138D 0
20 B 107ms
107ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5922284103695&version=m202309260101&ct=119&x=8&cor=7855228892013359000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 194ms
64ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F&domain=himitsu-no-pettoakad.foroactivo.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://himitsu-no-pettoakad.foroactivo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 04 Dec 2023 01:51:56 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 267052
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK / Show response
id.a-mx.com/sync/ 66 B
287 B 273ms
61ms XHR
application/json 131.153.158.209
SECUREDSERVERS-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://id.a-mx.com/sync/?tagId=&ref=null&u=https://himitsu-no-pettoakad.foroactivo.com/&tl=https://himitsu-no-pettoakad.foroactivo.com/&nf=0&rt=true&v=7.54.5&av=2.0&vg=paubjs&us_privacy=null&am=null&gdpr=0&gdpr_consent=
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.158.209 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU, US),
Reverse DNS
Software: /
Resource Hash: dd5bd4849a68af0a8970825e3c303bb75b95c5eca71c96bd8af87b242249ac51

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
date: Mon, 4 Dec 2023 01:51:57 GMT
access-control-allow-credentials: true
content-length: 66
content-type: application/json

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
393 B 64ms
63ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com%2F&domain=himitsu-no-pettoakad.foroactivo.com&cw=1&pbt=1&lsw=1

Requested by

Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:56 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 199164
expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 135 B
436 B 199ms
63ms XHR
application/json 141.95.33.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

a4199fcba783192f2a89a4345f349c8e76535e0020cba0053533924c08b80b94

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
date: Mon, 04 Dec 2023 01:51:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 204 /
onetag-sys.com/usync/ Frame 7BE3 0
0 64ms
63ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1701654713698

Requested by

Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7D0B 281 B
555 B 64ms
63ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Dec 2023 01:51:57 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 204 isyn
prebid.a-mo.net/ Frame 6E21 0
0 60ms
59ms Document
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Mon, 04 Dec 2023 01:51:56 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 0

GET
H2 200 sync-all.html Show response
adxbid.info/ Frame 7C3F 7 KB
3 KB 197ms
85ms Document
text/html 2606:4700:e2::ac40:8413
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47af46bda8c32293b5e7d29cea895926ad5aca5397e108556edecf4e7866c0d7

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 830068407b902d95-ARN
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 04 Dec 2023 01:51:57 GMT
last-modified: Thu, 26 Jan 2023 09:50:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOMYVD2CwUbbZn7PEopJ%2FBq8LQg4iqu9kY%2BO5PoR4zvCySwkjIETiG7AgeWN8rnBOo5B9byo26hoF49rOoRZ7A4IaO8HPJSIfng9kD43EIPtQnsfhvMgRFcN4vcqkdKBEITl76R63m5vAA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5D3F 16 KB
6 KB 83ms
83ms Document
text/html 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157365
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=132060
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Mon, 04 Dec 2023 01:51:57 GMT
expires: Tue, 05 Dec 2023 14:32:57 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 2273 23 KB
8 KB 239ms
78ms Document
text/html 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8N8428&prvid=2034%2C2033%2C2030%2C2073%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C446%2C404%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9029ed9ceaf19e50ea216e3efed21b0f85c038385e3422142cd8a5c9425dd22b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8422
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 01:51:57 GMT
expires: Wed, 06 Dec 2023 01:51:57 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C3B2 52 KB
17 KB 154ms
46ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 62029
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 04 Dec 2023 01:51:57 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 5361, 150100
X-Served-By: cache-lga13626-LGA, cache-bma1650-BMA
X-Timer: S1701654718.518993,VS0,VE0

GET
H2

200

usermatchredir
ssum-sec.casalemedia.com/
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1

43 B
337 B

68ms
68ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2BQn5rEh2ehzLFsO31yeW%2FZdAdqLdut4TrMaQjgCv80f5qy5vu0qApIrG0gDPpaRpgEaHAqiUhFG2V%2B%2FNTwu1brRKdMo8w8E83xC7pMdMUcyR9UYVvltfYMj8r4UgZ5nmpGNIe1VTzXFlw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83006840d97856a8-OSL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evEGwDIemw9OcxskZu6swg8dFO4niw7Q0J8jKzinue8VENCKkjiq1OmWSeElrTur%2BB%2FB03IZXiEuAyGKKqQZvBCeXDuuVBK130PrhgC1NEzlGaMItwe7dE3spAgf0rf8ouR6tS568m3%2FAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
cache-control: no-cache
cf-ray: 83006840695356a8-OSL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

204

v1
match.sharethrough.com/sync/
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6037653639839682426&gdpr=0&gdpr_consent=

0
34 B

63ms
62ms

Image
text/plain

35.157.123.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6037653639839682426&gdpr=0&gdpr_consent=
Protocol: H2
Server: 35.157.123.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-123-207.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:57 GMT

Redirect headers

location: https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6037653639839682426&gdpr=0&gdpr_consent=
pragma: no-cache
date: Mon, 04 Dec 2023 01:51:57 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 v1
match.sharethrough.com/universal/ 0
35 B 202ms
62ms Image
text/plain 35.157.123.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.123.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-123-207.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:57 GMT

GET
H2

200

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://x.bidswitch.net/sync?ssp=admixer&user_id=b3d1626bfcc447ecbab432f3553405fc&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=admixer
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=admixer
https://x.bidswitch.net/sync?dsp_id=70&user_id=5856528034461342552&ssp=admixer
https://inv-nets.admixer.net/bs/cm.aspx?id=2ecd5c3e-8199-4990-9cb1-2e17fbb28830&gdpr=&consent=&gdpr_pd=

43 B
313 B

79ms
79ms

Image
image/gif

167.235.184.171
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=2ecd5c3e-8199-4990-9cb1-2e17fbb28830&gdpr=&consent=&gdpr_pd=

Protocol

Server

167.235.184.171 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.171.184.235.167.clients.your-server.de

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:57 GMT
server: nginx
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
content-type: image/gif
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 43
x-xss-protection: 0

Redirect headers

location: //inv-nets.admixer.net/bs/cm.aspx?id=2ecd5c3e-8199-4990-9cb1-2e17fbb28830&gdpr=&consent=&gdpr_pd=
date: Mon, 04 Dec 2023 01:51:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=1b414717-3584-4e45-96bd-38ae204ff78a

43 B
313 B

79ms
79ms

Image
image/gif

167.235.184.171
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=1b414717-3584-4e45-96bd-38ae204ff78a

Protocol

Server

167.235.184.171 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.171.184.235.167.clients.your-server.de

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:57 GMT
server: nginx
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
content-type: image/gif
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 43
x-xss-protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=1b414717-3584-4e45-96bd-38ae204ff78a
date: Mon, 04 Dec 2023 01:51:57 GMT
cache-control: no-store no-transform
server: nginx
content-length: 190
content-type: text/html; charset=utf-8

GET
H2 200 sync
t.adx.opera.com/ 35 B
467 B 194ms
61ms Image
image/gif 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60022&uid=b3d1626bfcc447ecbab432f3553405fc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:57 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=928034344544434121&gdpr=0&gdpr_consent=

