subdl.com Open in urlscan Pro
2606:4700:3031::ac43:dd65 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Submission: On July 20 via manual (July 20th 2021, 6:32:17 am UTC) from US

Summary HTTP 188 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 79 IPs in 10 countries across 79 domains to perform 188 HTTP transactions. The main IP is 2606:4700:3031::ac43:dd65, located in United States and belongs to CLOUDFLARENET, US. The main domain is subdl.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 23rd 2021. Valid for: a year.

This is the only time subdl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2606:4700:303... 2606:4700:3031::ac43:dd65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	172.255.6.115 172.255.6.115	7979 (SERVERS-COM) (SERVERS-COM)
1	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2606:4700::68... 2606:4700::6810:a723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	109.206.162.83 109.206.162.83	50245 (SERVEREL-AS) (SERVEREL-AS)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
1	88.208.30.231 88.208.30.231	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
6	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::6815:17a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:f940:2:2... 2a00:f940:2:2:1:1:0:250	197695 (AS-REG) (AS-REG)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
2	213.174.135.25 213.174.135.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	194.58.108.104 194.58.108.104	197695 (AS-REG) (AS-REG)
2	2606:4700::68... 2606:4700::6813:e85e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:20:... 2606:4700:20::681a:eee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	213.174.135.24 213.174.135.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
4	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
7	151.139.241.23 151.139.241.23	33438 (HIGHWINDS2) (HIGHWINDS2)
1	145.239.193.145 145.239.193.145	16276 (OVH) (OVH)
1 3	185.86.137.17 185.86.137.17	201081 (SMARTADSE...) (SMARTADSERVER)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba29	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
1 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
5	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
9	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1	52.210.129.48 52.210.129.48	16509 (AMAZON-02) (AMAZON-02)
1	13.224.89.3 13.224.89.3	16509 (AMAZON-02) (AMAZON-02)
2 8	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:219... 2600:9000:2190:a800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8 10	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
5 5	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2 4	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
2 2	54.171.168.191 54.171.168.191	16509 (AMAZON-02) (AMAZON-02)
1 1	3.11.29.5 3.11.29.5	16509 (AMAZON-02) (AMAZON-02)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.227.247.230 35.227.247.230	15169 (GOOGLE) (GOOGLE)
2	136.144.58.223 136.144.58.223	54825 (PACKET) (PACKET)
1	3.127.73.204 3.127.73.204	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	176.34.224.114 176.34.224.114	16509 (AMAZON-02) (AMAZON-02)
1	139.45.197.81 139.45.197.81	9002 (RETN-AS) (RETN-AS)
2	139.45.197.236 139.45.197.236	9002 (RETN-AS) (RETN-AS)
3	139.45.197.15 139.45.197.15	9002 (RETN-AS) (RETN-AS)
2	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
3	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	139.45.197.243 139.45.197.243	9002 (RETN-AS) (RETN-AS)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
1	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
5	2606:4700:10:... 2606:4700:10::6816:1874	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	152.228.227.59 152.228.227.59	16276 (OVH) (OVH)
1	34.216.100.107 34.216.100.107	16509 (AMAZON-02) (AMAZON-02)
1	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
1	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 13	2606:4700:20:... 2606:4700:20::681a:34e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	5.178.65.245 5.178.65.245	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 4	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
2	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	34.231.105.138 34.231.105.138	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.126.63.176 3.126.63.176	16509 (AMAZON-02) (AMAZON-02)
3 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1 1	35.158.176.66 35.158.176.66	16509 (AMAZON-02) (AMAZON-02)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	208.100.17.173 208.100.17.173	32748 (STEADFAST) (STEADFAST)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	209.54.178.82 209.54.178.82	16509 (AMAZON-02) (AMAZON-02)
1 2	34.253.109.165 34.253.109.165	16509 (AMAZON-02) (AMAZON-02)
1	72.251.241.204 72.251.241.204	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
188	79

23 2606:4700:3031::ac43:dd65 (United States)

ASN13335 (CLOUDFLARENET, US)

subdl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.255.6.115 (Netherlands)

ASN7979 (SERVERS-COM, US)

eondunpea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

tabloidsuggest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.162.83 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 83.162.serverel.net

splashforgodm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

cst.cstwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.208.30.231 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

in.pdvacde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:17a (United States)

ASN13335 (CLOUDFLARENET, US)

ndroip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:f940:2:2:1:1:0:250 (Russian Federation)

ASN197695 (AS-REG, RU)

bookbannershop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.174.135.25 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.58.108.104 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: 194-58-108-104.xs.vps.regruhosting.ru

servboost.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:e85e (United States)

ASN13335 (CLOUDFLARENET, US)

viewm.moonicorn.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:eee (United States)

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.174.135.24 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

script.clickadilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

27ef20d4e2cff6275a429d08a70f4c73.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.139.241.23 (United States)

ASN33438 (HIGHWINDS2, US)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.145 (France)

ASN16276 (OVH, FR)

g.themoneytizer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.137.17 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.192.166 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.129.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-129-48.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.89.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-3.zrh50.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:a800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.33.221.53 (Amsterdam, Netherlands) 8 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.212.130 (Mountain View, United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.168.191 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.11.29.5 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.247.230 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 230.247.227.35.bc.googleusercontent.com

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.144.58.223 (Secaucus, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.73.204 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-73-204.eu-central-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.34.224.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-224-114.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.81 (United Kingdom)

ASN9002 (RETN-AS, GB)

jighucme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)

jewhouca.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.15 (United Kingdom)

ASN9002 (RETN-AS, GB)

in-page-push.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

cdn.betgorebysson.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)

onmarshtompor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

itgiblean.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:1874 (United States)

ASN13335 (CLOUDFLARENET, US)

ipp.littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.228.227.59 (France)

ASN16276 (OVH, FR)
PTR: p105.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.216.100.107 (Boardman, United States)

ASN16509 (AMAZON-02, US)

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::681a:34e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ms.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.178.65.245 (Woerden, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.251.249.9 (Amsterdam, Netherlands) 4 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.249.52.249 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

u-ams02.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.149 (Madrid, Spain)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.231.105.138 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.63.176 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.176.66 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.173 (United States)

ASN32748 (STEADFAST, US)
PTR: ip173.208-100-17.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.178.82 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.109.165 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.204 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	subdl.com subdl.com	128 KB
13	quantumdex.io 1 redirects useast.quantumdex.io sync.quantumdex.io ms.quantumdex.io	6 KB
13	doubleclick.net 5 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	150 KB
11	adnxs.com 8 redirects ib.adnxs.com acdn.adnxs.com	26 KB
9	zeotap.com spl.zeotap.com mwzeom.zeotap.com	3 KB
9	vlitag.com services.vlitag.com tag.vlitag.com assets.vlitag.com	429 KB
7	casalemedia.com 2 redirects as-sec.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	7 KB
7	criteo.com 1 redirects gum.criteo.com mug.criteo.com bidder.criteo.com	2 KB
7	themoneytizer.com ads.themoneytizer.com	205 KB
7	googlesyndication.com pagead2.googlesyndication.com 27ef20d4e2cff6275a429d08a70f4c73.safeframe.googlesyndication.com tpc.googlesyndication.com	85 KB
5	littlecdn.com ipp.littlecdn.com littlecdn.com	303 KB
5	onetag-sys.com onetag-sys.com	3 KB
4	lijit.com 4 redirects ap.lijit.com	2 KB
4	adsrvr.org 2 redirects match.adsrvr.org	2 KB
4	googleapis.com fonts.googleapis.com ajax.googleapis.com imasdk.googleapis.com	148 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com	3 KB
3	e-planning.net 1 redirects ads.us.e-planning.net u-ams02.e-planning.net	2 KB
3	in-page-push.com in-page-push.com	32 KB
3	smartadserver.com 1 redirects ww1097.smartadserver.com	4 KB
3	googletagservices.com www.googletagservices.com	89 KB
3	google.com www.google.com adservice.google.com	2 KB
3	bookbannershop.com bookbannershop.com	92 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	578 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	1 KB
2	pubmatic.com ads.pubmatic.com image6.pubmatic.com	5 KB
2	advertising.com 2 redirects pixel.advertising.com	677 B
2	advangelists.com 2 redirects nep.advangelists.com	456 B
2	sonobi.com sync.go.sonobi.com	1 KB
2	criteo.net static.criteo.net	52 KB
2	rtmark.net my.rtmark.net	1 KB
2	jewhouca.net jewhouca.net	22 KB
2	a-mo.net prebid.a-mo.net	198 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	leadplace.fr tag.leadplace.fr	5 KB
2	tmyzer.com c.tmyzer.com	540 B
2	sascdn.com ced-ns.sascdn.com	31 KB
2	moonicorn.network viewm.moonicorn.network	18 KB
2	servboost.tech servboost.tech	162 B
2	google-analytics.com www.google-analytics.com	19 KB
2	gstatic.com fonts.gstatic.com	30 KB
1	adgrx.com cm.adgrx.com	408 B
1	33across.com ssc-cms.33across.com	3 KB
1	sharethrough.com 1 redirects match.sharethrough.com	240 B
1	adnxs-simple.com ib.adnxs-simple.com	944 B
1	creativecdn.com prebid-eu.creativecdn.com	171 B
1	sharedid.org id.sharedid.org	210 B
1	itgiblean.com itgiblean.com	326 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	onmarshtompor.com onmarshtompor.com	811 B
1	betgorebysson.club cdn.betgorebysson.club
1	jighucme.com jighucme.com	2 KB
1	adleadevent.com adtrack.adleadevent.com	520 B
1	rlcdn.com api.rlcdn.com	217 B
1	360yield.com ice.360yield.com	562 B
1	4dex.io mp.4dex.io	1 KB
1	mathtag.com 1 redirects pixel.mathtag.com	709 B
1	agkn.com 1 redirects aa.agkn.com	381 B
1	quantcount.com rules.quantcount.com	1 KB
1	id5-sync.com id5-sync.com Failed	526 B
1	indexww.com js-sec.indexww.com	13 KB
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	cpx.to p.cpx.to	3 KB
1	themoneytizer.net g.themoneytizer.net	271 B
1	google.be adservice.google.be	853 B
1	clickadilla.com script.clickadilla.com	44 KB
1	wpushsdk.com js.wpushsdk.com	3 KB
1	google.de www.google.de	522 B
1	nawpush.com na.nawpush.com	578 B
1	ndroip.com ndroip.com	27 KB
1	pdvacde.com in.pdvacde.com	299 B
1	cstwpush.com cst.cstwpush.com	60 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	splashforgodm.com splashforgodm.com	41 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
1	tabloidsuggest.com tabloidsuggest.com
1	eondunpea.com eondunpea.com	1 KB
0	tgpsew.com Failed tgpsew.com Failed
188	79

	Domain	Requested by
23	subdl.com	subdl.com ajax.cloudflare.com ndroip.com static.cloudflareinsights.com
11	sync.quantumdex.io	assets.vlitag.com sync.quantumdex.io ssum-sec.casalemedia.com
10	ib.adnxs.com	8 redirects ads.themoneytizer.com ssum-sec.casalemedia.com
7	ads.themoneytizer.com	securepubads.g.doubleclick.net ads.themoneytizer.com subdl.com
6	assets.vlitag.com	tag.vlitag.com
6	mwzeom.zeotap.com	subdl.com spl.zeotap.com
6	securepubads.g.doubleclick.net	ajax.cloudflare.com securepubads.g.doubleclick.net subdl.com www.googletagservices.com
5	cm.g.doubleclick.net	5 redirects
5	onetag-sys.com	ads.themoneytizer.com sync.quantumdex.io
4	ap.lijit.com	4 redirects
4	ipp.littlecdn.com
4	match.adsrvr.org	2 redirects js-sec.indexww.com ssum-sec.casalemedia.com
4	gum.criteo.com	1 redirects ads.themoneytizer.com static.criteo.net
4	pagead2.googlesyndication.com	cst.cstwpush.com securepubads.g.doubleclick.net tpc.googlesyndication.com
3	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
3	ssum-sec.casalemedia.com	1 redirects sync.quantumdex.io ssum-sec.casalemedia.com
3	ups.analytics.yahoo.com	3 redirects
3	in-page-push.com	subdl.com in-page-push.com
3	spl.zeotap.com	ads.themoneytizer.com spl.zeotap.com
3	ww1097.smartadserver.com	1 redirects ww1097.smartadserver.com subdl.com
3	www.googletagservices.com	securepubads.g.doubleclick.net tag.vlitag.com
3	bookbannershop.com	ajax.cloudflare.com bookbannershop.com subdl.com
2	bcp.crwdcntrl.net	1 redirects ssum-sec.casalemedia.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	pixel.advertising.com	2 redirects
2	nep.advangelists.com	2 redirects
2	sync.go.sonobi.com	sync.quantumdex.io
2	static.criteo.net	assets.vlitag.com static.criteo.net
2	ads.us.e-planning.net	1 redirects
2	my.rtmark.net	in-page-push.com onmarshtompor.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	jewhouca.net	subdl.com
2	prebid.a-mo.net	ads.themoneytizer.com assets.vlitag.com
2	mug.criteo.com	subdl.com
2	dpm.demdex.net	2 redirects
2	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
2	c.tmyzer.com	ads.themoneytizer.com
2	ced-ns.sascdn.com	subdl.com ww1097.smartadserver.com
2	services.vlitag.com	ajax.cloudflare.com services.vlitag.com
2	viewm.moonicorn.network	subdl.com viewm.moonicorn.network
2	servboost.tech	bookbannershop.com
2	www.google.com	subdl.com tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	subdl.com
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	image6.pubmatic.com	ads.pubmatic.com
1	ssc-cms.33across.com	sync.quantumdex.io
1	ads.pubmatic.com	sync.quantumdex.io
1	ms.quantumdex.io	1 redirects
1	match.sharethrough.com	1 redirects
1	u-ams02.e-planning.net
1	ib.adnxs-simple.com	assets.vlitag.com
1	bidder.criteo.com	assets.vlitag.com
1	useast.quantumdex.io	assets.vlitag.com
1	prebid-eu.creativecdn.com	assets.vlitag.com
1	acdn.adnxs.com	ads.themoneytizer.com
1	id.sharedid.org	ads.themoneytizer.com
1	littlecdn.com
1	itgiblean.com
1	cdn.jsdelivr.net	assets.vlitag.com
1	onmarshtompor.com	jewhouca.net
1	imasdk.googleapis.com	tag.vlitag.com
1	cdn.betgorebysson.club	in-page-push.com
1	tag.vlitag.com	services.vlitag.com
1	jighucme.com	subdl.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	adtrack.adleadevent.com	ajax.googleapis.com
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	api.rlcdn.com	js-sec.indexww.com
1	pixel.quantserve.com	subdl.com
1	ice.360yield.com	ads.themoneytizer.com
1	mp.4dex.io	ads.themoneytizer.com
1	pixel.mathtag.com	1 redirects
1	aa.agkn.com	1 redirects
1	rules.quantcount.com	secure.quantserve.com
1	id5-sync.com	subdl.com ads.themoneytizer.com
1	js-sec.indexww.com	ads.themoneytizer.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	g.themoneytizer.net	ads.themoneytizer.com
1	27ef20d4e2cff6275a429d08a70f4c73.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.be	securepubads.g.doubleclick.net
1	script.clickadilla.com	cst.cstwpush.com
1	js.wpushsdk.com	cst.cstwpush.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.google.de	subdl.com
1	na.nawpush.com	cst.cstwpush.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ndroip.com	ajax.cloudflare.com
1	in.pdvacde.com	subdl.com
1	cst.cstwpush.com	ajax.cloudflare.com
1	www.googletagmanager.com	ajax.cloudflare.com
1	static.cloudflareinsights.com	subdl.com
1	splashforgodm.com	subdl.com
1	ajax.cloudflare.com	subdl.com
1	tabloidsuggest.com	subdl.com
1	eondunpea.com	subdl.com
0	tgpsew.com Failed	ndroip.com
188	101

This site contains links to these domains. Also see Links.

Domain
aliexpress.com
streamingsites.com
valueimpression.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-04-23` - `2022-04-22`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
eondunpea.com R3	`2021-06-30` - `2021-09-28`	3 months	crt.sh
tabloidsuggest.com R3	`2021-05-23` - `2021-08-21`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
splashforgodm.com R3	`2021-06-20` - `2021-09-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
cstwpush.com R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
in.pdvacde.com R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.bookbannershop.com GlobalSign GCC R3 DV TLS CA 2020	`2021-04-05` - `2022-05-07`	a year	crt.sh
na.nawpush.com R3	`2021-06-18` - `2021-09-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.servboost.tech GlobalSign GCC R3 DV TLS CA 2020	`2020-10-31` - `2021-12-02`	a year	crt.sh
js.wpushsdk.com R3	`2021-07-05` - `2021-10-03`	3 months	crt.sh
script.clickadilla.com R3	`2021-06-02` - `2021-08-31`	3 months	crt.sh
*.google.be GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.themoneytizer.com GoGetSSL RSA DV CA	`2021-02-14` - `2022-03-17`	a year	crt.sh
g.themoneytizer.net GoGetSSL RSA DV CA	`2019-10-16` - `2022-01-17`	2 years	crt.sh
*.sascdn.com DigiCert Secure Site ECC CA-1	`2020-10-14` - `2021-11-11`	a year	crt.sh
c.tmyzer.com R3	`2021-06-04` - `2021-09-02`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2020-09-11` - `2021-09-12`	a year	crt.sh
onetag-sys.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2021-02-02` - `2022-02-02`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
mp.4dex.io GTS CA 1D4	`2021-06-26` - `2021-09-24`	3 months	crt.sh
*.a-mo.net R3	`2021-07-16` - `2021-10-14`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.360yield.com Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
adtrack.adleadevent.com Amazon	`2021-05-17` - `2022-06-15`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
jighucme.com R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
jewhouca.net R3	`2021-06-25` - `2021-09-23`	3 months	crt.sh
in-page-push.com R3	`2021-05-22` - `2021-08-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
betgorebysson.club R3	`2021-06-30` - `2021-09-28`	3 months	crt.sh
onmarshtompor.com R3	`2021-06-05` - `2021-09-03`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
itgiblean.com R3	`2021-05-17` - `2021-08-15`	3 months	crt.sh
*.id5-sync.com R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
id.sharedid.org Amazon	`2021-01-08` - `2022-02-06`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
ads.us.e-planning.net R3	`2021-05-24` - `2021-08-22`	3 months	crt.sh
*.adnxs-simple.com GeoTrust ECC CA 2018	`2021-03-17` - `2022-03-15`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.e-planning.net R3	`2021-06-04` - `2021-09-02`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Frame ID: 83C964BABA804F7530C1738FA2E0520D
Requests: 89 HTTP requests in this frame

Frame: https://viewm.moonicorn.network/
Frame ID: 93E407220A85378A15C962539932FDF1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/zrt_lookup.html
Frame ID: 32FAA69112CFAB67C0793761C77CBCF0
Requests: 1 HTTP requests in this frame

Frame: https://27ef20d4e2cff6275a429d08a70f4c73.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 47FC909E00618251CA0669B2B8429645
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssf3baA6-YmQHmPxvwRod6uKwQ2P6s3ysUaX0Z5UBbNs0we5DsnLnxWTR1o4E3AM12Vkm2HcbshlKg6f5laNPHar-0N2kQKCeQ26_VaTo98MvLJrW1y4XeK71LFuXNC7aV22oZ3D6fu417MHALcgRmHsnyFrcAGAmpniFFZCEBFF1qaIwBK5rcGTur0ulrASzPJvwLPvnotYldO16yulPCdq-BHFZK4NL3HrzaG1cOpw41U2BKcwUi2pE4XUE4iE0KNF7KAkOmvVwVnVCZx_N85iqvVy3e94ojrhfgBMYMHd0cf-h6bd0EdFzDFI83WUOFTCneUBQ9&sai=AMfl-YTjWNGhxZDYsd599thXXMhY1QawG4PDYHPRL-uVRtYxCwyG4i7xFYcAR9zi57xKm3pzEOvG0SgaZ5pRNqWFUxceRhGAcVbuQ2dhel3GXY9UZ1Zur2Vk_b-K6aALVKPC&sig=Cg0ArKJSzIcW1rdvHfEGEAE&urlfix=1&adurl=
Frame ID: 9985EC2751CB62C9D2B96F01AB008310
Requests: 40 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1626762714005
Frame ID: EB8E66F4A86099F2D7AC834A4CF9329E
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258&cmp=0
Frame ID: BC2F7D12D98191F0F99CB88B280FBA5D
Requests: 9 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fsubdl.com%2Fs%2Fsubtitle%2Fsd16649%2Fcrayon-shin-chan-very-tasty-b-class-gourmet-survival&id=MTIZ
Frame ID: 0559161876429FB5DAAB5E604F9B7598
Requests: 1 HTTP requests in this frame

Frame: https://ads.themoneytizer.com/passback/728x90.png
Frame ID: EB734AF0CC6D1DB364D1A1B8F4F717FE
Requests: 1 HTTP requests in this frame

Frame: https://jighucme.com/77/39224/382/48757.html
Frame ID: 0FF0F6C7EB75EDFD47717B896407A2B2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 4A2A863D0DC49D07D79B4148DF0DC9BE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5EC0EB681CED7F30C17B4395ECFB4957
Requests: 1 HTTP requests in this frame

Frame: https://onmarshtompor.com/fac.php?OAID=29b6971a92614ccf8a58e3cc25c5a918&oaidts=1626762718
Frame ID: 5276A76ACAC9A95CA309BB6D9EC56A36
Requests: 2 HTTP requests in this frame

Frame: https://ipp.littlecdn.com/web/static/anime_bg.png
Frame ID: 57BCEBFDDE4AB5EF5F24042A8DD42FE4
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3E81B59F4C11E6DFB1E3E052D3E322BB
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1626762714656
Frame ID: 879E653A3A37D4880862764FB3393345
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=subdl.com&gdpr=1&gdpr_consent=
Frame ID: 8BF9321ABCA2A818D2D7A7EBE4D2C416
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 4B183A4BD017298F4F176554168EDADE
Requests: 11 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: BFA0C00791F2B31D701189B569CBC573
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: D577911E6BD5A902990F0A1F7C48767E
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: FC278384D84426B09713261387EC421E
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Frame ID: F295DAA264979345521DFEAC5D17B1CE
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 1977B6D14EEF69C9C8755A63FE5D6575
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

188
Requests

98 %
HTTPS

36 %
IPv6

79
Domains

101
Subdomains

79
IPs

10
Countries

2180 kB
Transfer

5207 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://aliexpress.com/?utm_source=1tovvlxyipihdl8ckys5gygb4&utm_medium=z0doscxhujhoiodjqtt5yjsmo&utm_campaign=40idumhpyz51wgmu9p4ungfzo&utm_content=zsnlm1lj7qn4gxvyurzdip1wc&utm_term=suxnvcakq490zngb6pigxgvev

Search URL Search Domain Scan URL

URL: https://streamingsites.com/
Title: Best Streaming Sites |

Search URL Search Domain Scan URL

URL: https://valueimpression.com/?ref=subdl.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
https://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 76

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESECHB4gBttLko-FZhREJQhbU&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESECHB4gBttLko-FZhREJQhbU&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4507632323336433206&opid=apx&ops=&utidl=tech:goo:CAESECHB4gBttLko-FZhREJQhbU&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A19186248905&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/19/7/3.gif?puid=8cef61865f418be5b40b493c5aae2805&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/101/6/4.gif?puid=5463b8d1-f52b-44a8-8b6e-7b1f5b346875&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F5%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F5%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/108/5/5.gif?puid=1c77f624-9899-4d2b-b2ae-4ead6f723dfc&gdpr=1&gdpr_consent= HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F4%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F4%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/112/4/6.gif?puid=1345A751D78768CC&gdpr=1&gdpr_consent=

Request Chain 79

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dafaa72cc-bb07-4ad8-55b6-aa7687225fd6%26reqId%3Dc09ec07a-cdbc-4a52-5d98-9e8cc72fd3de%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?adnxs_uid=4507632323336433206&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEK-OHOo8pO_i-a6V_ymbrC0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258

Request Chain 81

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dafaa72cc-bb07-4ad8-55b6-aa7687225fd6%26reqId%3Dc09ec07a-cdbc-4a52-5d98-9e8cc72fd3de%26uc%3D2%26zdid%3D1258 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dafaa72cc-bb07-4ad8-55b6-aa7687225fd6%26reqId%3Dc09ec07a-cdbc-4a52-5d98-9e8cc72fd3de%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=5e665894-4065-46fe-94fb-c76428411ff7&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258

Request Chain 82

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dafaa72cc-bb07-4ad8-55b6-aa7687225fd6%26reqId%3Dc09ec07a-cdbc-4a52-5d98-9e8cc72fd3de%26uc%3D2%26zdid%3D1258 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dafaa72cc-bb07-4ad8-55b6-aa7687225fd6%26reqId%3Dc09ec07a-cdbc-4a52-5d98-9e8cc72fd3de%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=54591668512337606484569750110498656837&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258

Request Chain 83

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=eyd%2F0RtEzYYQ3Zgcwcuolf8AivrcoE%2BU%2BS41iYitP1U%3D

Request Chain 84

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dafaa72cc-bb07-4ad8-55b6-aa7687225fd6%26reqId%3Dc09ec07a-cdbc-4a52-5d98-9e8cc72fd3de%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=184a60f6-6ddd-4c00-acbd-0944501e22fa&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258

Request Chain 87

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsubdl.com%2F&domain=subdl.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=gn2pIXx3LzFFOWJXL0Vxb3EwVDFrWUMrOU5nZzBXbEZDaFZrVTJkK0gwaFhuRno4MUp4S3JuT1ZSVTVXU04zOW0yZzRPTk85YzBoT1NLNkpBNFFRWEZTUmg3aWhvMjdUOHpOQklQcVZjUE1mM3FUZldxblNqM0tEamtkS21IRGdQbXVRRXhVOFU3UEFza1JMUzlvRVkrQ0pBNW1ieDBKK0JyNGJUWm5randkRDFlb1V6OE9Vc3pNS2JmU1B4T3VtTFhSRUR3bEdtZzdKS3RvK1A5ZUJlZllLMTRsNk5XdUlNSCt5eTJJc3JRN2RuNitVPXw&cppv=2

Request Chain 154

https://ads.us.e-planning.net/pbjs/1/2c995/1/subdl.com/ROS?rnd=0.18052219122158375&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fsubdl.com%2Fs%2Fsubtitle%2Fsd16649%2Fcrayon-shin-chan-very-tasty-b-class-gourmet-survival&pbv=5.5.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fsubdl.com%2Fs%2Fsubtitle%2Fsd16649%2Fcrayon-shin-chan-very-tasty-b-class-gourmet-survival&gdpr=1&gdprcs= HTTP 302
https://ads.us.e-planning.net/hb/1/2c995/1/subdl.com/ROS?ct=1&r=pbjs&rnd=0.18052219122158375&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fsubdl.com%2Fs%2Fsubtitle%2Fsd16649%2Fcrayon-shin-chan-very-tasty-b-class-gourmet-survival&pbv=5.5.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fsubdl.com%2Fs%2Fsubtitle%2Fsd16649%2Fcrayon-shin-chan-very-tasty-b-class-gourmet-survival&gdpr=1&gdprcs=

Request Chain 162

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D137eba2f29d1e936%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D137eba2f29d1e936%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=137eba2f29d1e936&uid=5626d4fd65c6ff2429c89742

Request Chain 164

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-f2b4a8f7-f7fc-410c-a4fa-4fb6b08e0d34

Request Chain 165

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5465053124384357311

Request Chain 166

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2852194198601922379

Request Chain 167

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3f4f0dc940c0a7fc616eda67

Request Chain 168

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP3361bd47-e924-11eb-8478-062a225b6f18 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3361bd47-e924-11eb-8478-062a225b6f18

Request Chain 169

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-nTWzwQ9E2uFEkqrqGp.2UR7Agr6rYR3zN9h0YAY-~A

Request Chain 170

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=7148528222928203353

Request Chain 171

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=b5291f7d-b935-413c-b00c-d3c03ddac871

Request Chain 172

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=76406b7d-48d0-41e7-8bf8-785f7dc7dc6f

Request Chain 176

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1

Request Chain 179

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPZt5XunUkgQeUuGCfuz2QAABIYAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPZt5XunUkgQeUuGCfuz2QAABIYAAAIB&dcc=t

Request Chain 180

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YPZt5XunUkgQeUuGCfuz2QAABIYAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YPZt5XunUkgQeUuGCfuz2QAABIYAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECPv3494st0AKcczR8LaHyk&google_cver=1

Request Chain 182

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YPZt5XunUkgQeUuGCfuz2QAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGyKE6PJzwFwM4fI9eRJlXw&google_cver=1

Request Chain 183

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YPZt5XunUkgQeUuGCfuz2QAA%261158?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YPZt5XunUkgQeUuGCfuz2QAA%261158?gdpr_consent=&us_privacy=&gdpr=1

Request Chain 185

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e855e7df-6e6c-49ff-aab1-330d190d5320

188 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request crayon-shin-chan-very-tasty-b-class-gourmet-survival Show response
subdl.com/s/subtitle/sd16649/ 141 KB
25 KB 140ms
124ms Document
text/html 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae81682ad039df7411347b89c511484b7f3d63fd41660df5b12759f2a453f11d

Request headers

:method: GET
:authority: subdl.com
:scheme: https
:path: /s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:44 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=15ff9d93af3d11475ac6d9b1f2bdcf23; path=/
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NM6qx%2Bdl%2F6yEkMkX0urMofp84l%2F7SdUvrvRgffXJuWI3GSN4m9s3jY34yiewnCyaSTcdQ2hRdoaZYJEJln8PxMOA%2FSl0uw2KR2ZsUGqW5Lv3WI3DQU3l%2FH2GzwV1ymILfguOoG9KK7s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 671a25f6d96b2bd2-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 2 KB
632 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 05:24:28 GMT
server: ESF
date: Tue, 20 Jul 2021 06:31:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Jul 2021 06:31:44 GMT

GET
H3-29 200 style.css
subdl.com/css/ 11 KB
3 KB 31ms
19ms Stylesheet
text/css 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subdl.com/css/style.css
Requested by: Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc7d71e7d5d945325845bb111de15e91913c771d8ec2903a6d88031151c21c77

Request headers

:path: /css/style.css
pragma: no-cache
cookie: PHPSESSID=15ff9d93af3d11475ac6d9b1f2bdcf23
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: subdl.com
referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3572
cf-polished: origSize=16938
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sat, 30 May 2020 18:34:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNJqFjteBMq%2FBzvSGI4YfvTxToqB%2BtVbcPDKnl%2FMXaPFCk8M%2FwbUgbM0qSsoHvSDSEGKgQFQMQDnoqsAJ659cZo5xs373OFxlzOVyXdYTW5EVoYc%2BK5jZ3fYlAPiFrSYYkJQ95vQJHY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=432000
cf-ray: 671a25f7bfb34a8c-FRA
cf-bgj: minify

GET
H3-29 200 style2.css
subdl.com/css/ 3 KB
2 KB 34ms
22ms Stylesheet
text/css 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subdl.com/css/style2.css
Requested by: Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87c3dc773b6a3cd4db0a619c65ce20a8048528dd76de853f48a540c413f80c07

Request headers

:path: /css/style2.css
pragma: no-cache
cookie: PHPSESSID=15ff9d93af3d11475ac6d9b1f2bdcf23
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: subdl.com
referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3572
cf-polished: origSize=4723
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 05 Nov 2018 18:29:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGHTjAmXTRxX8f3%2FMW2CMe8zMOPxLb1THIsljtUoi88%2FSqHO1UcINzO2Gt6boGnuaLwdT3IB%2BD%2FeneXkSzKAjAO9%2BDBkxxtEgouiHCC4OhnhxGJlinyQ2JB1UO90OIjmygWa%2BPCvM10%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=432000
cf-ray: 671a25f7bfbb4a8c-FRA
cf-bgj: minify