43 B
417 B

67ms
67ms

Image
image/gif

185.86.138.155
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=928034344544434121&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Dec 2023 01:51:57 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=928034344544434121&gdpr=0&gdpr_consent=
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 204
No Content sfaf25.gif
us.ck-ie.com/ 0
129 B 434ms
143ms Image
text/plain 8.2.110.114
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us.ck-ie.com/sfaf25.gif?puid=b3d1626bfcc447ecbab432f3553405fc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 01:51:57 GMT
Server: nginx
Connection: keep-alive
Content-Type: text/plain

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjAzNzY1MzYzOTgzOTY4MjQyNg==&gdpr=0&gdpr_consent=

170 B
409 B

278ms
85ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjAzNzY1MzYzOTgzOTY4MjQyNg==&gdpr=0&gdpr_consent=

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjAzNzY1MzYzOTgzOTY4MjQyNg==&gdpr=0&gdpr_consent=
pragma: no-cache
date: Mon, 04 Dec 2023 01:51:57 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%2...
https://eu-u.openx.net/w/1.0/cm?cc=1&id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=14282b71-15a3-0b4d-1b8d-e542b54d4cc0&gdpr=0&gdpr_consent=

43 B
436 B

70ms
70ms

Image
image/gif

185.86.138.155
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=14282b71-15a3-0b4d-1b8d-e542b54d4cc0&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Dec 2023 01:51:56 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date: Mon, 04 Dec 2023 01:51:57 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=14282b71-15a3-0b4d-1b8d-e542b54d4cc0&gdpr=0&gdpr_consent=
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7D0B 46 KB
13 KB 75ms
75ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 45ef75076a87745600acde6abefec30a166fe98981b878868da0e92d54e276da

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 01:51:57 GMT
Content-Encoding: gzip
Last-Modified: Sun, 03 Dec 2023 16:27:34 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52567
Connection: keep-alive
Content-Length: 13236
Expires: Mon, 04 Dec 2023 16:28:04 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 138D 42 B
64 B 256ms
111ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuuLGkaLWHnV9EEwg0HOEEH0Hc43LnAGXXaNFssjyhAf6m7HJRX9G4OhZPNYIMmk9BjPNs30fYehVcr7r4_8vsbSc8YoVKK78-SuAuI4iUiJa6N44bYaGGwvr21&sig=Cg0ArKJSzACtKs2pe2DEEAE&id=lidar2&mcvt=1015&p=0,0,90,728&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20231129&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=4043765779&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701654714551&rpt=1938&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 7D0B 7 B
380 B 63ms
63ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame C3B2 0
598 B 59ms
59ms Script
text/html 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:57 GMT
an-x-request-uuid: 1b4d0c22-c0b2-499a-bce0-179d5a4e7d8b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 178.255.148.168; 178.255.148.168; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
295 B 207ms
63ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

d2e6ad79d40d191df86c8c81c69bc70e93397ad7fa854cd8f11d096aafd8a25f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
date: Mon, 04 Dec 2023 01:51:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 getuid
eb2.3lift.com/ Frame 7C3F 37 B
140 B 171ms
59ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5D3F 0
39 B 66ms
65ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=86648888&p=157365&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157365
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:56 GMT
content-length: 0

GET
H/1.1

200
OK

setuid
user-sync.adxpremium.services/ Frame 7C3F
Redirect Chain

https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=029b5ff53c6197f7b5d637743481d5fe4c687501cfd9f303a8e7df46cf0c061d

86 B
564 B

704ms
298ms

Image
image/png

209.192.201.180

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=029b5ff53c6197f7b5d637743481d5fe4c687501cfd9f303a8e7df46cf0c061d
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 209.192.201.180 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:51:59 GMT
content-length: 86
content-type: image/png

Redirect headers

Location: https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=029b5ff53c6197f7b5d637743481d5fe4c687501cfd9f303a8e7df46cf0c061d
Pragma: no-cache
Date: Mon, 04 Dec 2023 01:51:58 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

POST
H2 200 981.json Show response
id5-sync.com/g/v2/ 251 B
552 B 190ms
63ms XHR
application/json 141.95.33.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/981.json

Requested by

Host: ac.aruncdn.com
URL: https://ac.aruncdn.com/j/prebid/pre.js?411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

b926537092cfbb1cae1e47464d9745142f129b70c2bdf0b2dfdb2727f1d0c3ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
date: Mon, 04 Dec 2023 01:51:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 e54afa751a1fa3b9f00c2ce64c3b3260
d.audiencerun.com/c/5eyky1py1w/ps/z/ 43 B
956 B 175ms
174ms Image
image/gif 3.20.201.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.audiencerun.com/c/5eyky1py1w/ps/z/e54afa751a1fa3b9f00c2ce64c3b3260
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.201.250 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-201-250.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://himitsu-no-pettoakad.foroactivo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 04 Dec 2023 01:51:58 GMT
cache-control: no-cache, must-revalidate
server: nginx
p3p: policyref="https://www.audiencerun.com/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI"

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame C3B2 0
598 B 59ms
59ms Script
text/html 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:58 GMT
an-x-request-uuid: 0c9d4865-f7b3-4805-afac-662b7042994d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 178.255.148.168; 178.255.148.168; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame 409C 49 KB
18 KB 347ms
60ms Document
text/html 2a02:6ea0:c700::19

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 -, , ASN (),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Mon, 04 Dec 2023 01:51:59 GMT
etag: W/"64abbb76-c2af"
last-modified: Mon, 10 Jul 2023 08:04:06 GMT
server: CDN77-Turbo
vary: Accept-Encoding
x-77-age: 236577
x-77-cache: HIT
x-77-nzt: EQwBw7WqEQH3IZwDAA
x-77-nzt-ray: 4c1562246ea09a15bf306d65197a3920
x-77-pop: frankfurtDE
x-accel-date: 1701418142
x-accel-expires: @1702436521
x-age-lb: 236577
x-cache-lb: HIT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ Frame DAD5 2 KB
872 B 136ms
136ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=4660541&noaop=3&sortOrderType=0&cb=1701654719440&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1579&pt=329560700&tz=60&viewable=true&ddast=V8FSACLAbMfGGwvB6KcBKY-cJgeT0U4SwAAABgYED8AEltNhPHyrJxy1aT5Vq0sEzcwplr4datbLPFyuVceVa-ISAZ52Ti3ExsbsHGY1yLhrvVWmJaLdwi22Kx3A1WztHEZgURNxkOn4OBqOh6W-wOp9nzBixoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3--UAAAAA4AHAUUcPhB9AAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAA0AB1L4GgE8ODHm6vAwqu8vi8Hr9AQDgAQIEAIAABgkAgfGVEgAQnnUnAAAAAAAAAABY_P___8cA0HMqlgFgAb3aA-DBB8ADkQLIIowAAAAAyP5Toh6ZpBNULKoAABCkWwG4AgAQwChjOLUbBgAAAEBM2aafJlcspNaYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEJu64VpgmD0wtX8AgIArPkFBABgo24AAN4EwAk5LGg6HT7XvV7odDtNn9db7ncLXqbT3-F1mOwyv-Xv8Jietr9d43f7RYegFYPB6ijEYjNYDYajwW52AAAAAO78____4ynb9NPkioXU0gMiFsPMZnItVr7lZDGxzDwL08rhcHkWg-HIOZg5tudpW6qa0h4Lq0_ETYbD52AgKrreFrvDafbcz4QtRqvJZLMczpaLyWA4Go5G-zMQi-UATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGBo5HBvLwuNWLowTt2gxmLiFM4dhLZqZXK7VaLNYWFZr0etj-thmE9tmuEWCAR57EVykE5nfcvNbXm-_6em3u1Wei1iiOVmkE9llX7EYZjaTa7HyLSeLiWXmWZhWDofLsxgMR87BzLEvjRyOjWXhcSsXxolbtBhM3MKZw7AWzUwu12q0WSwsq7Xo9TF9bLOJbTPcN3aDxWw12i0m-8ZusJitRrvFZN9hMj1Tn7PRbyv5PSZb67aWSmxOg8JlsHh_n4u0GW3cjC6ZsdvZmcTZkPZgjPj9fr_f7_f7_X5xwmtQeA4e1W4aNI3Xl-Nmt954DwZFLBGcLtKJ6GU8XcQSydMinSh3i4VxYTKsHBbTcrSYDEe7iWswmQyWo91kNVtYxBKl6SKd6CXqP3qI3XAuWa3mitFwrpgNVwkAAAAAAAAAwBJMM90EAAAAwMkghsvJZLdcAA_xf7oAAAAAAAAAAHa5_4yF2ae3VRZr7DEI81tufsvr7Tc9_Xa3ynNlAA_U5Mw284wg1mq1rAEAAAhgAwAACOCmG28CMxg5-4Ckijxwo9YL-RXEaDFY7B-ACrFWq-XzxVqtlsD___9_!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1089141&dpubid=189227&abtst=adxsub-out_vA!adxsub-out_vB!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 10b728127d3f2ce807058ae9b369c83620bb06d0b5417d859e2767d54041b68f