GET
H3-29 200 style3.css
subdl.com/css/ 1 KB
1018 B 26ms
14ms Stylesheet
text/css 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subdl.com/css/style3.css
Requested by: Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 516ca39b8754cb5dd66a16ccb86f904fcf4fb39686a4c87a19329195d01b3a30

Request headers

:path: /css/style3.css
pragma: no-cache
cookie: PHPSESSID=15ff9d93af3d11475ac6d9b1f2bdcf23
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: subdl.com
referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 995
cf-polished: origSize=1733
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 06 Dec 2018 13:55:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38r51bLuVHRpxfMJyiJn%2F%2FPjbZqnsgm5loPo0WGwL5%2BdNy6oJ1HUluw4TRsbQrKLgPI%2BWtw%2FRvudLj04Dlw4fGqrKwyEY7wRdiZ%2FCbHLZ5%2FxOOojLgDA5ijsuTCau7yxxSORGqfIRHU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=432000
cf-ray: 671a25f7bfba4a8c-FRA
cf-bgj: minify

GET
H/1.1 200
OK 16809 Show response
eondunpea.com/1clkn/ 0
1 KB 90ms
25ms Script
application/javascript 172.255.6.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://eondunpea.com/1clkn/16809

Requested by

Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

172.255.6.115 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 06:31:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=1
Keep-Alive: timeout=20

GET
H3-29 200 api.js Show response
subdl.com/cdn-cgi/bm/cv/669835187/ 35 KB
10 KB 26ms
15ms Script
text/javascript 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://subdl.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/bm/cv/669835187/api.js
pragma: no-cache
cookie: PHPSESSID=15ff9d93af3d11475ac6d9b1f2bdcf23
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: subdl.com
referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHSGY8WMdELs3mVZBS5UmWdHtUa0sjoypytwpVCe7goJA67Bv93QV72HFWgQSbfd%2BwStKjyz3s5ec06fZy%2B49MPh80hfOo%2FFwEmWQeKDINtqraK8pzpp12T8mr%2BqvEK4vxd1kagVUDE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 671a25f7bfc24a8c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b64360ed700004a8c6ab02000000001

GET
H3-29 200 dots.svg
subdl.com/images/ 816 B
926 B 32ms
22ms Image
image/svg+xml 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subdl.com/images/dots.svg
Requested by: Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79128d82f7e974b8b7a7837efe69cf291fb863ee14c352bce1564d22a249ea7d

Request headers

:path: /images/dots.svg
pragma: no-cache
cookie: PHPSESSID=15ff9d93af3d11475ac6d9b1f2bdcf23
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: subdl.com
referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Dec 2018 14:16:04 GMT
server: cloudflare
age: 3532
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUXz6oFD7lBx8m4SKi41ef1ntNlvcuIC6qvPWxmyzauRw4Ci86vZSpeeKLYMx6mOq4fZa3X0AVvpp1%2FFoSRYfO6n3lPOf4LpKWh0%2BeQxUWPt%2Bz8WzzDvhmKaMzsxvFOBiNRhexdr9Tg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=432000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 671a25f7bfbe4a8c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 header_logo.png
subdl.com/images/ 4 KB
4 KB 24ms
14ms Image
image/png 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subdl.com/images/header_logo.png
Requested by: Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3540c12b0002f18e4625e209ffc599cfc484a6749cf9ebc5af653075720d887

Request headers

:path: /images/header_logo.png
pragma: no-cache
cookie: PHPSESSID=15ff9d93af3d11475ac6d9b1f2bdcf23
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: subdl.com
referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:44 GMT
cf-cache-status: HIT
last-modified: Fri, 26 Sep 2014 18:32:08 GMT
server: cloudflare
age: 3031
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nfihg0jxWxbZ3%2B8%2FVNTeqx0OAeo6J%2FFL4LU%2B5RdCnx3eSj0Kx8N4jpP8uTuyqdfaf7eXEsXBnW8%2Be%2BzajeJLqQdYuU6ef5m6Ntaoog4cJYNZmjF9AJX4VE3PC%2FOsr4WEE1laYHWidzk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=432000
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 671a25f7bfae4a8c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3826

GET
H3-29 200 sd16649.jpg
subdl.com/p/sd16/ 21 KB
21 KB 109ms
99ms Image
image/jpeg 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subdl.com/p/sd16/sd16649.jpg
Requested by: Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d214fff5feb960756e38628aec462cec6d840a3744cb976acdb6eb68d9c3a26c

Request headers

:path: /p/sd16/sd16649.jpg
pragma: no-cache
cookie: PHPSESSID=15ff9d93af3d11475ac6d9b1f2bdcf23
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: subdl.com
referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:44 GMT
cf-cache-status: MISS
last-modified: Sat, 11 May 2019 15:49:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1t8dN18of%2BOnxDj7rw3kmVYYf1A7TC6Th0aVK90xc4KYMurBZM5oZj3GuTh70kueg5FM1fLE5rkIUB00%2FRxV7twmHasrn40FLoChlkpB7Tapk4V5JomN7nY%2BZ4RUMK9KJZP5wdXHEyQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 671a25f7bfc14a8c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 21223

GET
H2 403 invoke.js
tabloidsuggest.com/ff4e152ba35c805d36f97812400789f7/ 0
0 441ms
102ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tabloidsuggest.com/ff4e152ba35c805d36f97812400789f7/invoke.js
Requested by: Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Jul 2021 06:31:44 GMT
server: nginx/1.17.9
content-type: application/javascript
content-length: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 27ms
9ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0b64360edc00004ed901b1b000000001
last-modified: Tue, 13 Jul 2021 12:14:54 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60ed83be-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2oZNpYR%2B4JkScHwZFoODh7N%2BXmgFOw1C%2Bj3FCgDCQ368yDi%2FSJfcEnH7P%2Bp8%2BaJRklDKmHdd4LLYRyxddSZw35529B4dLqLMiSC66%2BU3sL6ztYnF%2F2QrNwDH7WZYh%2B%2FiAJwbtSCeeo7JZV6oQxx2Vyc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 671a25f7ca464ed9-FRA
expires: Thu, 22 Jul 2021 06:31:44 GMT

GET
H2 200 code.js Show response
splashforgodm.com/lv/esnk/1837461/ 98 KB
41 KB 91ms
36ms Script
application/javascript 109.206.162.83
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://splashforgodm.com/lv/esnk/1837461/code.js
Requested by: Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 83.162.serverel.net
Software: nginx /
Resource Hash: ec1d0dcf5283896671dfa61c998d05fec60bb0b166a9d13c376f9b59d2843c3a

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:44 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 13:58:40 GMT
server: nginx
etag: W/"60bf7790-1867b"
vary: Accept-Encoding
content-type: application/javascript
timing-allow-origin: *

GET
H3-29 200 StreamingSites.png
subdl.com/images/ 594 B
1 KB 13ms
13ms Image
image/png 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subdl.com/images/StreamingSites.png
Requested by: Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9ce2fa8bb72095774c5bae58dbaadce9997155424f273e7fe8defb902883e59

Request headers

:path: /images/StreamingSites.png
pragma: no-cache
cookie: PHPSESSID=15ff9d93af3d11475ac6d9b1f2bdcf23
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: subdl.com
referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:44 GMT
cf-cache-status: HIT
last-modified: Thu, 28 May 2020 08:34:15 GMT
server: cloudflare
age: 3442
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zSTVB5%2FwF4lVLvi%2FfbELNqeDeNcNF%2BWgpzAJJTwRgRGEfMLF9cn%2FPGQIbO5%2B7PiDTjrPAH1m0kWs5Gny713oSv5mBXsbc4cdthMnoQ%2FjxaW0SpC9ZODNcxMqqYwoUD7t8KD4QN2MIHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=432000
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 671a25f7cfe74a8c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 594

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 29ms
13ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:44 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 17:24:20 GMT
server: cloudflare
etag: W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 671a25f7e8794db8-FRA

GET
H3-29 200 css
fonts.googleapis.com/ 2 KB
546 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: subdl.com
URL: https://subdl.com/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 04:33:20 GMT
server: ESF
date: Tue, 20 Jul 2021 06:31:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Jul 2021 06:31:44 GMT

GET
H3-29 200 jquery-2.1.0.min.js Show response
subdl.com/js/ 82 KB
30 KB 15ms
14ms Script
application/javascript 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subdl.com/js/jquery-2.1.0.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Request headers

:path: /js/jquery-2.1.0.min.js
pragma: no-cache
cookie: PHPSESSID=15ff9d93af3d11475ac6d9b1f2bdcf23
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: subdl.com
referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 23 Mar 2014 16:08:56 GMT
server: cloudflare
age: 3571
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EREbGxUzt1aMxC%2FSu9sjPlrnTXUvNiVvf5ylHWMnp0WTPBCkWsI%2FLbAGGnJGqUW%2F7LRV3ySHMzgwX2u7Qg83U4VAcxmmmbblLJ6KhtSXmV3aMc9iUMTU%2Bcu344EX8LJaFyadHcH6N%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=432000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 671a25f808564a8c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 crayon-shin-chan-very-tasty-b-class-gourmet-survival
subdl.com/s/subtitle/sd16649/ 14 KB
14 KB 115ms
115ms Image
text/html 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Requested by: Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
pragma: no-cache
cookie: PHPSESSID=15ff9d93af3d11475ac6d9b1f2bdcf23
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: subdl.com
referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 06:31:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QISs8MRibZUsBtGnlE4yI4vdQIwwVJuRAryoDqZK0gagjfUcxuZUUuzEQs%2BtH2SAoAu%2BKOaYK%2Bcx2ofj4i4gpUh1mF3FXj9Sbt9O4Ax%2B4Q3aNL3qYJzWoYmY%2FuPPZWWZ5TQZ7IBRKcw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 671a25f808594a8c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://subdl.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 18:26:10 GMT
x-content-type-options: nosniff
age: 43534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 18:26:10 GMT

GET
H3-29 200 search.png
subdl.com/images/ 3 KB
4 KB 28ms
28ms Image
image/png 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subdl.com/images/search.png
Requested by: Host: subdl.com
URL: https://subdl.com/css/style.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b319959359eed631e2da73311f8d977a108860f3aa5b6788cd82e7889b13be3

Request headers

:path: /images/search.png
pragma: no-cache
cookie: PHPSESSID=15ff9d93af3d11475ac6d9b1f2bdcf23
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: subdl.com
referer: https://subdl.com/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:44 GMT
cf-cache-status: HIT
last-modified: Thu, 25 Sep 2014 01:47:06 GMT
server: cloudflare
age: 3512
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AFOUtQa6Qlb35ydDBn88vjBH5N2Icy6dtzkuvnpTRI6%2F7EgFqopp0Ut%2BgEjDOSYdAiNuA6y1GBq9MOubdil3JZSR15ln4KEiOn21Z4CpYs6xtox%2BVw9uRNg9gbPUa0lheDLqAk1vIA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=432000
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 671a25f828ad4a8c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3069

GET
H3-29 200 down-arrow.png
subdl.com/images/ 598 B
1 KB 28ms
27ms Image
image/png 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subdl.com/images/down-arrow.png
Requested by: Host: subdl.com
URL: https://subdl.com/css/style2.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8344578acdfa3416efadcead0495371ec1c56376d47444452ce3e032cf81b496

Request headers

:path: /images/down-arrow.png
pragma: no-cache
cookie: PHPSESSID=15ff9d93af3d11475ac6d9b1f2bdcf23
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: subdl.com
referer: https://subdl.com/css/style2.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/css/style2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:44 GMT
cf-cache-status: HIT
last-modified: Wed, 15 Aug 2018 11:27:18 GMT
server: cloudflare
age: 973
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2B%2FxXqWR0tmdo515pXMgiRigWOstRosxVV4Vf%2BI10TpEFGWjYk1QmwDSKYzJwqbdRInVk8cu8%2BUtv8teMJ35zc6HvnyzZVeSNMOogEFUlvKerAnr5GjeBvwmpqpD5kFaPqkmeBKLdrk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=432000
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 671a25f828ae4a8c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 598

GET
H3-29 200 file.svg
subdl.com/images/ 2 KB
1 KB 28ms
27ms Image
image/svg+xml 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subdl.com/images/file.svg
Requested by: Host: subdl.com
URL: https://subdl.com/css/style2.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be9217659e6c290e433ee9f204882ab2adec018e31b18047c538e5d040ab3999

Request headers

:path: /images/file.svg
pragma: no-cache
cookie: PHPSESSID=15ff9d93af3d11475ac6d9b1f2bdcf23
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: subdl.com
referer: https://subdl.com/css/style2.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/css/style2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 06:35:01 GMT
server: cloudflare
age: 973
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bd2dAe9%2B30wDM7BhuWR3hyjYyhmKSWeMveO2Y7bEQEwuDF6NAmpPCnTeiAH%2FvlMYCcAgcZKsX9iGNti75SaeahVxFtJkN3t5yEFe5jibhdQ%2FQ9BGn3ai9a3u1iB4aQrCAMZGrMd0pw4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=432000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 671a25f828b04a8c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 16ms
13ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://subdl.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 43520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 18:26:24 GMT

GET
H3-29 200 main.js Show response
subdl.com/js/ 2 KB
1 KB 18ms
17ms Script
application/javascript 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subdl.com/js/main.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b75db0e5722775eab0dd769853b3db1f5da999aaabbb8b30bb9fb69e2bfd2cf

Request headers

:path: /js/main.js
pragma: no-cache
cookie: PHPSESSID=15ff9d93af3d11475ac6d9b1f2bdcf23
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: subdl.com
referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 May 2020 07:37:34 GMT
server: cloudflare
age: 3570
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hK9bUX%2F06HYEp%2BmLZ3Lpp3JtsEghgz%2FCVRTwUlKIIjH4S2O0wokBauH4tGLk8gZkf35vlUziugLW0QbVLzWw1QWAdJkJnBvInikCgfBxFwT2zXzDFfScmMuOkeU%2Fn66NN56Oprsi0X4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=432000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 671a25f848e64a8c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-57662958-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cc6799e5d7a80f65dbcf0d769767c90f0bcc1d71c22d8784695552494e6496b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39719
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Jul 2021 06:31:44 GMT

GET
H3-29 200 language_filter.js Show response
subdl.com/js/ 3 KB
1 KB 16ms
16ms Script
application/javascript 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subdl.com/js/language_filter.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4eb63fdc7730a350373555327d3cc2ce80e133a98f80ab3e96a0c489c267aaf5

Request headers

:path: /js/language_filter.js
pragma: no-cache
cookie: PHPSESSID=15ff9d93af3d11475ac6d9b1f2bdcf23
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: subdl.com
referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Mar 2019 17:17:50 GMT
server: cloudflare
age: 3509
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2P8CrzlE1CHqPJ02Lxewa9ySyBeyv%2BC2uIr4qVF1my1j1V2q0%2BBBdJcSn7xha1Lm%2BMHAOZY7BKVinS6RWXSP7HrOkcxDBiJmOrvQNxl1Mj85YBN4Nj3QbN84aezm%2B%2BZWw1mTLLIwF2M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=432000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 671a25f8691d4a8c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK adManager.js Show response
cst.cstwpush.com/static/ 59 KB
60 KB 90ms
21ms Script
text/plain 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cst.cstwpush.com/static/adManager.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

a33f0dff45ec00a74d89c8c07a2dd118b32b6e09e76f1286a0496fa3f7a50a9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 06:31:44 GMT
Connection: Keep-Alive
Last-Modified: Mon, 05 Jul 2021 13:26:07 GMT
x-amz-meta-s3cmd-attrs: atime:1625491551/ctime:1625491551/gid:0/gname:root/md5:5de93a180df83ffef4bb6a1b8e4202e7/mode:33188/mtime:1625490829/uid:0/uname:root
x-amz-request-id: tx00000000000000130c7f9-0060f66a92-14427cb1-fra1a
etag: "5de93a180df83ffef4bb6a1b8e4202e7"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1626762704.dop218.fr8.t,1626762704.cds215.fr8.shn,1626762704.cds215.fr8.c
Content-Type: text/plain
Cache-Control: max-age=2778
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 60430

GET
H2 200 / Show response
in.pdvacde.com/wcm/ 0
299 B 1217ms
792ms Script
application/octet-stream 88.208.30.231
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://in.pdvacde.com/wcm/?sh=subdl.com&sth=4d7c9a65b3874352ffe505ccda8eb429&m=3b35fe4a7241880dbd41afadfb4776be&sid=382_507799_610152542&stime=287.20&rand=0.861731619267776
Requested by: Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.208.30.231 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 06:31:45 GMT
content-type: application/octet-stream
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
p3p: CP="NON DSP COR CURa TIA"
x-msr: TRUE
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 71 KB
25 KB 87ms
31ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

203f37686b0290ad3792762df30851c1804f3cfacebf7c8dba0e1d822c470552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "935 / 179 of 1000 / last-modified: 1626732643"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24913
x-xss-protection: 0
expires: Tue, 20 Jul 2021 06:31:44 GMT

GET
H2 200 waWQiOjEwNjI4ODEsInNpZCI6MTA2NzU2MSwid2lkIjoxMzg5NDMsInNyYyI6Mn0=eyJ.js Show response
ndroip.com/na/ 71 KB
27 KB 40ms
17ms Script
application/javascript 2606:4700:3033::6815:17a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ndroip.com/na/waWQiOjEwNjI4ODEsInNpZCI6MTA2NzU2MSwid2lkIjoxMzg5NDMsInNyYyI6Mn0=eyJ.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:17a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c5cbaece85077a77bb3a0d8fb29ff1c868baa3c115cac8a608ffe56147cf991

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
e-tag: 50721b09cfa1f789f3c99f3ddf8e6f95
age: 2085
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYaTcxKc8uF8m2IMeVBlB%2FbtoDVIZBjzPspLl2JWuuQMW4Z0yxtKQOPYddwsvBrqW8uMm9VF3YyMamlz5OGVlLH%2F4hL4sXOsNqj%2BEA8WzC6FxvUfoWq2oxQmj6OFIHPS1v4a7TzXbjZZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://subdl.com
cache-control: public, max-age=14400, proxy-revalidate
cf-ray: 671a25f8b9d14db8-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 bannermt3kz45w4ks998ec7386.js Show response
bookbannershop.com/ 4 KB
2 KB 189ms
43ms Script
application/javascript 2a00:f940:2:2:1:1:0:250
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://bookbannershop.com/bannermt3kz45w4ks998ec7386.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:1:0:250 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: e969b16f254575e7eb4aa63ee6a603921a8e23e96e462036339eb4324a7c326f

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 20 Jul 2021 06:31:44 GMT
content-encoding: gzip
last-modified: Tue, 06 Apr 2021 10:42:21 GMT
server: nginx
etag: W/"606c3b0d-e8e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3888000
expires: Fri, 03 Sep 2021 06:31:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-57662958-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 1466
date: Tue, 20 Jul 2021 06:07:18 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Tue, 20 Jul 2021 08:07:18 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1539170367&t=pageview&_s=1&dl=https%3A%2F%2Fsubdl.com%2Fs%2Fsubtitle%2Fsd16649%2Fcrayon-shin-chan-very-tasty-b-class-gourmet-survival&ul=en-us&de=UTF-8&dt=Crayon%20Shin-chan%3A%20Very%20Tasty!%20B-class%20Gourmet%20Survival!!%20(2013)%20Subtitles%20-%20SUBDL&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=185711320&gjid=1339646270&cid=2077308503.1626762705&tid=UA-57662958-1&_gid=1066501493.1626762705&_r=1&gtm=2ou7j0&z=1864994344

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 06:31:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://subdl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ntload
tgpsew.com/ 0
0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
121 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-57662958-1&cid=2077308503.1626762705&jid=185711320&gjid=1339646270&_gid=1066501493.1626762705&_u=YEBAAUAAAAAAAC~&z=1637514058

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 20 Jul 2021 06:31:44 GMT
content-type: text/plain
access-control-allow-origin: https://subdl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4964 Show response
na.nawpush.com/tags/ 997 B
578 B 67ms
18ms XHR
application/json 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/4964
Requested by: Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 35a671251bc18f004d16b56f0e64464e9c9f5954b6da83af275d66a7c536d2ed

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Jul 2021 06:31:44 GMT
cache-control: max-age=300, public
content-type: application/json
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 46ms
24ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79aa2ea675fee615ed72d18532ada370afa3486a35a0d3e367c81dbbc679ab4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48349
x-xss-protection: 0
server: cafe
etag: 2378802026447261366
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Jul 2021 06:31:44 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
257 B 19ms
18ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-57662958-1&cid=2077308503.1626762705&jid=185711320&_u=YEBAAUAAAAAAAC~&z=583639065

Requested by

Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 06:31:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 36ms
16ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-57662958-1&cid=2077308503.1626762705&jid=185711320&_u=YEBAAUAAAAAAAC~&z=583639065

Requested by

Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 06:31:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 pubads_impl_2021071901.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
115 KB 62ms
31ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

41a1857e679cc8f0d48f2a256c2f2d712990396469a662c994e77fa09fc4e210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Jul 2021 08:40:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117201
x-xss-protection: 0
expires: Tue, 20 Jul 2021 06:31:44 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 28 B
68 B 61ms
31ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=subdl.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

4af6759404ba54893cfb1b44d50c34f647b4c3746ee6d4152d63279530508ce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 06:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44
x-xss-protection: 0
expires: Tue, 20 Jul 2021 06:31:44 GMT

GET
H3-29 200 / Show response
subdl.com/ 15 KB
4 KB 116ms
115ms Script
text/html 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subdl.com/
Requested by: Host: ndroip.com
URL: https://ndroip.com/na/waWQiOjEwNjI4ODEsInNpZCI6MTA2NzU2MSwid2lkIjoxMzg5NDMsInNyYyI6Mn0=eyJ.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e619814571ed766753a2d70e2cd4b3f0e2f5548bba2f464af4bcdf747ecf36d5

Request headers

:path: /
pragma: no-cache
cookie: PHPSESSID=15ff9d93af3d11475ac6d9b1f2bdcf23; _ga=GA1.2.2077308503.1626762705; _gid=GA1.2.1066501493.1626762705; _gat_gtag_UA_57662958_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: subdl.com
referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 06:31:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUyJGCkxk2Sm7WMTArp17QfOkmfnDZuXqIpUoil8pUZ8cB0XdCCYlzfmxtR2aGMztdqLlo99TfR1BIjriwz%2Be0yjd4l2uYhFqELwurFI2BkkNgj%2FuMQKHIEYJXnvpy3BVinpRnrMT4s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 671a25fabd574a8c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 analytics_ads Show response
servboost.tech/api/data/ 106 B
162 B 142ms
141ms XHR
application/json 194.58.108.104
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://servboost.tech/api/data/analytics_ads
Requested by: Host: bookbannershop.com
URL: https://bookbannershop.com/bannermt3kz45w4ks998ec7386.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.58.108.104 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: 194-58-108-104.xs.vps.regruhosting.ru
Software: Kestrel / ASP.NET
Resource Hash: 54ea784269cd544f79e53db0368e3f64ea0fcbef0ef60433c319d08a42257955

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 20 Jul 2021 06:31:44 GMT
server: Kestrel
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8

GET
H2 200 / Show response
viewm.moonicorn.network/ Frame 93E4 426 B
836 B 44ms
26ms Document
text/html 2606:4700::6813:e85e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://viewm.moonicorn.network/
Requested by: Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:e85e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4715e61ef23364459fd94f0926699f194a21f53484a926acf3762720841380f0

Request headers

:method: GET
:authority: viewm.moonicorn.network
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://subdl.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://subdl.com/

Response headers

date: Tue, 20 Jul 2021 06:31:45 GMT
content-type: text/html; charset=utf-8
last-modified: Mon, 08 Feb 2021 10:35:10 GMT
access-control-allow-origin: *
expires: Tue, 08 Jun 2021 23:55:11 GMT
cache-control: max-age=600
x-proxy-cache: HIT
x-github-request-id: F848:9328:3BAAB:45BD0:60C0028C
via: 1.1 varnish
age: 306
x-served-by: cache-fra19170-FRA
x-cache: HIT
x-cache-hits: 68
x-timer: S1626762705.117227,VS0,VE0
vary: Accept-Encoding
x-fastly-request-id: ae92d5b99a82dcae64939de54153d63129d2ada8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 671a25faddc22c52-FRA
content-encoding: gzip

OPTIONS
H2 204 analytics_ads
servboost.tech/api/data/ Frame 0
0 191ms
60ms Preflight 194.58.108.104
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://servboost.tech/api/data/analytics_ads
Protocol: H2
Server: 194.58.108.104 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: 194-58-108-104.xs.vps.regruhosting.ru
Software: Kestrel / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://subdl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Kestrel
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
x-powered-by: ASP.NET
date: Tue, 20 Jul 2021 06:31:44 GMT

GET
H3-29 200 stats.js Show response
subdl.com/js/ 602 B
844 B 14ms
13ms Script
application/javascript 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subdl.com/js/stats.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 664e375a7c6ca8d749dd3aa12d9ad7dd1cc6429b3ff4e28f4e0e6730d21faa8b

Request headers

:path: /js/stats.js
pragma: no-cache
cookie: PHPSESSID=15ff9d93af3d11475ac6d9b1f2bdcf23; _ga=GA1.2.2077308503.1626762705; _gid=GA1.2.1066501493.1626762705; _gat_gtag_UA_57662958_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: subdl.com
referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 May 2019 06:04:20 GMT
server: cloudflare
age: 3726
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RtGxJ4YI%2BPL5upJTby2WSbJG8HUa3MAtPXJ36hGN5s8bfpAXWJyt6x6DP1Pb0%2F%2BeYtZkYbY1FQhowM2EnJSWY2ehFQ8vyiroM16kbEl7Bo11jEH1qtWJBd%2BAbmDMOskuWqByLyZfWxU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=432000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 671a25fb7ea54a8c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 ads.js Show response
subdl.com/js/ 22 B
574 B 14ms
14ms Script
application/javascript 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subdl.com/js/ads.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac

Request headers

:path: /js/ads.js
pragma: no-cache
cookie: PHPSESSID=15ff9d93af3d11475ac6d9b1f2bdcf23; _ga=GA1.2.2077308503.1626762705; _gid=GA1.2.1066501493.1626762705; _gat_gtag_UA_57662958_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: subdl.com
referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:45 GMT
cf-cache-status: HIT
last-modified: Fri, 10 May 2019 01:29:57 GMT
server: cloudflare
age: 3726
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGM9Z735muuB%2BZKGx2ni59GteGJ7L%2FJLQO9iWSfNiLElI%2Be4sKEyeJGfmtVn8B1YX8Wxh4qCl7LQAEwVqTDxzd1T0hiR%2Fjc%2BEtBGlzMWuy0VJCtBtGbgMwWI4gYr4ty5T5CuwnfeGN0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=432000
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 671a25fb7ea84a8c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 22

GET
H2 200 / Show response
services.vlitag.com/adv1/ 933 B
1 KB 157ms
140ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/adv1/?q=a38e0e0ce56e7c0101eaca269533bc36

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85f3f84f5e29d36213fe0d7b714f1533b21b9b70791b0c129f75df31ee6b521b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 06:31:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 20 Jul 2021 06:31:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y9zptDS2Bicwb7vZJLPdPsST8g%2F90hfLby00%2FHtS0TA8DaptJPz2atnmH%2FF0bMdmR6H2%2Fj%2Bru5liHV3lvHxVEUdXxR7zvLI%2BvclSKN14B6xZHt9ZSuqOSam5qCsW1SehGD7y%2BW0IoyxcJhlS2yjkQX4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 671a25fb8d1216ee-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/ Frame 32FA 10 KB
5 KB 25ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210712/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://subdl.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://subdl.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 20 Jul 2021 03:29:55 GMT
expires: Tue, 03 Aug 2021 03:29:55 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 10910
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 csub.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 6 KB
3 KB 58ms
18ms Script
application/javascript 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by: Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.16.1 / PHP/7.1.28
Resource Hash: 11995232de4f3d1a0e964186801525fb5d85f20e4e47bc98338648d14520e5e4

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:45 GMT
content-encoding: gzip
server: nginx/1.16.1
x-powered-by: PHP/7.1.28
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 20 Jul 2021 07:31:45 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 build.js Show response
script.clickadilla.com/banner-admanager/ 43 KB
44 KB 70ms
24ms Script
application/javascript 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://script.clickadilla.com/banner-admanager/build.js
Requested by: Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 068691e9b48173f74bf194cf9aa42b9afc1ca76c22b995d697930dee2d24bc7a

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:45 GMT
last-modified: Tue, 25 May 2021 16:22:58 GMT
server: nginx/1.12.2
etag: "60ad2462-ad85"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 44421
x-proxy-cache: HIT

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ 107 B
853 B 40ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=subdl.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 06:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 36ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=subdl.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 06:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 61ms
60ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3066389922553755&correlator=2873493355181523&output=ldjh&impl=fif&eid=31061650%2C31061849%2C31061842%2C20211866&vrg=2021071901&ptt=17&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=21673142571%2C261__subdl.com__default__728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1626762705&dt=1626762705255&dlt=1626762704584&idt=646&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=515&adks=3211196447&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsubdl.com%2Fs%2Fsubtitle%2Fsd16649%2Fcrayon-shin-chan-very-tasty-b-class-gourmet-survival&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=2077308503.1626762705&ga_sid=1626762705&ga_hid=1539170367&ga_fc=false&fws=4&ohw=940&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

4ddf42e6c72f3fa54bd96c776a9d3ddfe96a1d602595bb6dc01800c870b2379d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4465
x-xss-protection: 0
google-lineitem-id: 5723164767
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138353892649
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://subdl.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
27ef20d4e2cff6275a429d08a70f4c73.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 47FC 6 KB
3 KB 59ms
13ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://27ef20d4e2cff6275a429d08a70f4c73.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 27ef20d4e2cff6275a429d08a70f4c73.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://subdl.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://subdl.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 20 Jul 2021 06:31:45 GMT
expires: Wed, 20 Jul 2022 06:31:45 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 main.js Show response
viewm.moonicorn.network/ Frame 93E4 58 KB
17 KB 24ms
24ms Script
application/javascript 2606:4700::6813:e85e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://viewm.moonicorn.network/main.js?t=1612780491217
Requested by: Host: viewm.moonicorn.network
URL: https://viewm.moonicorn.network/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:e85e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aaa4cfd17d329d412e6f209d8c8ffa82ae43400e51d21ea6c3f3f2224d395bd

Request headers

Origin: https://viewm.moonicorn.network
Referer: https://viewm.moonicorn.network/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: f9a0a89a9a0ae36150f04b77e7a2975ac77ab00d
date: Tue, 20 Jul 2021 06:31:45 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 110
x-cache: HIT
x-cache-hits: 1
content-length: 17560
x-served-by: cache-fra19121-FRA
access-control-allow-origin: *
last-modified: Mon, 08 Feb 2021 10:35:10 GMT
server: cloudflare
x-github-request-id: 4ECC:D5FF:F9477:1027E8:6065CCD2
x-timer: S1617284361.865077,VS0,VE1
etag: W/"602113de-e9d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 671a25fbffe82c52-FRA
x-proxy-cache: MISS
expires: Tue, 20 Jul 2021 10:31:45 GMT