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Mon, 04 Dec 2023 01:51:59 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1462
x-cache: MISS
x-served-by: cache-bma1640-BMA
pragma: no-cache
server: nginx
x-timer: S1701654719.462974,VS0,VE90
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ Frame 6853 2 KB
672 B 182ms
182ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=300&height=168&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1701654719462&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1579&pt=329560700&tz=60&viewable=true&ddast=V8xb4CLAaE5XTldv-EfxMIy-nK7f4J_y4AAABgYED8AMmtFi6Px2RxCye2kVs0W-7WytFmsRauRibfzLjxeFw2IyC51cLl8ZgsbuHENnKLZsvdWjnaLNbC1cjkmxk3Ho_LZgUUMxgML6vBQFR0vS12h9PseevWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8MmBIU-Xl0Fld1kcXq8_AAAAAIAAAAAAIAEgML5SAgDCs-7E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAkDPkrxsLfTHnMYNIgV4RRgAAAABk_ylRj0zSCSoWVf7___utAFwBAAhglDGU-syiOyjxFgYAAABATNmmnyZXLKTWmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCbuuFaYJg9MLV_AICAKz5BQQAYKNuAADeBMAJOSxoOh0-171e6HQ7TZ_XW-53C16m09_hdZjsMr_l7_CYnra_XeN3-0WHoBWDweooxGIzWA2Go8FudgAAAADu_P___-Mp2_TT5IqF1NIDIpbdZjcaDhcz02wxcyyHk-VgNBgOVs7VcDRazryHPKBTNZYfvaUPxQwGw8tqMBAVXW-L3eE0e966-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYrEcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGPO0Wi4mSzWypVp4xaNLCu3xGUyuTWzicU22LgszuFyLXp9TB_bbGLbDLdIMMBjL5KnRTrROHejwWA4Wdk2zt1iOZmZTC7PcDayGVcTw8gym4glmpNFOpFd9hXLbrMbDYeLmWm2mDmWw8lyMBoMByvnajgaLWf-mnM0Gm4mi7VyZdq4RSPLyi1xmUxuzWxisQ02LotzuFyLXh_Txzab2DbDfWM3WMxWo91ism_sBovZarRbTPYdJtMz9Tkb_baS32OytW5rqcTmNChcBov397lIm9HGzeiSGbudnUmcDWkPxojf7_f7_X6_3-8XJ7wGhefgUe2mQdN4fTluduuN92BQxBLBRTqR-S03v-X19puefrtb5bmIJUrTRTrRS8QSwekinYhextNF_UcPsRvOJavVXDEazhWz4SoBAAAAAAAAAFiCaaabAAAAADgZxHA5mezW6SAGw-VitFgugIf4P10AAAAAAAAAALvcf8bC7NPbKos19hiE-S03v-X19puefrtb5bkygAdqcmabfUYQa7Va1gAAAASwAQAABHDTjTeBGUzc_____zgAAAAycugBAACI7wOSKvLAjVov5FcQm8Vqtn8AKsRarVa3G2u1WgENZLeYbXYT-P___w8!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1089141&dpubid=189227&abtst=adxsub-out_vA!adxsub-out_vB!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 10b728127d3f2ce807058ae9b369c83620bb06d0b5417d859e2767d54041b68f

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Mon, 04 Dec 2023 01:51:59 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1421
x-cache: MISS
x-served-by: cache-bma1640-BMA
pragma: no-cache
server: nginx
x-timer: S1701654719.484229,VS0,VE136
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ Frame 67FB 2 KB
676 B 135ms
135ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=300&height=168&pubid=169497&tagid=953497&crid=4660561&noaop=3&sortOrderType=0&cb=1701654719630&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1579&pt=-1814376003&tz=60&viewable=true&ddast=V8i4MCLAbkIMwtdRtP_RDIQZhb6jae-ikAAABgYED8AAlNNr7lbDZcKyarxVq0mNjcypFjsVbMJs6Ry2MxzRwjIyAZ32AxGmwma9XEOXGLVs7FWjlyzdyymWuwcRknDpdtMgUUMxgML6vBQFR0vS12h9PseWvWgAVNp8PnutcLnW6n6fN6y_1uwct0-ju8DpNd5rf8HR7T0_a3a_xuvxwAAAAAPAA46oiC8AMIABABAAAAQAIAAAAAhYAK_xYELgAAAABgACiA2tcA8MmBIU-Xl0Fld1kcXq8_AAA8QIAAABDAIAEgML5SAgDCs-4EAAAAAAAAAACL_____xgAek7FMgAsoFd7ADz4AHggUrBahBEAAAAA2X9K1COTdIKKRRUAAIJ0KwBXAAACGGUMq3DCAAAAAIgp2_TT5IqF1BqzQA-L32922DV-t8sAAAAAAAAAAJj5P_OPRshtvTBNEIxeuJpfQACANb-AAABs1A0AwJsAOCGHBU2nw-e61wudbqfp83rL_W7By3T6O7wOk13mt_wdHtPT9rdr_G6_6BC0YjBYHYVYbAarwXA02M0OAAAAwJ3___9_PGWbfppcsZBaekBos3IuloOVbeQyLhbG1XKwMSwcNuNqshquZq6R92yAPxiZBkUG9aGYwWB4WQ0GoqLrbbE7nGbPWzM_E7YYrSaTzXI4Wy4mg-FoOBrtz0AslgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgwjKcjFy7kVs2c1jcotnI4RZODJu1auZyrIbL0WCzMKxFr4_pY5tNbJvlFgkGeOxFcJFOZH7LzW95vf2mp9_uVnkuYonmZJFOZJd9abNyLpaDlW3kMi4WxtVysDEsHDbjarIarmaukb9hGU5Grt3ILZs5LG7RbORwCyeGzVo1czlWw-VosFkY1qLXx_SxzSa2zXLf2A0Ws9Vot9jsG7vBYrYa7RabfYfJ9Ex9zka_reT3mGyt21oqsTkNCpfB4v19LtJmtHEzumTGbmdnEmdD2oMx4vf7_X6_3-_3-8UJr0HhOXhUu2nQNF5fjpvdeuM9GBSxRHC6SCeil_F0EUskT4t0ohwsVqPhwuXwDFemlXNksRg2w-HG5JnYjJPVwmMRS5Smi3Sil6j_6CF2w7lktZorRsO5YjZcJQAAAAAAAAAASzDNdBMAAAAAJ4MYLieT3XIBPMT_6QIAAAAAAAAA2OX-MxZmn95WWayxxyDMb7n5La-33_T0290qz5UBPFCTM9vMM4JYq9WyBgAAIIANAAAggJtuvAnMYOTsA5Iq8sCNWi_8B6BCrNVq-XyxVqsl8P___x8!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1089141&dpubid=189227&abtst=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!iiqrc_vB!t45!u2822_vA!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fhimitsu-no-pettoakad.foroactivo.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 10b728127d3f2ce807058ae9b369c83620bb06d0b5417d859e2767d54041b68f