POST
H3-29 204 result Show response
subdl.com/cdn-cgi/bm/cv/ 0
762 B 9ms
9ms XHR
text/plain 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subdl.com/cdn-cgi/bm/cv/result?req_id=671a25f6d96b2bd2
Requested by: Host: subdl.com
URL: https://subdl.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
origin: https://subdl.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: PHPSESSID=15ff9d93af3d11475ac6d9b1f2bdcf23; _ga=GA1.2.2077308503.1626762705; _gid=GA1.2.1066501493.1626762705; _gat_gtag_UA_57662958_1=1
content-length: 508
:path: /cdn-cgi/bm/cv/result?req_id=671a25f6d96b2bd2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: subdl.com
referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Jul 2021 06:31:45 GMT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UH6pspKiRvf%2FYPlD2ei2E9VeXXzq5GV%2BPlt0qe0dTyHS0rnHcxEJ%2B7Puf2%2FxO%2BOxAxllaIwtaHawCeJcCvrSGtckNi6EJVdxPFAcZoPnHk8o4Ka27w%2ByBzH9B4bjNic6grEFvvSLewg%3D"}],"group":"cf-nel","max_age":604800}
set-cookie: __cf_bm=7b1102da0fc9cc94d630cc182d0600849c1f2753-1626762705-1800-AX2ume9ZYCqjeJiL0l+U6G4UmPTKK40r9LMYkCgCruK//MnAT0LwltcW4vNfp7bNBE9ft64rdJhmp/eoymPJUDlgDsVvXJpeUDdctgsJdrIWi2rTo4JmzD1kEfcDwTeeojC3XrvacoUQAEArcgvhuSg=; path=/; expires=Tue, 20-Jul-21 07:01:45 GMT; domain=.subdl.com; HttpOnly; Secure; SameSite=None
cf-ray: 671a25fc68634a8c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b643611c400004a8c5bbe2000000001

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9985 0
0 34ms
34ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssf3baA6-YmQHmPxvwRod6uKwQ2P6s3ysUaX0Z5UBbNs0we5DsnLnxWTR1o4E3AM12Vkm2HcbshlKg6f5laNPHar-0N2kQKCeQ26_VaTo98MvLJrW1y4XeK71LFuXNC7aV22oZ3D6fu417MHALcgRmHsnyFrcAGAmpniFFZCEBFF1qaIwBK5rcGTur0ulrASzPJvwLPvnotYldO16yulPCdq-BHFZK4NL3HrzaG1cOpw41U2BKcwUi2pE4XUE4iE0KNF7KAkOmvVwVnVCZx_N85iqvVy3e94ojrhfgBMYMHd0cf-h6bd0EdFzDFI83WUOFTCneUBQ9&sai=AMfl-YTjWNGhxZDYsd599thXXMhY1QawG4PDYHPRL-uVRtYxCwyG4i7xFYcAR9zi57xKm3pzEOvG0SgaZ5pRNqWFUxceRhGAcVbuQ2dhel3GXY9UZ1Zur2Vk_b-K6aALVKPC&sig=Cg0ArKJSzIcW1rdvHfEGEAE&urlfix=1&adurl=

Requested by

Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 06:31:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 20 Jul 2021 06:31:45 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ Frame 9985 4 KB
2 KB 62ms
20ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: b780c05b9b8e1f7acff640ef794ca777ffa43e5d4354a84eebf3dd98975f8675

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:45 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2127
expires: Wed, 21 Jul 2021 06:30:59 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ Frame 9985 75 KB
13 KB 8635ms
8592ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=80323&formatId=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 9ff436fab49df92696f967740c5e06e9d3c23f81d8224d2c8056c718fcb5671f

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:53 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
accept-ranges: bytes
expires: Wed, 21 Jul 2021 06:31:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9985 124 KB
38 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:45 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 06:31:45 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 38ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:45 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434913869424"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28061
x-xss-protection: 0
expires: Tue, 20 Jul 2021 06:31:45 GMT

GET
H2 200 300250.js Show response
bookbannershop.com/ 3 KB
1 KB 44ms
43ms Script
application/javascript 2a00:f940:2:2:1:1:0:250
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://bookbannershop.com/300250.js
Requested by: Host: bookbannershop.com
URL: https://bookbannershop.com/bannermt3kz45w4ks998ec7386.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:1:0:250 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6effce255d7f2979735f1bf309576400a04124d7f45d98e30b9348f3dbae3e34

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:45 GMT
content-encoding: gzip
last-modified: Tue, 06 Apr 2021 10:42:18 GMT
server: nginx
etag: W/"606c3b0a-a78"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3888000
expires: Fri, 03 Sep 2021 06:31:45 GMT

GET
H/1.1 200
OK / Show response
g.themoneytizer.net/g/ Frame 9985 26 B
271 B 141ms
66ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://g.themoneytizer.net/g/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: a3977efef5215f018d68e249348803f07c8d4828660fd154ffc72d2b85afedde

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 06:31:45 GMT
Server: nginx
X-IPLB-Request-ID: 4DF3BFF4:3DFA_91EFC191:01BB_60F66DD1_461CC77:17283
X-IPLB-Instance: 29821
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ Frame 9985 38 KB
16 KB 25ms
24ms Script
application/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 20 Jul 2021 06:31:45 GMT
content-encoding: gzip
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
server: nginx
etag: "604b9fc7-981e"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 16267
expires: Wed, 21 Jul 2021 06:31:19 GMT

GET
H/1.1

200
OK

smart.js Show response
ced-ns.sascdn.com/diff/js/ Frame 9985
Redirect Chain

https://ww1097.smartadserver.com/config.js?nwid=1097
https://ced-ns.sascdn.com/diff/js/smart.js

70 KB
21 KB

30ms
10ms

Script
application/x-javascript

2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/smart.js
Requested by: Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e1fe9cd1e90b583ba58d2bb0ed5b7a72c2d7d60b81e2c142a8bc66916d24a1b5

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 06:31:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Jul 2021 12:57:19 GMT
Server: AkamaiNetStorage
ETag: "1687de1e733ee43502786667e7b52447:1626699444.141908"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21000

Redirect headers

location: https://ced-ns.sascdn.com/diff/js/smart.js
date: Tue, 20 Jul 2021 06:31:44 GMT
content-length: 0

GET
H2 200 4.png
bookbannershop.com/wp-content/uploads/2021/04/ 88 KB
89 KB 86ms
86ms Image
image/png 2a00:f940:2:2:1:1:0:250
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bookbannershop.com/wp-content/uploads/2021/04/4.png
Requested by: Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:1:0:250 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 19512340d9a32714d1d2adbd379712714eed62b36bdc0d2ea2892fc4792cc8ef

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:45 GMT
last-modified: Mon, 05 Apr 2021 15:39:32 GMT
server: nginx
etag: "606b2f34-16108"
content-type: image/png
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 90376
expires: Fri, 03 Sep 2021 06:31:45 GMT

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ Frame 9985 0
270 B 138ms
36ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=80323&f=1&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=80323&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 20 Jul 2021 06:31:54 GMT
Server: nginx
X-IPLB-Request-ID: 4DF3BFF4:CF94_36264064:01BB_60F66DDA_D7996D4:0625
X-IPLB-Instance: 24857
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 sync Show response
gum.criteo.com/ Frame 9985 49 B
362 B 39ms
12ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=80323&formatId=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 20 Jul 2021 06:31:53 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1474
content-length: 165
expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ Frame 9985 4 KB
4 KB 122ms
32ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=80323&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 8da935c18168ab5561137d875449b7b5b4e38ec854c5f3d2296823cf0b93a3f9

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 06:31:54 GMT
Last-Modified: Mon, 31 May 2021 09:07:48 GMT
Server: nginx/1.14.2
X-IPLB-Request-ID: 4DF3BFF4:DFD8_91EFC0A6:01BB_60F66DDA_2116C45D:260F0
ETag: "60b4a764-10b7"
X-IPLB-Instance: 30196
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 4279

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame EB8E 2 KB
823 B 643ms
44ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1626762714005

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=80323&formatId=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2a897e3f18e6769&cb=1626762714005
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://subdl.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://subdl.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame BC2F 2 KB
1 KB 41ms
22ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=80323&formatId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9832d569aad4acc2a825cdfbbb08f207e161ad0ae8b06cf7740b78f41d0500bd

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?env=mWeb&uc=2&zdid=1258&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://subdl.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://subdl.com/

Response headers

date: Tue, 20 Jul 2021 06:31:54 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://subdl.com
set-cookie: zc=afaa72cc-bb07-4ad8-55b6-aa7687225fd6; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%89%CC%10%9A%94%FA%7D%A7%92%7B%A0%C1%CB%84%9E%91%D0%B3%BB%8C%06%FB%CF%A5yR%A90%A0%05%CD%1Ea%AA%CA%E49u%3E%C7%D9%C6%AFS%17p%0E%8BD%FFz%D4%FFh%85%92%17%14%CF%C4%D4%AE9%21Qe%17%0A%3E%15%CB%D8%93%5C4%E9%CF%AE%D5V%AA%8F%95%01%18%C9%94%AD.+%2A%5Et.%9203%BC%1D%C6%98%08%09%C1b; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 671a2632a83c2bad-FRA
content-encoding: br

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 9985 24 KB
9 KB 27ms
7ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=80323&formatId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:54 GMT
content-encoding: gzip
etag: "WhyxmPkT7L77qVDcrjxwGw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Tue, 27 Jul 2021 06:31:54 GMT

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12763/ Frame 9985 3 KB
3 KB 172ms
40ms Script
application/javascript 52.210.129.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12763/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=80323&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.129.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-129-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8b6f1b48cd5175f987c8d9c15233cde35ad4a06473c89b4f46076b6fc3259e6b

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 06:31:54 GMT
Cache-Control: max-age=2419200, public
Connection: keep-alive
Content-Length: 3015
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame 9985 25 KB
26 KB 122ms
39ms Script
text/javascript 13.224.89.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=80323&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-3.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 12:43:26 GMT
Via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 64108
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: PCD_MRdiUlQLeeUvDE-PK2x-9en1LvVJLSogWZA_u7GjhM24jEanxA==

GET
H/1.1 200
OK 186329-261067657875242.js Show response
js-sec.indexww.com/ht/p/ Frame 9985 37 KB
13 KB 92ms
31ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=80323&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 06:31:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Jul 2021 05:46:47 GMT
Server: Apache
ETag: "da42ab-930b-5c787945d8472"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=927
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12788
Expires: Tue, 20 Jul 2021 06:47:21 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid5_3/build_noconsent/dist/ Frame 9985 508 KB
157 KB 26ms
24ms Script
application/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid5_3/build_noconsent/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=80323&formatId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: f4e4f8350b4ab2bdfeba46488ee6b0f4c1f05794979042ea3da496b0116e04d1

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 20 Jul 2021 06:31:54 GMT
content-encoding: gzip
last-modified: Fri, 16 Jul 2021 12:47:27 GMT
server: nginx
etag: W/"60f17fdf-7ee8d"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 160218
expires: Wed, 21 Jul 2021 06:31:38 GMT

GET

6.gif
id5-sync.com/c/12/112/4/ Frame 9985
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESECHB4gBttLko-FZhREJQhbU&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4507632323336433206&opid=apx&ops=&utidl=tech:goo:CAESECHB4gBttLko-FZhREJQhbU&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A19186248905&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/12/19/7/3.gif?puid=8cef61865f418be5b40b493c5aae2805&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/101/6/4.gif?puid=5463b8d1-f52b-44a8-8b6e-7b1f5b346875&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F5%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_cons...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F5%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdp...
https://id5-sync.com/c/12/108/5/5.gif?puid=1c77f624-9899-4d2b-b2ae-4ead6f723dfc&gdpr=1&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F4%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F4%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/112/4/6.gif?puid=1345A751D78768CC&gdpr=1&gdpr_consent=

0
0

GET
DATA 200
OK truncated
/ Frame 9985 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4734c7be236f8ec2980468fb2f52519febeb0c32d619535c9b15d5a7e000251d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ Frame 9985 1 KB
1 KB 38ms
11ms Script
application/javascript 2600:9000:2190:a800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:a800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:21:29 GMT
content-encoding: gzip
age: 626
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
etag: W/"9a93052877e57b42aeefaab6e7ec5f90"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: UmnfQBMu5ICGYG5yZ_EAt1fWYXPDCnqeMstc7DUxsV8_OSprFA4D9A==

GET
H2

200

mw
mwzeom.zeotap.com/ Frame BC2F
Redirect Chain

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dafaa72cc-bb07-4ad8-55b6-aa7687225fd6%2...
https://mwzeom.zeotap.com/mw?adnxs_uid=4507632323336433206&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258

95 B
153 B

31ms
31ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?adnxs_uid=4507632323336433206&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258
Requested by: Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 671a2633eadf2bad-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 06:31:54 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 790ac3b9-39aa-44ba-b87c-39891025f1a1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://mwzeom.zeotap.com/mw?adnxs_uid=4507632323336433206&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame BC2F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2...
https://mwzeom.zeotap.com/mw?google_gid=CAESEK-OHOo8pO_i-a6V_ymbrC0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8...

95 B
153 B

25ms
24ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEK-OHOo8pO_i-a6V_ymbrC0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258
Requested by: Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 671a2633eae12bad-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 06:31:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEK-OHOo8pO_i-a6V_ymbrC0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 450
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame BC2F
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dafaa72cc-bb07-4ad8-55b6-aa7687225fd6%26reqId%3Dc09ec07a-cdbc-4a52-5d98-9e8cc7...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dafaa72cc-bb07-4ad8-55b6-aa7687225fd6%26reqId%3Dc09ec07a-cdbc-4a52-5d98-9e8cc7...
https://mwzeom.zeotap.com/mw?cid=5e665894-4065-46fe-94fb-c76428411ff7&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc...

95 B
153 B

26ms
26ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=5e665894-4065-46fe-94fb-c76428411ff7&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258
Requested by: Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 671a2633eae02bad-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 06:31:54 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=5e665894-4065-46fe-94fb-c76428411ff7&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 449

GET
H2

200

mw
mwzeom.zeotap.com/ Frame BC2F
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=54591668512337606484569750110498656837&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3d...

95 B
256 B

34ms
34ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=54591668512337606484569750110498656837&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258
Requested by: Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:58 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 671a264e7e202bad-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-1-v012-05b640ae4.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Tl3HcQXoT/E=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=54591668512337606484569750110498656837&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

mw
mwzeom.zeotap.com/ Frame BC2F
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=eyd%2F0RtEzYYQ3Zgcwcuolf8AivrcoE%2BU%2BS41iYitP1U%3D

95 B
164 B

19ms
18ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=eyd%2F0RtEzYYQ3Zgcwcuolf8AivrcoE%2BU%2BS41iYitP1U%3D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 671a263379ff2bad-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 06:31:54 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=eyd%2F0RtEzYYQ3Zgcwcuolf8AivrcoE%2BU%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame BC2F
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dafaa72c...
https://mwzeom.zeotap.com/mw?cid=184a60f6-6ddd-4c00-acbd-0944501e22fa&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8c...

95 B
176 B

34ms
34ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=184a60f6-6ddd-4c00-acbd-0944501e22fa&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258
Requested by: Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:57 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 671a26465dc82bad-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Date: Tue, 20 Jul 2021 06:31:57 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=184a60f6-6ddd-4c00-acbd-0944501e22fa&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Tue, 20 Jul 2021 06:34:45 GMT

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame BC2F 541 B
475 B 34ms
34ms Script
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01d21b65e11d78d951e92a45597da8866b9d5508c8fd97e2e527cd5bf713635c

Request headers

Referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 671a2632e8c42bad-FRA
date: Tue, 20 Jul 2021 06:31:54 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 38ms
13ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsubdl.com%2F&domain=subdl.com&cw=1

Protocol

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://subdl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://subdl.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1412
date: Tue, 20 Jul 2021 06:31:53 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9985
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsubdl.com%2F&domain=subdl.com&cw=1
https://mug.criteo.com/sid?cpp=gn2pIXx3LzFFOWJXL0Vxb3EwVDFrWUMrOU5nZzBXbEZDaFZrVTJkK0gwaFhuRno4MUp4S3JuT1ZSVTVXU04zOW0yZzRPTk85YzBoT1NLNkpBNFFRWEZTUmg3aWhvMjdUOHpOQklQcVZjUE1mM3FUZldxblNqM0tEamtkS2...

342 B
600 B

55ms
19ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=gn2pIXx3LzFFOWJXL0Vxb3EwVDFrWUMrOU5nZzBXbEZDaFZrVTJkK0gwaFhuRno4MUp4S3JuT1ZSVTVXU04zOW0yZzRPTk85YzBoT1NLNkpBNFFRWEZTUmg3aWhvMjdUOHpOQklQcVZjUE1mM3FUZldxblNqM0tEamtkS21IRGdQbXVRRXhVOFU3UEFza1JMUzlvRVkrQ0pBNW1ieDBKK0JyNGJUWm5randkRDFlb1V6OE9Vc3pNS2JmU1B4T3VtTFhSRUR3bEdtZzdKS3RvK1A5ZUJlZllLMTRsNk5XdUlNSCt5eTJJc3JRN2RuNitVPXw&cppv=2

Requested by

Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

73967da9d5e9c3f9facbbbea4afa02db331825e4499f75e32804fc681712b733

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 20 Jul 2021 06:31:53 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2156
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 20 Jul 2021 06:31:53 GMT
location: https://mug.criteo.com/sid?cpp=gn2pIXx3LzFFOWJXL0Vxb3EwVDFrWUMrOU5nZzBXbEZDaFZrVTJkK0gwaFhuRno4MUp4S3JuT1ZSVTVXU04zOW0yZzRPTk85YzBoT1NLNkpBNFFRWEZTUmg3aWhvMjdUOHpOQklQcVZjUE1mM3FUZldxblNqM0tEamtkS21IRGdQbXVRRXhVOFU3UEFza1JMUzlvRVkrQ0pBNW1ieDBKK0JyNGJUWm5randkRDFlb1V6OE9Vc3pNS2JmU1B4T3VtTFhSRUR3bEdtZzdKS3RvK1A5ZUJlZllLMTRsNk5XdUlNSCt5eTJJc3JRN2RuNitVPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://subdl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2072
content-length: 482
expires: 0

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ Frame 9985 0
230 B 61ms
21ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=80323&adid=2&formatid=26300&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid5_3/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Jul 2021 06:31:54 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 20
expires: Wed, 21 Jul 2021 06:31:54 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ Frame 9985 0
230 B 61ms
21ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=80323&adid=1&formatid=26322&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid5_3/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Jul 2021 06:31:54 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 20
expires: Wed, 21 Jul 2021 06:31:54 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 9985 15 B
365 B 513ms
43ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid5_3/build_noconsent/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://subdl.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 prebid Show response
mp.4dex.io/ Frame 9985 3 KB
1 KB 118ms
70ms XHR
application/json 35.227.247.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid5_3/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.247.230 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 230.247.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 9f15b8af7867594bc1eca497e2318cf93c0c7d4d72210d101822f4e9e2dabbfb

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
x-err: Validating the prebid AdRequest adunits. Sampled or No valid non-debug AdUnits
content-encoding: gzip
x-openrtb-version: 2.5
date: Tue, 20 Jul 2021 06:31:54 GMT
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://subdl.com
no-bid: true
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 796
via: 1.1 google
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 9985 0
154 B 391ms
208ms XHR
text/plain 136.144.58.223
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid5_3/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.58.223 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Tue, 20 Jul 2021 06:31:53 GMT
server: envoy
vary: origin
access-control-allow-origin: https://subdl.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 7

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9985 255 B
1 KB 32ms
23ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid5_3/build_noconsent/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

5a5601c78ea4e04ea7a2c5e63f48bdbb6095739a5c8d4a25af1328d2413d920f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 06:31:54 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ad5010be-5550-4178-a92d-89333966645a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://subdl.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 255
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 hb Show response
ice.360yield.com/ Frame 9985 149 B
562 B 249ms
196ms XHR
application/json 3.127.73.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2219deef94efe9b2b%22%2C%22version%22%3A%227.4.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fsubdl.com%2Fs%2Fsubtitle%2Fsd16649%2Fcrayon-shin-chan-very-tasty-b-class-gourmet-survival%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2280323%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22356571e7-b9a8-4bbd-afc4-bce923164a52%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221732a683cfaa88e%22%2C%22pid%22%3A%2222516390%22%2C%22tid%22%3A%22c1e4e304-419c-4793-866f-f2e9d9eb9a75%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22189bbd9ad351873%22%2C%22pid%22%3A%2222516389%22%2C%22tid%22%3A%22d58f9d15-7055-4277-8e3a-64d081c94137%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid5_3/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.73.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-73-204.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c478b284e1f4ad7641fb6096c81262a1460c52baa524b7ac0673a3eb931996a9

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subdl.com
date: Tue, 20 Jul 2021 06:31:54 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 149
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 cmp
spl.zeotap.com/ Frame BC2F 0
0 29ms
28ms Document
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /cmp?env=mWeb&eventType=map&id_mid_4=afaa72cc-bb07-4ad8-55b6-aa7687225fd6&reqId=c09ec07a-cdbc-4a52-5d98-9e8cc72fd3de&uc=2&zdid=1258&cmp=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: zc=afaa72cc-bb07-4ad8-55b6-aa7687225fd6; zsc=%89%CC%10%9A%94%FA%7D%A7%92%7B%A0%C1%CB%84%9E%91%D0%B3%BB%8C%06%FB%CF%A5yR%A90%A0%05%CD%1Ea%AA%CA%E49u%3E%C7%D9%C6%AFS%17p%0E%8BD%FFz%D4%FFh%85%92%17%14%CF%C4%D4%AE9%21Qe%17%0A%3E%15%CB%D8%93%5C4%E9%CF%AE%D5V%AA%8F%95%01%18%C9%94%AD.+%2A%5Et.%9203%BC%1D%C6%98%08%09%C1b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map

Response headers

date: Tue, 20 Jul 2021 06:31:54 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 671a26337a0c2bad-FRA

GET
H2 200 pixel;r=1271105584;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fsubdl.com%2Fs%2Fsubtitle%2Fsd16649%2Fcrayon-shin-chan-very-tasty-b-class-gourmet-survival;uht=2;fp...
pixel.quantserve.com/ Frame 9985 35 B
371 B 12ms
10ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1271105584;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fsubdl.com%2Fs%2Fsubtitle%2Fsd16649%2Fcrayon-shin-chan-very-tasty-b-class-gourmet-survival;uht=2;fpan=1;fpa=P0-301238990-1626762714157;pbcn=1;pbc=9e6aa33b-b33a-47ce-9caa-9fd9d10c1004;ns=1;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=subdl.com;je=0;sr=1600x1200x24;dst=1;et=1626762714157;tzo=-120;ogl=

Requested by

Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 06:31:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK wckr.php Show response
tag.leadplace.fr/ Frame 0559 0
247 B 33ms
32ms Document
text/html 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fsubdl.com%2Fs%2Fsubtitle%2Fsd16649%2Fcrayon-shin-chan-very-tasty-b-class-gourmet-survival&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: tag.leadplace.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://subdl.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://subdl.com/

Response headers

Server: nginx/1.14.2
Date: Tue, 20 Jul 2021 06:31:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Request-ID: 4DF3BFF4:DFD8_91EFC0A6:01BB_60F66DDA_2116C467:260F0
X-IPLB-Instance: 30196

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 9985 109 B
539 B 38ms
38ms XHR
application/json 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: dc9e1eb95c07f91b563e1d60d116f46caa50a63a214652528d002594b7f78f9c

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 20 Jul 2021 06:31:54 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://subdl.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Thu, 19 Aug 2021 06:31:54 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ Frame 9985 0
217 B 65ms
24ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 20 Jul 2021 06:31:54 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://subdl.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H3-29 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ Frame 9985 84 KB
30 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 11:02:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 502157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Jul 2022 11:02:37 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 63ms
18ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 979
date: Tue, 20 Jul 2021 06:31:53 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ Frame 9985 0
520 B 162ms
47ms XHR
application/x-javascript 176.34.224.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.224.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-176-34-224-114.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 06:31:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Jul 2021 06:31:54 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://subdl.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ Frame 9985 0
422 B 93ms
34ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fsubdl.com%2Fs%2Fsubtitle%2Fsd16649%2Fcrayon-shin-chan-very-tasty-b-class-gourmet-survival&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 06:31:54 GMT
X-AK-INITIAL-GEO: CC:[BE], RC:[], CN:[EU], CIP:[77.243.191.244], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://subdl.com
X-CS-CLIENT-GEO: 28
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 28
Expires: Tue, 20 Jul 2021 06:31:54 GMT

GET
H/1.1 200
OK ac Show response
ww1097.smartadserver.com/ Frame 9985 9 KB
3 KB 132ms
132ms Script
application/javascript 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/ac?nwid=1097&siteid=418941&pgid=1394654&fmtid=26322&async=1&visit=m&tmstp=58228294&tag=sas_26322&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fsubdl.com%2Fs%2Fsubtitle%2Fsd16649%2Fcrayon-shin-chan-very-tasty-b-class-gourmet-survival&noadcbk=sas.noad&schain=1.0,1!themoneytizer.com,80323,1,subdl.com,subdl.com&isLazy=0&isAdRefresh=0
Requested by: Host: ww1097.smartadserver.com
URL: https://ww1097.smartadserver.com/config.js?nwid=1097
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: b448e67b62dddd9f97c0cd148d031c36e52f46d872b395552ee034e573350f0f

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 06:31:54 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 3%3b11%3b82
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 9533110
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ Frame 9985 0
270 B 38ms
38ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=80323&f=1&fi=0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=80323&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 20 Jul 2021 06:31:54 GMT
Server: nginx
X-IPLB-Request-ID: 4DF3BFF4:CF94_36264064:01BB_60F66DDA_D7996DB:0625
X-IPLB-Instance: 24857
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 9985 30 KB
10 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: ww1097.smartadserver.com
URL: https://ww1097.smartadserver.com/ac?nwid=1097&siteid=418941&pgid=1394654&fmtid=26322&async=1&visit=m&tmstp=58228294&tag=sas_26322&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fsubdl.com%2Fs%2Fsubtitle%2Fsd16649%2Fcrayon-shin-chan-very-tasty-b-class-gourmet-survival&noadcbk=sas.noad&schain=1.0,1!themoneytizer.com,80323,1,subdl.com,subdl.com&isLazy=0&isAdRefresh=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1582bd9500cd40b5e48145ee49c1c545560ece33b3bfc7ba2f29a363abdfc09c

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 06:31:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Jun 2021 08:08:10 GMT
Server: AkamaiNetStorage
ETag: "486b2d89e41f9177387df54f36e77760:1623053425.284859"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10078

GET
H2 200 728x90.png
ads.themoneytizer.com/passback/ Frame EB73 16 KB
16 KB 20ms
20ms Image
image/png 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.themoneytizer.com/passback/728x90.png
Requested by: Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 303f0c618a70421081ab899d61b413b4875e8f632d239d7fccd074be2c94e14d

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 20 Jul 2021 06:31:54 GMT
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
server: nginx
etag: "604b9fc7-4049"
x-cache: HIT
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 16457
expires: Wed, 21 Jul 2021 06:31:54 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK 48757.html Show response
jighucme.com/77/39224/382/ Frame 0FF0 7 KB
2 KB 81ms
19ms Document
text/html 139.45.197.81
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://jighucme.com/77/39224/382/48757.html

Requested by

Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.81 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

57315b91194383a56350bb2239e01bb279c9bc15ca1cb5c13c62461990b2d7b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1 max-age=1
X-Content-Type-Options	nosniff nosniff

Request headers

Host: jighucme.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://subdl.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://subdl.com/

Response headers

Server: nginx
Date: Tue, 20 Jul 2021 06:31:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=1 max-age=1
X-Content-Type-Options: nosniff nosniff
Timing-Allow-Origin: * *
Content-Encoding: gzip

GET
H/1.1 200
OK action
ww1097.smartadserver.com/track/ Frame 9985 43 B
163 B 26ms
25ms Image
image/gif 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww1097.smartadserver.com/track/action?sid=1626762714789&pid=1394654&iid=9533110&cid=25520679&key=viewcount&ts=1626762714789
Requested by: Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:55 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9985 0
0 89ms
34ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutoZjM2WOcyDRBmj719WPAPzoYZVI8XEdC0KNKGUH12OLD9Pw5ZV67xyLyWJGSAyZ_D6FuyjGFix_oTbTPWXml22_IkDlI9iUEqIxaLOSRar3FzDAk_M0XCLgQuUTL8v05yqi_47AIoxC-l-RlNw2ZOqptgUNih7vxagvC9WWRjBDNYMwpWFs3Th7vDpWwC7ZEP-GbZA8965uIHWA9xzWj5tcstfpqtYvqCUKbqGXnBfk8m7Wf248cKmyB02GQEESmhf2OiMhbu9rVe3QJTvouX4yGo6OiaRWRBWXs7djhF1Koi6iMY8B_1BAIbjPa_b__EzQduGlfonQ&sai=AMfl-YRX6cKPkNNu53-Jb3LW2nSrcEV1Akwkt3a6BttOEDSCoxpqKyVYCX_hdm5ILSONAOwITbcwNY-CbLFfBJnkmeCdbRr1vWpKY8WACg8zYIuoMhuC9ZWWfyghaSJSLC6y&sig=Cg0ArKJSzGMIMUkXxe7oEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 06:31:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 20 Jul 2021 06:31:58 GMT

GET
H2 200 / Show response
jewhouca.net/5/4261848/ 3 KB
2 KB 101ms
45ms XHR
application/json 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jewhouca.net/5/4261848/?oo=1
Requested by: Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5143ef6170d4a47a67e0ade59f9657ce75ad1b02febfd0f36d395b7e1914732e

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: f1a49e9773db386de37df43937ce042a
pragma: no-cache, no-cache
date: Tue, 20 Jul 2021 06:31:58 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://subdl.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag.min.js Show response
jewhouca.net/ 61 KB
20 KB 100ms
44ms Script
text/javascript 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://jewhouca.net/tag.min.js

Requested by

Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

9a6c398e4093449ec03a42f829527a740f4d53c592ad0edd036f5f8fdbfd631a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
content-length: 20152
x-trace-id: 315351654a409c8fe912208d60c9e2e0
pragma: no-cache
last-modified: Mon, 19 Jul 2021 16:23:54 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 4249383 Show response
in-page-push.com/400/ 83 KB
30 KB 73ms
24ms Script
application/javascript 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in-page-push.com/400/4249383

Requested by

Host: subdl.com
URL: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d38d9f6700a1231af6fe5ba13c13861160d70cc3b05b1ccacff37c8b537e1e51

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 3357a0e572293c4b3c00050c6fa8f1f0
pragma: no-cache
date: Tue, 20 Jul 2021 06:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 sd16649 Show response
subdl.com/s/subtitleUpdate/ 301 B
467 B 115ms
115ms XHR
text/html 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subdl.com/s/subtitleUpdate/sd16649?test=test
Requested by: Host: subdl.com
URL: https://subdl.com/js/jquery-2.1.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e4266121afb19d86aacb3efbf0cd45af58e03377dccbd9d2f0ac254c2f864f8

Request headers

:path: /s/subtitleUpdate/sd16649?test=test
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: subdl.com
x-requested-with: XMLHttpRequest
:scheme: https
sec-fetch-site: same-origin
referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
:method: GET
Accept: */*
Referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 06:31:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5dMu7QJW4UtHwrHyK9cWGU%2FZsW6s%2BGP3rD4CeF8ph6hJmD89sjRNft9r5GRFEkOzgdL6RpW7WSEit9TaGlyH8u9Czc6NZsu%2BlKAX3%2BDYcVuJWtnKmIgCgBk3fhEm9VrhVU5B4ckJtg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
set-cookie: PHPSESSID=1bca61b954d937a311507f48de93e6f6; path=/
cf-ray: 671a264efe5c2bd2-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 51ms
18ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c9217530f052396c07698c0ea94e9f7e418d03c258a32e6b360f09e6589b829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 06:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8446
x-xss-protection: 0