Request headers

Referer: https://himitsu-no-pettoakad.foroactivo.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Mon, 04 Dec 2023 01:51:59 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1429
x-cache: MISS
x-served-by: cache-bma1640-BMA
pragma: no-cache
server: nginx
x-timer: S1701654720.652387,VS0,VE89
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://himitsu-no-pettoakad.foroactivo.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

setuid
user-sync.adxpremium.services/ Frame 7C3F
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZW0wvc2hKWPN-pPGz4foFQAA%264477

86 B
692 B

190ms
190ms

Image
image/png

209.192.201.180

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZW0wvc2hKWPN-pPGz4foFQAA%264477
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 209.192.201.180 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:52:00 GMT
content-length: 86
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:51:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FAI8VB0ihEU4qxz223X9hQ3ziGg9cfuClAKO5bg778COr1%2BnEjCkeQx4HiRoU%2BB7U%2FHtBOpEO5f1p8Jn9sNXTtsyXhuGHLsWnzwaFZWMoQ0keouik78Wu%2F7%2BLtlEpcAiPDPTOFbQ"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZW0wvc2hKWPN-pPGz4foFQAA%264477
cache-control: no-cache
cf-ray: 8300684e0f0356a8-OSL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 urlsvid.json Show response
vpaid.vidoomy.com/sync/ Frame 409C 1 KB
872 B 209ms
60ms XHR
application/json 2a02:6ea0:c700::22

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 -, , ASN (),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 04 Dec 2023 01:51:59 GMT
content-encoding: gzip
x-age-lb: 574864
x-77-cache: HIT
x-accel-date: 1701079855
x-77-nzt: EgwB1GY4tAH3kMUIAAwB1GY4EQH3AgAAAA
x-accel-expires: @1702116653
x-77-age: 574866
x-cache-lb: HIT
last-modified: Mon, 10 Jul 2023 08:02:46 GMT
server: CDN77-Turbo
etag: W/"64abbb26-479"
x-77-nzt-ray: 6d204d1198110303bf306d65971a9b33
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://vid.vidoomy.com
access-control-allow-credentials: true

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 401E 16 KB
6 KB 86ms
85ms Document
text/html 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=132058
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Mon, 04 Dec 2023 01:51:59 GMT
expires: Tue, 05 Dec 2023 14:32:57 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET pixel
ap.lijit.com/ Frame 7C3F 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ap.lijit.com
URL: https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID

Verdicts & Comments Add Verdict or Comment

283 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.admixer.net/bs	1970-01-20 18:50:30	Name: am-uid Value: b3d1626bfcc447ecbab432f3553405fc
.himitsu-no-pettoakad.foroactivo.com/	1970-01-20 17:02:30	Name: _fa-screen Value: %7B%22w%22%3A1600%2C%22h%22%3A1200%7D
.foroactivo.com/	1970-01-21 02:16:54	Name: _ga_TTF1KWE3G4 Value: GS1.1.1701654712.1.0.1701654712.60.0.0
.foroactivo.com/	1970-01-21 02:16:54	Name: _ga Value: GA1.2.1786180439.1701654712
.foroactivo.com/	1970-01-20 16:42:21	Name: _gid Value: GA1.2.177237446.1701654712
.foroactivo.com/	1970-01-20 16:40:54	Name: _gat_gtag_UA_144386270_1 Value: 1
.audiencerun.com/	1970-01-21 02:09:42	Name: ui Value: 1656d30b8ed9ce506458129
.bidswitch.net/	1970-01-21 01:26:30	Name: tuuid Value: 2ecd5c3e-8199-4990-9cb1-2e17fbb28830
.bidswitch.net/	1970-01-21 01:26:30	Name: c Value: 1701654713
.bidswitch.net/	1970-01-21 01:26:30	Name: tuuid_lu Value: 1701654713
himitsu-no-pettoakad.foroactivo.com/	1970-01-20 17:24:06	Name: _pbjs_userid_consent_data Value: 3524755945110770
.foroactivo.com/	1970-01-21 01:26:30	Name: _sharedID Value: 2cb7dee4-6a50-4773-96fa-5276bddec711
himitsu-no-pettoakad.foroactivo.com/	1970-01-21 01:26:30	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Da282d57d-6fab-46da-8b03-5fe1589403a0-tuctc66b639
.admixer.net/	1970-01-20 18:50:30	Name: am-uid Value: b3d1626bfcc447ecbab432f3553405fc
.betweendigital.com/	1970-01-21 01:26:30	Name: dc Value: lux1
.betweendigital.com/	1970-01-21 01:26:30	Name: tuuid Value: 4ffd4c54-498c-5252-a649-a7c0c3249779
.betweendigital.com/	1970-01-21 01:26:30	Name: ss Value: 1
.smartadserver.com/	1970-01-21 01:27:57	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 322678=5744271
.smartadserver.com/	1969-12-31 23:59:59	Name: TestIfCookie Value: ok
.smartadserver.com/	1970-01-21 01:27:57	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 01:27:57	Name: pid Value: 6037653639839682426
.smartadserver.com/	1970-01-20 16:42:21	Name: sasd2 Value: q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D0484%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927&lt=638372515137165192&o=1
.smartadserver.com/	1970-01-20 16:42:21	Name: sasd Value: %24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D0484%3B%24qt%3D216_1430_41056t%3B%24dma%3D0
.rubiconproject.com/	1970-01-21 01:26:30	Name: khaos Value: LPQ9A4CF-7-BNEE
.rubiconproject.com/	1970-01-21 01:26:30	Name: audit Value: 1\|naVuGyos1qpizP2G2C5/vQH/zg6eyGA5WYtpZlqiAnwDKSp/xRUtIiIiRTHMwKGszY6euV/9CVCP9qJotzWOZjBQw9aAN/zIgysj8AGYhBHz8yenK/o+fwaiZB/n9kqMl756kl60NTMijy0RC4Zd8dAPlTu0R9RN
.betweendigital.com/	1970-01-21 01:26:30	Name: ut Value: ZW0wuQAMfzg5CvpzZsVjNx5VyN9XAyUub2NoCQ==
.adnxs.com/	1970-01-20 18:50:30	Name: icu Value: ChgItqV_EAoYASABKAEwueG0qwY4AUABSAEQueG0qwYYAA..
.adnxs.com/	1970-01-20 18:50:30	Name: uuid2 Value: 9166068716408060964
prebid.a-mo.net/	1970-01-20 16:40:55	Name: _Amc_b Value: 0
.prebid.a-mo.net/	1970-01-21 01:26:30	Name: __amc Value: 1_1701654713_1701654713
.doubleclick.net/	1970-01-21 02:02:30	Name: IDE Value: AHWqTUkOpS6YYNq9q-FVvcGPCIyWp1kaoco4MAfyA2rQbWwRSUX09PTNwnWEOjujqDU
.doubleclick.net/	1970-01-20 21:00:06	Name: APC Value: AfxxVi6Tyg91zHsp_8QoJPSFz6GqGM-Jcnba8yPXCW-oZmlp2ht_GQ
.audiencerun.com/	1970-01-20 18:50:30	Name: uis Value: eyJ0ZW1wVUlEcyI6eyJhZG1peGVyIjp7InVpZCI6ImIzZDE2MjZiZmNjNDQ3ZWNiYWI0MzJmMzU1MzQwNWZjIiwiZXhwaXJlcyI6IjIwMjMtMTItMThUMDE6NTE6NTYuMTgyMjkyNjYzWiJ9LCJhZG54cyI6eyJ1aWQiOiI5MTY2MDY4NzE2NDA4MDYwOTY0IiwiZXhwaXJlcyI6IjIwMjMtMTItMThUMDE6NTE6NTUuODU2Mzk0MTQxWiJ9LCJtZWRpYW5ldCI6eyJ1aWQiOiIwMDAwRUVBIiwiZXhwaXJlcyI6IjIwMjMtMTItMThUMDE6NTE6NTYuNjIxOTg3ODcxWiJ9LCJwcmViaWQiOnsidWlkIjoiZXlKMFpXMXdWVWxFY3lJNmV5SnpiV0Z5ZEdGa2MyVnlkbVZ5SWpwN0luVnBaQ0k2SWpZd016YzJOVE0yTXprNE16azJPREkwTWpZaUxDSmxlSEJwY21Weklqb2lNakF5TXkweE1pMHhPRlF3TVRvMU1UbzFOUzR3T0RZM01EazBOakphSW4xOWZRPT0iLCJleHBpcmVzIjoiMjAyMy0xMi0xOFQwMTo1MTo1NS41NTE0MDAwOVoifSwic21hcnRhZHNlcnZlciI6eyJ1aWQiOiI2MDM3NjUzNjM5ODM5NjgyNDI2IiwiZXhwaXJlcyI6IjIwMjMtMTItMThUMDE6NTE6NTUuMDg2NzA5NDYyWiJ9fX0=
.criteo.com/	1970-01-21 02:02:30	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:02:30	Name: uid Value: 594e50a5-fd7e-4430-84de-61f055ab5260
.foroactivo.com/	1970-01-21 02:02:30	Name: cto_bundle Value: NxcHSV9GcDliVFc5VDhuWDFlMzd2TW01VkxJODNCd3puNVE1QlZmWG85NEprRHFuWDhWbnVQZ2xGcmY2QUprd1dZVkx6ZUNSNiUyRm1tRlhjOVpkejJlTnFrc0M2b1pKdGVvZldoV09mOGUlMkI4NW1ZTGVBaG5EdVZsZHl4RlZ3dGRRQ2tObTdnVDdBQVgzT05tTEQxaXRqWm9Qc2VBJTNEJTNE
.casalemedia.com/	1970-01-21 01:26:30	Name: CMID Value: ZW0wvc2hKWPN-pPGz4foFQAA
.casalemedia.com/	1970-01-20 18:50:30	Name: CMPS Value: 4477
.casalemedia.com/	1970-01-20 18:50:30	Name: CMPRO Value: 4477
.openx.net/	1970-01-21 01:26:30	Name: i Value: d20d83d0-2de6-0bd6-06c9-9396f779a4fb\|1701654717
.adx.opera.com/	1970-01-21 01:26:30	Name: UID Value: OPUac2fa753ba2b4241ac06626af4c49ddd
.ads.pubmatic.com/	1970-01-20 16:42:21	Name: KCCH Value: YES
a4p.adpartner.pro/	1970-01-20 18:07:18	Name: apuid Value: 1b414717-3584-4e45-96bd-38ae204ff78a
.adform.net/	1970-01-20 17:25:33	Name: C Value: 1
.adform.net/	1970-01-20 18:07:18	Name: uid Value: 5856528034461342552
.smartadserver.com/	1970-01-21 01:27:57	Name: csync Value: 22:928034344544434121\|134:OB_OK
.foroactivo.com/	1970-01-20 16:41:16	Name: ar_fixed_footer_5eyky1py1w Value: 1
d.audiencerun.com/	1970-01-20 16:50:59	Name: AWSALBTGCORS Value: +5PDIZxHHfPocM6PAm5gQIj+qiPVqeyYe9uXgGISdhC2jXEqka9W4zXX9fXaMdeK9JJyLHBTPSj5+KKrJd/RVnWQhDSIV5HmZevjZE3NK86yxYy31APR4j4/SKKclP4kgR+a9MuRnFIrt2+ZK+W0n7FCLFo4x9RCwSmPrr4ctIiO
d.audiencerun.com/	1970-01-20 16:50:59	Name: AWSALBCORS Value: N5LAeWtmEtNUNjEs5vZWsYzCyRpJk0BxihbomgUN0xnggXYMQbTgR7djtrmyayNN1Q6PyKC8aTBmZrpVrzDa60W3ldPXVV7eRrJfIpMBdcb+8xGMJRWy0dxbcPJh
.as.ck-ie.com/	1970-01-20 16:50:59	Name: CID Value: b12fbe22f12b0c1140680acebfae39e3a3669026

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://images2.imgbox.com/da/73/CN9S2wXU_o.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://ad.360yield.com/pb Message: Failed to load resource: the server responded with a status of 400 ()
security	warning	URL: https://ac.aruncdn.com/f/nat/0.native.js?ver=246935 Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://ac.aruncdn.com/f/nat/fixedFooter.native.js?ver=246935 Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fpbs.prd.audiencerun.com%2F%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy= Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
2img.net
a4p.adpartner.pro
ac.aruncdn.com
ac.audiencerun.com
acdn.adnxs.com
ad.360yield.com
ads.betweendigital.com
ads.pubmatic.com
adxbid.info
ajax.googleapis.com
am-match.taboola.com
am-vid-events.taboola.com
ap.lijit.com
as.ck-ie.com
assets.a-mo.net
beacon-ams3.rubiconproject.com
bidder.criteo.com
btlr.sharethrough.com
c1.adform.net
cdn.jsdelivr.net
cdn.taboola.com
cds.taboola.com
cm.g.doubleclick.net
code.createjs.com
connect.topicit.net
contextual.media.net
d.audiencerun.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
hbx.media.net
himitsu-no-pettoakad.foroactivo.com
i.ibb.co
i.imgur.com
i.postimg.cc
i.servimg.com
ib.adnxs.com
id.a-mx.com
id5-sync.com
il-trc-events.taboola.com
illiweb.com
image6.pubmatic.com
images.taboola.com
images2.imgbox.com
imasdk.googleapis.com
imprammp.taboola.com
inv-nets.admixer.net
lb.eu-1-id5-sync.com
match.adsrvr.org
match.sharethrough.com
mp.4dex.io
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pbs.prd.audiencerun.com
pips.taboola.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb.adpone.com
rtb.adxpremium.services
s0.2mdn.net
script.4dex.io
ssbsync-global.smartadserver.com
ssp-sync.criteo.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
t.adx.opera.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
ups.analytics.yahoo.com
us.ck-ie.com
user-sync.adxpremium.services
vid.vidoomy.com
vidstat.taboola.com
vidstatb.taboola.com
vpaid.vidoomy.com
wf.taboola.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ap.lijit.com
131.153.158.209
141.226.224.32
141.226.228.48
141.95.33.120
141.95.98.65
142.250.185.130
142.250.185.98
145.40.97.66
146.75.120.193
15.197.193.217
151.101.129.108
151.101.129.44
151.101.65.44
162.19.58.157
162.19.88.68
167.235.184.171
172.64.151.101
184.30.16.195
184.30.20.22
184.30.22.30
185.106.140.18
185.106.33.48
185.64.189.112
185.64.190.78
185.86.138.124
185.86.138.155
185.89.211.12
188.42.34.64
2.18.160.23
2001:4860:4802:34::36
209.192.201.180
212.63.223.227
2600:9000:225e:c00:1c:96c8:3900:93a1
2602:803:c003:200::45
2602:803:c003:200::57
2606:4700:20::681a:8a9
2606:4700:20::681a:a19
2606:4700:20::681a:e5
2606:4700:3032::6815:1f9f
2606:4700:3038::6815:eb4c
2606:4700:4400::6812:22b2
2606:4700::6810:5614
2606:4700::6813:9e13
2606:4700:e2::ac40:8413
2a00:1450:4001:801::2002
2a00:1450:4001:806::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2008
2a00:1450:4001:827::2006
2a00:1450:4001:827::200a
2a00:1450:4001:829::2004
2a00:1450:4001:831::2001
2a00:1450:400c:c07::9d
2a02:2638:3::3
2a02:2638:3::6
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:3100::1735:2a09
2a02:6ea0:c700::19
2a02:6ea0:c700::22
2a05:d018:d29:3602:c677:cda8:fdd8:5f9a
2a06:98c1:3121::3
3.126.176.240
3.139.153.231
3.20.201.250
3.71.149.231
34.120.63.153
34.98.64.218
35.156.210.91
35.157.123.207
37.157.5.132
51.75.86.98
54.228.143.85
54.38.197.123
69.173.144.137
69.173.144.165
76.223.111.18
8.2.110.113
8.2.110.114
82.145.213.8
89.149.192.75
94.23.159.185
94.23.76.111
0241319c992caff49d7fd2a9bd5016746cc347f5b48d8c7f46dae3e657fc6fa1
031723ed38ba012c9f5055e6c5d780afb62e5cf1a9a9d9b7de2f8a786ee5b886
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
075cf79f6bc1c5bc0632bbb95eb107694b5193965e14e5b00d1ad70956d8ee5a
0809b7553eeeab54f882ba914450839b76ad2f4a68de2db9516ac7bf422b5813
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08d7bdc5da556f1b447a87b87816aaf048cdccd79fa51d15d002cc0af5144a5d
0a2ea938952c4cfc04f4bb75a732cbf14ddf2ed2b5a5dcb505878f161638affa
0a7e2d37c4e795bfbbb48fc63f1131a5283df54218e0500f84b5cfb171ca0055
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf5431951b9efa0168aa374e03d08568c8a1895d975c0dde21800f700b87cbf
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0fb0a5abdf0b1210bd82a090aaa83ddcdde4b47a2f2e0db2118f292b7120ac91
0fec9134da627b9136aa49887ca2ad7c3b4bdc241e89872faf170d6727412b28
10b728127d3f2ce807058ae9b369c83620bb06d0b5417d859e2767d54041b68f
113d66123f3bf0754707d0c2375820e261d1606fe15f1fd25f7a264ecd76224d
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
167441c39c348884492d7ad546f549cb129ab04a08691382c12fdabfb840af34
16ac2f860bf60e7e38246d9900b4cf2b7a4ab9faeacaa59aa8afabd5f2c55345
16b8922ce82914294ccad739d9f92b8e70e38811cdeb30c1a6a365d4de2c90ad
170dac8117b815860285989688107dfc6dc0a383a4f65627973d299c10e23956
18820c7b322c66b1e7647c1d0d5d2f9c6c6faf47c370bda60677dfa4b54ace67
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1bc71723dd9b58ca76778ee4ab3a2d9a08fdaee2a2b8c34079acca1aada4428a
1c4aa98cf2c9546c325490163053a719589d2d2407c021ba6bf8e7a277ece1bc
1d7e58ef8b62b2bba5098f53f4b7ef34580ca1ce21175bb26b23b3e0d803601d
1fa6ba50bf46864a29bb3f0427ef50f814e5811f16dc11e7f7f211a75dd01113
20fab67bc698fee846ed5177e20b2fd0f792feef6b9e100a9117d0882a93fde5
21590d1a4164ea6eae62920b6ecd2a89fd0c7a3e6bd2342022395b6cd87ab9a5
2279000e9df9c4fbb34f60a679b8db45bf4dd5cef2977e6815ffec76573d02c2
237c5f6e3296b474d6e5d63a047f2ffa2ca358ba3abf35abbb4cfa94c2a10b07