GET
H2 200 / Show response
services.vlitag.com/uv/ 13 B
713 B 172ms
140ms XHR
application/json 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/uv/?page_url=https%3A%2F%2Fsubdl.com%2Fs%2Fsubtitle%2Fsd16649%2Fcrayon-shin-chan-very-tasty-b-class-gourmet-survival&mtk=11328

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=a38e0e0ce56e7c0101eaca269533bc36

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:58 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 20 Jul 2021 06:31:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3pe008h1ZTT7zAuSvbgQ2%2FYjmfGKpREZFdkW9JVYUYF2KFkzepJicwHvtpaqMvflvLyRN5XELwEDgaTxpbqy7bpRli0lp%2F1Mg7ooh%2FGpK5yfVFdgkwfLzkHJZPd2ut9lL0QcpCiZTDkJZkATUyBOU4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://subdl.com
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 671a264f29b505b7-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 a38e0e0ce56e7c0101eaca269533bc36.js Show response
tag.vlitag.com/v1/1626753360/ 505 KB
125 KB 56ms
25ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/v1/1626753360/a38e0e0ce56e7c0101eaca269533bc36.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=a38e0e0ce56e7c0101eaca269533bc36

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

212294a5f16893bffd79be8dbd50bc41c673b455803c35cd87f998db63bf444c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:58 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 9347
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7pl9poFPmqSgyi6%2FoZEzrTO%2BbHWUUZBllVqiVnuo2ALogshI%2BqpWueRxZdoStnADg5%2FTfUF3ERaampDKRV%2BI7Knqs%2FeJ9RvJ8w7bWI1yEkQbJIHJz6rdYlx2LPUOVeARgmTk8dVX2PjX80k"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 671a264f2ccb16ee-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block

POST
H2 200 rum Show response
subdl.com/cdn-cgi/ 0
253 B 11ms
11ms XHR
text/plain 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://subdl.com/cdn-cgi/rum?req_id=671a25f6d96b2bd2

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://subdl.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
content-length: 1391
:path: /cdn-cgi/rum?req_id=671a25f6d96b2bd2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: subdl.com
referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Tue, 20 Jul 2021 06:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://subdl.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 671a264efe682bd2-FRA
vary: Origin

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 50ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 20 Jul 2021 06:31:58 GMT

GET
H2 403 apu.php
cdn.betgorebysson.club/ 0
0 60ms
19ms Script
application/javascript 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.betgorebysson.club/apu.php?zoneid=4250372
Requested by: Host: in-page-push.com
URL: https://in-page-push.com/400/4249383
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: ffaf8e38797fb183031f339b089cb392
pragma: no-cache
date: Tue, 20 Jul 2021 06:31:58 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 382
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 cmp-v2.0.1.js Show response
assets.vlitag.com/plugins/cmptcf2/ 267 KB
72 KB 31ms
29ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1626753360/a38e0e0ce56e7c0101eaca269533bc36.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2279150
cf-polished: origSize=489839
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 29 Dec 2020 02:18:12 GMT
server: cloudflare
etag: W/"5fea91e4-7796f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZMIquUoT5NnebeuWesJte%2B5yC9bL%2BXgEWi6XJV57n2fQBYC30GSQC7%2BH0GAYj0kOuTXHhJv7IGNV0k9XVtcwNnMCQCB6Pp4fN%2FN0Z1QXELVbNT0p13QNI9NuAsRBT1QOZ6X8goUST5tqqANk2L0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 671a26504e6616ee-FRA
expires: Wed, 23 Jun 2021 21:56:07 GMT

GET
H2 200 prebid-v5.5.0.js Show response
assets.vlitag.com/prebid/default/ 442 KB
130 KB 45ms
43ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/prebid/default/prebid-v5.5.0.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1626753360/a38e0e0ce56e7c0101eaca269533bc36.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff740ec598862df26c33f682103479c0d08ef731a9a12ddec5a409a9337e57fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 339304
cf-polished: origSize=453123
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Fri, 16 Jul 2021 08:16:47 GMT
server: cloudflare
etag: W/"60f1406f-6ea03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QgPJdRe1NKxNOLtl39tEeWSLgt0H%2BGVbg6%2BpwwA0xu9sIPt3GQdCgbhKXsdNwh9LGsQ8LBgl2xP33c2tOTzSRrj3WAry2L%2F5FzPaj7ZGhZSrUM3eYEqWMMlXqpf6APe4smzuflI0Hewe%2FqQDGRk3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 671a26504e6816ee-FRA
expires: Fri, 16 Jul 2021 08:46:54 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 69 KB
24 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1626753360/a38e0e0ce56e7c0101eaca269533bc36.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72d02b125c22f5a242d08b1cfa4d06cb24af1012ecb71ff0a3f0409936df397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "935 / 664 of 1000 / last-modified: 1626732643"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24203
x-xss-protection: 0
expires: Tue, 20 Jul 2021 06:31:58 GMT

GET
H2 200 viPlayer_v45.min.js Show response
assets.vlitag.com/plugins/vlPlayer/ 13 KB
5 KB 17ms
15ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/vlPlayer/viPlayer_v45.min.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1626753360/a38e0e0ce56e7c0101eaca269533bc36.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cce2306a2b7a641280a0e61d53b3cd645edb91d9389edaa2ba961a29337cfc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 392529
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Mon, 14 Jun 2021 17:20:56 GMT
server: cloudflare
etag: W/"60c78ff8-34ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgyAkysXJTWvOL1rio6G%2B2raYWXRWsMStWSkibW7A2Vl7FmUn5cjdQEHa9fu%2B3gxjep1LW6Dv1i%2B8PIfchD0iE4by1FUk9evd6csVicVLmATSj0svYxM3%2BrO3Fyk0umCUk5CH%2F77UKX3%2FyMI0gWd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 671a26504e6a16ee-FRA
expires: Thu, 15 Jul 2021 17:59:49 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 340 KB
117 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1626753360/a38e0e0ce56e7c0101eaca269533bc36.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119631
x-xss-protection: 0
expires: Tue, 20 Jul 2021 06:31:58 GMT

GET
H2 200 sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
17 KB 21ms
20ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1626753360/a38e0e0ce56e7c0101eaca269533bc36.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 395421
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
etag: W/"5dbbbcf2-9806"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZFp0KthsMToczPs1LxZ5sFEv45M68S13Zoyu7dtmCpxig5AKPjGpZ%2Fmlnfwg0v1pqta3WfvoclxWInyinoG941Hl9slRItDOswcSjBbImMmReok6G6S68GjnXRoOwsOohNuWy4atsEpYEgpd9FA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 671a26504e6c16ee-FRA
expires: Thu, 15 Jul 2021 17:11:37 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4A2A 12 KB
5 KB 22ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://subdl.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://subdl.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 20 Jul 2021 04:41:38 GMT
expires: Wed, 20 Jul 2022 04:41:38 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6620
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5EC0 783 B
778 B 15ms
15ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7c4211437b5f76849cb7279b2e13673d75fc8e01c070576a3238964803673fea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2HsP1/mCcrgQcJ4fvDPpQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://subdl.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://subdl.com/

Response headers

expires: Tue, 20 Jul 2021 06:31:58 GMT
date: Tue, 20 Jul 2021 06:31:58 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-2HsP1/mCcrgQcJ4fvDPpQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fac.php Show response
onmarshtompor.com/ Frame 5276 203 B
811 B 62ms
19ms Document
text/html 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/fac.php?OAID=29b6971a92614ccf8a58e3cc25c5a918&oaidts=1626762718

Requested by

Host: jewhouca.net
URL: https://jewhouca.net/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

cae5e15438046c7b624cfdfb28201d0bbed94af739c52727c5cc4a8ec60aaa4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onmarshtompor.com
:scheme: https
:path: /fac.php?OAID=29b6971a92614ccf8a58e3cc25c5a918&oaidts=1626762718
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://subdl.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://subdl.com/

Response headers

server: nginx
date: Tue, 20 Jul 2021 06:31:55 GMT
content-type: text/html; charset=utf8
content-length: 203
x-trace-id: 1200b7d40053dd70cb24f9cb28d2cbfd
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
set-cookie: OAID=29b6971a92614ccf8a58e3cc25c5a918; expires=Wed, 20 Jul 2022 06:31:58 GMT; path=/; secure; SameSite=None oaidts=1626762718; expires=Wed, 20 Jul 2022 06:31:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 20ms
5ms XHR
application/json 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210720

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d2c42d1ab225018d3d446ce7f3178e25b9ee7a744bb0d47d99052ab914469b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 12246
x-jsd-version: 1.0.1043
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 944
etag: W/"697-YDH0ISFq5cLp5H/2TeHpuBJBA3o"
x-served-by: cache-fra19182-FRA
x-jsd-version-type: version
date: Tue, 20 Jul 2021 06:31:58 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3-29 200 1592801729.jpg
assets.vlitag.com/widget/2020/06/22/ 74 KB
75 KB 34ms
22ms Image
image/webp 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 383849
cf-polished: qual=85, origFmt=jpeg, origSize=103053
content-disposition: inline; filename="1592801729.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 75514
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Mon, 22 Jun 2020 04:55:29 GMT
server: cloudflare
etag: "5ef039c1-1928d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PCG%2F7rPsnf1k%2FrQPCG9g8JOatDJ%2FKnJnZ3bmJnnuAGKxe5yK%2F9O2iSCMu2G0VusJZ2fcZVxe8wdbcCbti08NOgMTuw%2FuSuC0n%2FTM2aJ2vIJVIZwqdabhw7ACIUSoI2yTDOd6HtLgSTKh1xmWG%2Btm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 15 Jul 2021 20:24:29 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 671a265139771f31-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js Show response
pagead2.googlesyndication.com/bg/ Frame 4A2A 35 KB
13 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:04:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13391
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 13:04:06 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
540 B 62ms
19ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: in-page-push.com
URL: https://in-page-push.com/400/4249383

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d4c49848dafab0f2179662d6451b1481010d11af42ad23ff37e2062491d38e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:58 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://subdl.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 img.gif
my.rtmark.net/ Frame 5276 43 B
490 B 61ms
19ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=29b6971a92614ccf8a58e3cc25c5a918

Requested by

Host: onmarshtompor.com
URL: https://onmarshtompor.com/fac.php?OAID=29b6971a92614ccf8a58e3cc25c5a918&oaidts=1626762718

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://onmarshtompor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:58 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 4249383 Show response
in-page-push.com/500/ 3 KB
2 KB 27ms
26ms XHR
application/javascript 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in-page-push.com/500/4249383?excludes=&oaid=c1227f5e35fe4f5fae451d28afe8dd9e&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=13&pl=https%3A%2F%2Fsubdl.com%2Fs%2Fsubtitle%2Fsd16649%2Fcrayon-shin-chan-very-tasty-b-class-gourmet-survival&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: in-page-push.com
URL: https://in-page-push.com/400/4249383

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

a0e7a55ca212cf9fbce4695489dd4aa21f9a6e82219ea4535636e1af4ee67435

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: f16ca7f41fba6809c9bff506ce350358
pragma: no-cache
date: Tue, 20 Jul 2021 06:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://subdl.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H2 200 4249383
in-page-push.com/500/ Frame 0
0 56ms
18ms Preflight 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://subdl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 20 Jul 2021 06:31:59 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://subdl.com
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071901&jk=3066389922553755&bg=!paalpuLNAAZjFomlYxY7ACkAdvg8WkIKGkXxhK-KAllkhBY3EWDCo6am_DWn4mI4l46fbPEVdNMVgAIAAAB7UgAAAAxoAQeZAnPVrt4gMqdmgasalP769L8PcKgQnh3v-EPeXelNnImKThYu23dpi9mrn-U02MnZd6AVTxwP1Fwp4DFVtW-4TO8ov7lNhaihq2nLjawV2N-hadTW0tu7C71SBg5CkfuX8NFOYD2PGg7Q2FF-NaoC0a4u99s-_cujnQjaA68i86iD1o-pHwAMwnI3uDwidpULaD93V8LHIexhLqUylfwfNi_cQcIvjn75js4r_gllTt0lob66JmRLm59nT6U99VMCh6suQ00Q8kbVlsX-beq27n__-vQYmb2Qs9HTfJAX0hpDyep1xKOmiyah94UoSIBelH1dDq9Ll7h59Hx1lNSgm1B9kuko0g4ip5R8vFYbWpqExIB86fwKPcSQFKjFwCl1x4KKnPnGPWYVIj0XhcfDDGxkEaizSq4zULWJTh8BKChHO11TEVM-FdaSUMh_mvZp4wE4wXNWKe_5p1C63E36VROsEWadQxR8s8SNU9CLRNCffrCkX8AXSf2O_Veydb1BOoLMgv0o525-5R_DAiuN2sy00eQbExMjNdTozvc0rhwD0AZtiE9Zbr5bpJhbwkzLACKGB-FtAdMdU9zYDdUM_CIKm3h8erYF1SaCPaLyNzZfxKGL7B0BVkjtrwD59JlaxX-6GuRopd_Eifl80saG3ai7zsMy2mv4na5g-rS_A6K-G2VTA6qEIxA9kY7m8iQPr3ARfe7YMZradYGdY60R2dabRF8CPHe5P7rQmGYvKzlXuGf8D-9sC4Ndmz5avTuPVbFhhwgAzgRg3yCRnb3c9836q_b891SmnVYPyIpystDmNo-45iSj6fSyP2iNNnE5NQe8jcQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 06:31:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 CxhO3GuHgRLuslEfvaJJtNl9Dz3k-aOxqcj2b6jVwdng3oytHzfoG5Fi-X34ZDY2v1TMZWPYv3PFJlpuSbRQCMQmtqRf4oj61zExzSio_VixLTGLRtrmsPxUzqu2EWftF45ImQYQUn2DIzGyr7NepY89SVNIhvJMQetvfjzsU5SuzgtR3q51nDSzp-wDemwVsT0IX...
itgiblean.com/impression/ 43 B
326 B 1078ms
20ms Image
image/gif 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itgiblean.com/impression/CxhO3GuHgRLuslEfvaJJtNl9Dz3k-aOxqcj2b6jVwdng3oytHzfoG5Fi-X34ZDY2v1TMZWPYv3PFJlpuSbRQCMQmtqRf4oj61zExzSio_VixLTGLRtrmsPxUzqu2EWftF45ImQYQUn2DIzGyr7NepY89SVNIhvJMQetvfjzsU5SuzgtR3q51nDSzp-wDemwVsT0IXHT4jAjylPGiNmT0lFWC5u8ovigHKDvY-ZHSRL80T4g7gDJNM2CNi-HsKUWSUOnSxvr3rgk8VSmO4V2AsaSyqMrZ2A3a3B-9KeK3w-cRVwSE6bEvz1HbvI8wvIbGYWylbjG9ndXDtbIwHTWi78oUDSSTl-BtoMhMgJabrrLflcdpOV71v585M9Ugdpafh7QkYkbXwJebJ1ynsTknR6Hp1j_23xYk5AOBm3gakRrWBl_cAfXMHNR7_7GivD4TTZEx3Mj7WJiB5hkCkpvXLKQpgW1_HGH6QUaxyqSu1Yq4vgzkbfo-Up3xlGtsUqz9dun6Nkv5fZ8bh88vsNb57SmSkNPp_RmozQDT_8XHNxo75_h7-1liAZ9tYiyR-DZtsHnttx6LNJvLrgtBz6unBu59g6CfKtUK9p7avl_-jAj2-WgyH5quny3DUxAquH4mZR2poHPkHp66nWLhLCwVuImIXUsA0rrmmwTmAYWexwiT8g-TjWixcLwj40B4UF1Bp7Jgww==?_z=4249383&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=12&pl=https%3A%2F%2Fsubdl.com%2Fs%2Fsubtitle%2Fsd16649%2Fcrayon-shin-chan-very-tasty-b-class-gourmet-survival&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 179b527dbab2f813328fb902c0d74100
pragma: no-cache
date: Tue, 20 Jul 2021 06:31:54 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
content-length: 43
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 anime_bg.png
ipp.littlecdn.com/web/static/ Frame 57BC 193 KB
193 KB 43ms
18ms Image
image/png 2606:4700:10::6816:1874
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipp.littlecdn.com/web/static/anime_bg.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0c33471158b183e0cc6bde6fd6fa614e82220087dc9a05017571ddad9c4426b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 06:31:59 GMT
cf-cache-status: HIT
last-modified: Thu, 24 Sep 2020 10:59:05 GMT
server: cloudflare
age: 1255
etag: "a72c40cac24998b80ccdaba87731a296"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 671a265338cb1f51-FRA
content-length: 197263
expires: Wed, 21 Jul 2021 06:11:04 GMT