2396627a6c90096ad303fb9e1771cf24b07fdf0d5699a074201df41dba5ae6f7
23a7269c5481935300311b9ae4eed210173a799e399811916c55e81bf5f4cca0
23be80c5bbf083dc3d43a64b0bf6092f9219e1902cb2ad4f19bfc7cd438dafb4
25ea7f3e5d1f671e9ba9dc1bfdcdf03e60643b12fbb6f1cdd4d8f2800e166dad
26123d76b91de88eb7d5b8e922ab1f1d4e8a2f87c33a83a2648ecceec8de6add
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
26661555150026c5e5cddbfcc2886ad4adc50b7dc60051cc277e64e01a0a36e0
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2924208690c35e98e9aeb09e476a9e4b4c19812449bc6b5d5cd5edc9184ee1f4
29646c2ba0f044af1ec8665ac8cb52fb38902c0b7baa75a005185dd009703ae2
2a3cdf2d3a89826fbcc79e54ba1b5864be337354a179548786a87cb2421528e4
2a62b351be4bdb5f8f17f1660094ecdbe9d721468ccdb89aa477ea943f2908ca
2cf91454ac9591276ce2591caa9374a593482dc8f3c6b9d801790f73aa6486ce
2eaa8adb8e774a9d7b39bf515ea41e6a93f3363e66050b922729a1e93fba2ac7
3216cfcf76503ad8ee4d91995b9ab9cba3ea2275a62f78fdb2e60abf06bb8769
39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542
3afb7f04f8cf0f2dd00750f51595dc7c067b8fd958a55a11f77e45fd0eb02b29
3bdba1708fca0900e998e8bb107349974ababb32730f70317d757f608222e733
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb
3edec9aed1309166fc55d6e17ad83845cebacb21d4894c715c659ce810dc3cf1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
410927534a422aa92916a920f685e329a00b27bd1b4669d1ecd6754f416219f1
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
451868198730c374ded8c6f6d5d71e0bea2345827fe6f84bc3dc6d7134a5c729
4535a0abb189fb1cde60b84eac5b4068cf2b89ddba532b84ebb040483c972328
45ef75076a87745600acde6abefec30a166fe98981b878868da0e92d54e276da
469004ca5a4d49ab926a8298197c697a03c86ac8e0000c42da0684daf33541d4
4752c0bd33f8dc2e48f01bfad4dbc2ec5dfecbb07213ea9a8895230b76dc44ff
4788bc80399dbf5d9e722250a0f41f76f1abafe6431c3e09d75d60ee25e33d2e
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47af46bda8c32293b5e7d29cea895926ad5aca5397e108556edecf4e7866c0d7
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
47d4e9b714d5fca8932b8f8f6cda664cfe8e8475002246b78b1c6c1544109188
4828fd073a3b3ae17675d358262414d34cee95b4b94a4ab41a8e335a2015eb0c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4cafa97c620f0e83a82d4068ef5164f36687061a1045a3d5a1f721cfb8ca0b4d
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768
4d1d681f8d4db5bd42930fc6a1125452b4216a870b35ce8ed8e030b60cbba257
4d2393ec9a6d20fc58d60f8d9140fd7ccdd709ec1ab00036dce2847901c2ba92
4e93e03dbbcf0f7d5277fcb4ceb52ddbf97f681b27d8473c5d50a94bc59d58db
53140700ea3e59b792bb4c001a0b868891c6c797accbb0727d4ca70038cd2b1d
53bc80fb460d109c66dfe9fd2507081e51972d9ccee312f39ff6ab53bcc1c0fb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57d26105ee459ccaed87b824a6228eef4118e9da46ec23cd22e8ab6ee41fa4c0
581c23b8cac849d9a9d0744056412890980f0415bb8cbda775a7607566215e20
58f412f37d574b4f0cf761101884a6c5a9643cdaf19c2df85a967144c195396e
59044c0e5cf5820448373e4ede00b8d1f0b45dc331b2d9c71a5d707b1d1f0dee
59be6742c628fe76d51bfb638199f9b1b8520a044891ad6e131ccb934bcc5703
5aa4c0e197e3bf331fdfdc68769bb094d6e52cc32c83f6aec7084fcdf521b9b8
5b2e7e4019134af0bdaa2d142cb3a9026b4c3448c933d42fd14e6ef462726ab5
5d958f566093a56c1680b55ba34ca531dd0902f0588b65f6068b7738c453c20f
5eba8dde85bf230d52ef0c1553a832dbcee0c561d40f0c1b2dacbd7517a8d0cc
5f49c72f63a3bc2d4b02204d59eaee03fefc25bcdab9abc834c3841541db3bd3
5fcd53ac7e7b4537bd04b696865d88ce2226c4d901b8ebc764e9c80c9d489b29
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
622959372b7560110c365481e0b73c2605b538922dcb6e3431339f142019b31f
6368c52828ed3bb8b0fe4ef24157bed537edba9b93b22c942b58c3fceaff74cf
6543458fd7e4af449d0baff67e491f8b62ff42b93f85e0e40e45f14c1f235f64
657f1a41d08d069639dd6313ea2f8c0cf7089e4c1967d3930c467864641149ca
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6707d832b84afe0b72624ad981e7af390e60a85b91093022eb8c21529a2a395f
68614fd3826af2a0b70b7a66188a054ff995bfc4780d0803c23ed5e79c99aa15
695a4f2c4a7fb70469cd26498a53a9e99d583a476f1f7f2447a481c5ca3d914b
6bf0e4bf067c308daeb831a0ebbf536b6c0e2b0943430def1544c35c36e471f4
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
6d7b739be649a2a82b5ef5288c9637fe3e942438ce73ebe2a0e713c95285307b
6de5097f93bba9c2a0f9c6d54074d590dc060b150862293699b8ae7a676a76ae
6f4710023a3d22901952b1c3055c876f69ca755a7f634b246a98d2c0a4404b1c
704b64c4211c940d6b7fdb67f46c825c93b09325222587aa5a4543d1b243bbd8
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
75f4bd359fa1c3ec6d502058278a9a79ab115b23f290796bc3a2794c42a8123c
77b2de07ba2d3424cd1fba7500ce9c6046fca8473cc4c698d520d0b50d26846b
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
799b3cd114b6fa864a4125c66feda56e93aa3ed2b2b2a43302559ef900087fd7
7a3eb37cd27db163117bdd65f24555708748528618164b4f2464990dc6042e70
7bee53a116878a514fbec6c8cbbc0dc98ae38bdcc4f4b7907d0e6898917faa3c
7cc1b84c554450964ebba0dd7777e155c15aa42cfda52da30fd1b6ec107ebd12
8057644665b99473c56ccab9d9b2d86640c6a71d9b2aec26da89f55655498349
815108801b3216cafa1073e5c36bd5eaa7c65e9ae52c9089d9a32ededbbd9585
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8646338e63dab5aa92cb03d1f9f30c9ea421a97f3b10956cd6c465b4caeff549
88f0eb774054ae3e030e172c9d1533a0d673ebb497af9fc7411432ea327255e3
89897b20907e2a8abc742770252262b2da428a618aac062806ecf0eab8a1d710
89a351bfca61b83c4ae700e52d90f3f42e22c6fafecbd8476eaf947e78b86c46
89df20304bf3cc608f330d26187cbafff5aa4a7416ea37b1d6f48bfaf2ed8ae5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b59a2c4101fa80d34d331a5830264d467fcd7210668bd10d126c0b814493114
8d4be1d589e2c38e01e13bbe021e7602ab71d68ccf87b4b7262256ee2e2dbd8d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d881275cf347802b5a801a0615b1b6c5859f492e4339eca9c23e612f7e4e756
8db79afe7f603aa2fe395de1d165976882126efe16f386432d2ca40c3452f669
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ff4ec3878771bc6c778f2a7d2e94810bb3414063a06de0e0bb4b8119397d34e
9029ed9ceaf19e50ea216e3efed21b0f85c038385e3422142cd8a5c9425dd22b
90502c79d6c644699f8a5fff55cb5af1bddbfc970d4268bd7a8e8021a3152905
913bbda58746d2834fa514a1960eddd741c0dad41288fdcca43afb0203fde631
91bbc8e7f3b8c2cff63a6862c672abc507c6798a7aa7279ff6e820a8311b9df7
9694e982d8a675026ccc777cfcc8fac73ff151bd76916e89d2f6fc25fd6d1177
96e119c45451cc899e0468dcc2f97fe345230de3cb74a0b8402495bc64404a22
97bf4937abedd73eacfe93324d5cd5dabccc0f7494b468097f0402d99a1c6947
99f74ace0f97d6365cd7a386ae386539aae1627ca31c7bc5ed6af0060dee032f
9b32035eb28b81ae18efa26adc88d623a643e8cac0fe1e9994fc51b229a00a39
9bfbe138e8d225b5e5caed65a0fc376e9bb229760db0840d68df82828c0d59b8
9cce595b201da3285768c8375124b2976eafacaa8002781d478ee1f9d69dc8c4
a276aedb4b458743243c3238f3b819e285df7f3801b77530a84dc7535daa80fb
a2fdd7eb88b481044f92b435759b336619578722787b3491b8a5e5fda2446e39
a35932e2c0e04b7871b7f7308f3e5f419f413eb40a4a8f2a1f3a57726b0f1d22
a36f000b96c1e6f4ebcc97ac228ab05592f04b1e91cf51f24d761ce9f672d989
a4199fcba783192f2a89a4345f349c8e76535e0020cba0053533924c08b80b94
a56d8fd2c346648167ab574f3be9f54f3a96707aeddcdd3ceabd3ac1201b8057
a90473d5a061978644f9ca9ae5430bc7e04a480eedb7eeec16ea3e719f1ef355
aa2cd7eb141f2f18d9cc574e9adf46249d102910d083515e2632db19f3e9ddbd
aa63335d72f22466c8d843a511863c2ab70b45f78762327f25f7f476c5691b1c
aa6570731c13de733fff4fbdf05a626778826fa5260153780ffc36c4678b4262
aadd9ae3652bdb68415c38c37b655b71d539dddffbe11d61b745de7d3fe14b27
ac4b622288ea015d3bf9fc0105a1926faaed52459504c5cad9cb99da603bf837
ae540d7788bb22cdd6753ff56107e0f405cbcdef8b0b9e6b73bc16eeb26acc48
b04453744d90009662bff3f5bb7d2463f99765551150b21ee489199f824c2267
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b212347b0bc906eaa433a4b3cbc5ebc931c72228c1e5707b8798d9dedd37bf92
b33240f34b8b2f99b1d11c1a02ccd753283ae6f5ffd5fc35d79cb603b4ae6533
b57d51733f244481055bf119984fd5460217b2d5f4dd4f90e72e4017d5399edf
b926537092cfbb1cae1e47464d9745142f129b70c2bdf0b2dfdb2727f1d0c3ea
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bd3374c999d05a15268100e1b8803de010594096d082250e4677e03bf9ea50f2
bd3e01f5d8c7069bc19cc62a89142a300d49d804b192eca0e1ac5e58ba1dcd90
c048de27eaa61b04063bc24d32978ef8b939ebd989a9f085855059920ec7baa2
c230de4fe5d87b0cb5449c152bcaa64b4da9d3f7ed11e898835c7a350fe3e262
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c50df34f7e5841ef084c8ae8fc9d1ec543c0dd04b6afa2a49aeb0e6f65b8be77
c652e500bda06391a2ab54475ec68c859b00982f151d518a74dd83de1bc2200d
c6709bb8ef59c62f5e929cafc7ec973e05d4ca8f037594f576b33453b1eff0a1
c78038539d61fb4a84b70308e1a825d638cfacc207299b6fe6fb5d8fb1e8497f
cbeda8c681183b4cf452950ae66650e596ab8ecda43e51f32d411d466fc01c90
cd780e9b88fa308d53f0a380590222bb405d10ea4d25bfee3f4e59bcb0e23ea9
cec247e60950dc1d7beafc25b56c0c03ef6b6598906b236d7597de764569f0a1
ced37a1b083d25fd3dbdc30bf935d8d1be7970b4bf3f4b2082f368287f2ed10d
cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4
d043f3842d074cc8d55b17d3fcb2194a800414e963774f73dfd26a95e8d3b2f2
d2dc0309440492775691ca612254b138b72155b43601065d0596721bda7f17d2
d2e6ad79d40d191df86c8c81c69bc70e93397ad7fa854cd8f11d096aafd8a25f
d38dd492f7cc7d3f7b14883d83efa6190334f8641e8404c89def9a280092787a
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
d8aeabcc4f93b0b423d0b1ef7a96340f5ef2a871f115a584ee8c9b54f9539c39
d8b7aa72523354265a8e7adce3a890882df4fd8181d4852cd41914b9896f93e4
daeb8763e702f11617be99418d2cfea9976ac0a101bc2b89151853035c70a831
dd47e8207f473968755aaae3dd27589e10cca8b3b79cef6ea33f269f3db79385
dd5bd4849a68af0a8970825e3c303bb75b95c5eca71c96bd8af87b242249ac51
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfbed761248e93343233a74b2cd5b0457d0efc8fde33faa7516625d38d8e06e6
e23c14cb03cd0b8f3fb4c91f1d649a2cb075953f35c9b63bd5d2753ce57b97d8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebd05afc224c2ec35786d9a2181d0606eb63cca44be89c1068503453c3de43e2
eec081c3c9781fe82a08835d244678bd70368cf110878e11ef5e2b213013cdea
ef0f536366caaabe5cff71d77506da2a32a72322afd06010ce463c74faf7ebba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8f55cf80a79e162ed9db3b4e1f4fdcd8150212cc71e62f8dbc6a8eab5303c8
f1304e0567cc62d691ee57b01b9e837d8274a61016e7dbaff7074c29346b7c0f
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f71501bf20ed154f83af7eb0e96ed0a5f9cfffafef409c17a8c8d0748355b44a
f9422049f92a5ad49906bf19f158f59c8b3de1bc3f913493ae57a5d25c9b2b1d
f955584c2704042e9c307f79de1b54aadbe56ea7dd638f352d149e01a9db4aab
faec4130c7feb2a6170947eca3b187dafe5ded1888ca58b60d10ceb29d039d44
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc4c51f62d031c721c987fc0777f5a67e8f85b6f4addca9afb51dccf75a05b8a

himitsu-no-pettoakad.foroactivo.com Open in urlscan Pro 94.23.76.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

369 Requests

96 %HTTPS

41 %IPv6

56 Domains

99 Subdomains

81 IPs

13 Countries

8817 kBTransfer

18819 kBSize

51 Cookies

42 Outgoing links

Page URL History

Redirected requests

369 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

himitsu-no-pettoakad.foroactivo.com Open in urlscan Pro
94.23.76.111 Public Scan

Screenshot
Live screenshot

Full Image

369
Requests

96 %
HTTPS

41 %
IPv6

56
Domains

99
Subdomains

81
IPs

13
Countries

8817 kB
Transfer

18819 kB
Size

51
Cookies

369 HTTP transactions
0 data transactions