GET
H2 200 anime_male.png
ipp.littlecdn.com/web/static/ Frame 57BC 16 KB
16 KB 42ms
17ms Image
image/png 2606:4700:10::6816:1874
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipp.littlecdn.com/web/static/anime_male.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f40eb8f12acaa274789ed4fd686d118c75446d263a3951e27a0ed27a3cddfc8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 06:31:59 GMT
cf-cache-status: HIT
last-modified: Thu, 24 Sep 2020 10:59:09 GMT
server: cloudflare
age: 1205
etag: "07ca5abe3dc9bf4ebbc7c8ed98b2491e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 671a265338cd1f51-FRA
content-length: 16050
expires: Wed, 21 Jul 2021 06:11:54 GMT

GET
H2 200 anime_female.png
ipp.littlecdn.com/web/static/ Frame 57BC 17 KB
17 KB 49ms
24ms Image
image/png 2606:4700:10::6816:1874
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipp.littlecdn.com/web/static/anime_female.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af00002220c22fbb4d3b3fcf80eac8e89f1f1432ad4c0b5f010a083c769f0210

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 06:31:59 GMT
cf-cache-status: HIT
last-modified: Thu, 24 Sep 2020 10:59:08 GMT
server: cloudflare
age: 1229
etag: "6c7efb9606534b9559fd8489a9552de7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 671a265338ce1f51-FRA
content-length: 17347
expires: Wed, 21 Jul 2021 06:11:30 GMT

GET
H2 200 anime_close.png
ipp.littlecdn.com/web/static/ Frame 57BC 10 KB
10 KB 38ms
13ms Image
image/png 2606:4700:10::6816:1874
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipp.littlecdn.com/web/static/anime_close.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29c05b59c065f80b61637991e37a9e69757d76b64b43d227b5c17a0593f23ccd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 06:31:59 GMT
cf-cache-status: HIT
last-modified: Thu, 24 Sep 2020 10:59:06 GMT
server: cloudflare
age: 1229
etag: "d05a5f55b79df2c78093c4088ad8ecda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 671a265338d01f51-FRA
content-length: 10386
expires: Wed, 21 Jul 2021 06:11:30 GMT

GET
H2 200 01020141423258.png
littlecdn.com/contents/s/2a/05/20/cf0076b073ef2616ef2756b927/ Frame 57BC 66 KB
66 KB 25ms
22ms Image
image/png 2606:4700:10::6816:1874
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/contents/s/2a/05/20/cf0076b073ef2616ef2756b927/01020141423258.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9411bba13ac9d988cf2adddd933602dd8923d1cb8afb0241e4daa7a914d1ff1b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:31:59 GMT
cf-cache-status: HIT
age: 5435
content-length: 67442
last-modified: Wed, 19 Aug 2020 15:30:58 GMT
server: cloudflare
etag: "5f3d45b2-10772"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 671a265338d21f51-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

POST
H/1.1 200 12.json Show response
id5-sync.com/g/v2/ Frame 9985 212 B
526 B 29ms
29ms XHR
application/json 152.228.227.59
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/12.json

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid5_3/build_noconsent/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

152.228.227.59 , France, ASN16276 (OVH, FR),

Reverse DNS

p105.id5-sync.com

Software

Resource Hash

23d09927fa6103e66e73c5d03eff8747df802f568a068bf402e2726ede86f745

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://subdl.com
Date: Tue, 20 Jul 2021 06:31:58 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 204 id Show response
id.sharedid.org/ Frame 9985 0
210 B 504ms
167ms XHR
text/plain 34.216.100.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/id
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid5_3/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.216.100.107 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subdl.com
pragma: no-cache
date: Tue, 20 Jul 2021 06:32:00 GMT
cache-control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3E81 52 KB
17 KB 73ms
23ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid5_3/build_noconsent/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://subdl.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://subdl.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sat, 17 Jul 2021 04:42:48 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 20 Jul 2021 06:31:59 GMT
Age: 6546
X-Served-By: cache-lga21920-LGA, cache-fra19153-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 49431
X-Timer: S1626762720.715150,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 879E 2 KB
823 B 23ms
22ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1626762714656

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid5_3/build_noconsent/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?cb=1626762714656
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://subdl.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://subdl.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 204 /
onetag-sys.com/usync/ Frame 9985 0
52 B 23ms
21ms Image
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform

POST
H3-29 200 save_some.php Show response
subdl.com/ 2 B
595 B 106ms
105ms XHR
text/html 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subdl.com/save_some.php?pos=footer
Requested by: Host: subdl.com
URL: https://subdl.com/js/jquery-2.1.0.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-fetch-mode: cors
origin: https://subdl.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: PHPSESSID=1bca61b954d937a311507f48de93e6f6; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1626769918730}; __PPU_BACKCLCK_4261848=true; pbjs-id5id=%7B%22created_at%22%3A%222021-07-20T06%3A31%3A59.66366Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
content-length: 142
:path: /save_some.php?pos=footer
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: subdl.com
referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://subdl.com/s/subtitle/sd16649/crayon-shin-chan-very-tasty-b-class-gourmet-survival
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 06:32:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2CI7%2Bg6uuEYJTDLhm2DQwmwNWM2E1lrvEL9d%2BYTwioKFFM9RHa1ng%2BUk%2Fctw7fAIwZ9OKh8JHitpZoUdCxshxmiYLZpRZEhEfAZdh3nZxZyU%2BRv6qZcoUw%2F6wnc0cCWB2Y2VbOcUFso%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 671a2658491c4a8c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
44 B 376ms
376ms XHR
text/plain 136.144.58.223
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.58.223 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Tue, 20 Jul 2021 06:32:02 GMT
server: envoy
vary: origin
access-control-allow-origin: https://subdl.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
171 B 158ms
22ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subdl.com
date: Tue, 20 Jul 2021 06:32:02 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
605 B 145ms
130ms XHR
text/plain 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Jul 2021 06:32:02 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://subdl.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jukdX3Xt15%2BkntHDlGZfeJSWS7TKSO6VlD1cdkrclMAAeVB7QG9rocuzi3o4RqFedujk4AFWiM9nSV0QrKd7lS2SIfuWFXOUrhoe2R7mlsqWP7w6GRT1xx1nlzbVcAgLVZK6qKFSRZ%2FAojvYD4s6cUfd"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 671a2663f965061c-FRA

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/subdl.com/
Redirect Chain

https://ads.us.e-planning.net/pbjs/1/2c995/1/subdl.com/ROS?rnd=0.18052219122158375&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fsubdl.com%2Fs%2Fsubtitle%2Fsd16649%2Fcrayon-shin-chan-ver...
https://ads.us.e-planning.net/hb/1/2c995/1/subdl.com/ROS?ct=1&r=pbjs&rnd=0.18052219122158375&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fsubdl.com%2Fs%2Fsubtitle%2Fsd16649%2Fcrayon-shi...

650 B
1 KB

23ms
23ms

XHR
application/json

5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/subdl.com/ROS?ct=1&r=pbjs&rnd=0.18052219122158375&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fsubdl.com%2Fs%2Fsubtitle%2Fsd16649%2Fcrayon-shin-chan-very-tasty-b-class-gourmet-survival&pbv=5.5.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fsubdl.com%2Fs%2Fsubtitle%2Fsd16649%2Fcrayon-shin-chan-very-tasty-b-class-gourmet-survival&gdpr=1&gdprcs=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: 34c23b497ddd8082de966a179ca647e0530aae34c18e5758b65d86bb7104c84e

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:32:02 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://subdl.com
expires: Tue, 20 Jul 2021 06:32:02 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 650
x-sid: AMS-603

Redirect headers

date: Tue, 20 Jul 2021 06:32:02 GMT
server: openresty
access-control-allow-origin: https://subdl.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2c995/1/subdl.com/ROS?ct=1&r=pbjs&rnd=0.18052219122158375&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fsubdl.com%2Fs%2Fsubtitle%2Fsd16649%2Fcrayon-shin-chan-very-tasty-b-class-gourmet-survival&pbv=5.5.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fsubdl.com%2Fs%2Fsubtitle%2Fsd16649%2Fcrayon-shin-chan-very-tasty-b-class-gourmet-survival&gdpr=1&gdprcs=
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-603

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
182 B 151ms
18ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.5.0&cb=5455929393
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subdl.com
date: Tue, 20 Jul 2021 06:32:01 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 262 B
944 B 162ms
32ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

fc63b746bd89683fc3915b4f22ef93da9ad313524f16c3a618f7288cffe989e4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 06:32:02 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid: 9fe9e0af-ec58-4af0-8639-f1917c2f3bcc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://subdl.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 262
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 vi-logo.svg
assets.vlitag.com/media/icon/ 11 KB
4 KB 21ms
21ms Image
image/svg+xml 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/media/icon/vi-logo.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:32:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 430194
cf-ray: 671a26664d511f31-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Nov 2019 05:04:49 GMT
server: cloudflare
etag: W/"5dbbbcf1-2c34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTW8d8KvUp9ZgrX1hEbzoNcxmHNLfPo%2FZByMt6uV0WVGkjUKmztFXWwzaR2xso9L61sVcAlaI87m5G%2Br1fuoCvzNN3rIe7D75ysTsV%2B88LuYep7qVAgpiQdH2QEZDuwkczK3lo78ZOf6LLEE9eCp"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=16070400
x-robots-tag: noindex, nofollow

GET
H2 200 publishertag.prebid.105.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 49ms
18ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:32:03 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:30 GMT
server: nginx
etag: W/"6034e04e-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jul 2021 06:32:03 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8BF9 291 B
590 B 12ms
12ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=subdl.com&gdpr=1&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=subdl.com&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://subdl.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://subdl.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 261
date: Tue, 20 Jul 2021 06:32:03 GMT
content-length: 321

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 48ms
23ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:32:04 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 10:59:58 GMT
server: nginx
etag: W/"60ec20ae-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jul 2021 06:32:04 GMT

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame 4B18 3 KB
1 KB 128ms
121ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17d7d067b3ae55d458ad5e3cbba16b85e23e6a62c9c4ded0dbc32da6f0917d70

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://subdl.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=90a96d1f-5d0f-444e-b89d-d39993e42b8f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://subdl.com/

Response headers

date: Tue, 20 Jul 2021 06:32:05 GMT
content-type: text/html
set-cookie: uid=90a96d1f-5d0f-444e-b89d-d39993e42b8f; expires=Mon, 09 Aug 2021 06:32:05 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCHo8HFug2WijpqccFmCj0frr381j5C1HarOznm5AkgVXTtdr%2BjZIRbof8WnRU%2F1V96WuOKtaT8CU%2BCwzsA3pxCI%2FacQE7k7zikTnzPNkkRqRCuEsVWMTFIjDx4vA5Jgq1RoZS%2FzqO52QA958uM52w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 671a26791d90061c-FRA
content-encoding: br

GET
H2

200

um
u-ams02.e-planning.net/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D137eba2f29d1e936%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D137eba2f29d1e936%26uid%3D%24UID&sovrn_retry=true
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=137eba2f29d1e936&uid=5626d4fd65c6ff2429c89742

42 B
104 B

66ms
19ms

Image
image/gif

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=137eba2f29d1e936&uid=5626d4fd65c6ff2429c89742
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:32:08 GMT
server: openresty
content-type: image/gif

Redirect headers

Date: Tue, 20 Jul 2021 06:32:08 GMT
Server: nginx
Location: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=137eba2f29d1e936&uid=5626d4fd65c6ff2429c89742
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 4B18 0
474 B 78ms
19ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 06:32:05 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 4B18
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-f2b4a8f7-f7fc-410c-a4fa-4fb6b08e0d34

43 B
340 B

122ms
121ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-f2b4a8f7-f7fc-410c-a4fa-4fb6b08e0d34
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:32:05 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umLsrUPtd9vJmTUlxkgSo%2BFxN4DLqgi6P3pen%2FcAD%2F9K52DyT4BDNhNOGlbOJnYs9znGPXX6Vf1kln7ppkWUxwsJAV2%2B37CjSxaj9M4W9rYEFxSK8HXe4X%2BtWcPqwMDsYkHKdq41ZZSO1dAvNj0aaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 671a267bdb6c061c-FRA
content-length: 43

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-f2b4a8f7-f7fc-410c-a4fa-4fb6b08e0d34
date: Tue, 20 Jul 2021 06:32:05 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 4B18
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5465053124384357311

43 B
345 B

141ms
140ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5465053124384357311
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:32:05 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fmNS8xCi6Q3RdyhD%2FHd0%2F6f09VF6xrN5rb4SLLTYKo9zUsbg3TtKVEFuFtCudlEJaVhUp78%2Be5WvCG4bNuvjvZ6WmEAIldC%2BPP9vpGylnDjsgaXcQKPjzIHhImVz%2B%2B%2F946M%2BTv28tnneZS%2BHkYC0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 671a267a1fb7061c-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 06:32:05 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0b5a5eb6-3dd5-4c9b-9bb7-b80867910981
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5465053124384357311
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 4B18
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2852194198601922379

43 B
324 B

151ms
151ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2852194198601922379
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:32:05 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5XT%2Fd4pv%2BrhtmnRFXx4lXGfeVbWHT7yjqyuErzAlSLMDsL9K6caAQoURV2IlNrgakJuPztGIn68wpW4PU98Nc87Cj95gMkL2zM4gYpcGaginUVlzA6iEC1fs4Zv2vYLjUJStwWixEpI3PKwRxj7Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 671a267a3fff061c-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 06:32:05 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0d0c42de-9b01-4a31-b440-76f8f41f7f82
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2852194198601922379
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 4B18
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3f4f0dc940c0a7fc616eda67

43 B
352 B

123ms
123ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3f4f0dc940c0a7fc616eda67
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:32:08 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55Zp8dbA1RvfqAzpk9mqhGLcFQ0YWQE3KECBUn%2B2asHhxHqbzFnASdjP%2B9WGLK6HCd%2BCvI5y50h0YqG6pIMmEs1RpO8u3vqS0%2FrxkGD7cIJiigmI%2BQrxnF7a4C11o%2Fa2lvtH8lTIYHcNiMsjlUq7Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 671a268cab87061c-FRA
content-length: 43

Redirect headers

Date: Tue, 20 Jul 2021 06:32:08 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3f4f0dc940c0a7fc616eda67
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 4B18
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP3361bd47-e924-11eb-8478-062a225b6f18
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3361bd47-e924-11eb-8478-062a225b6f18

43 B
351 B

231ms
231ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3361bd47-e924-11eb-8478-062a225b6f18
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:32:05 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNcyUcGSChRt40riWV63iW5vsteh4O%2BQE8qfLzRlcRd%2B3Izo8xXEk9uxyebq7hFyLU%2BGBDxZ5m%2FLLhxyjzJQyyVQtKnl6KE87oL5%2BrB193vUFOcsw20ODb4ll9pgrc44X0RWqXXUE4ZmDcaqoId72A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 671a267ae952061c-FRA
content-length: 43

Redirect headers

Date: Tue, 20 Jul 2021 06:32:05 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3361bd47-e924-11eb-8478-062a225b6f18
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 4B18
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-nTWzwQ9E2uFEkqrqGp.2UR7Agr6rYR3zN9h0YAY-~A

43 B
324 B

137ms
136ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-nTWzwQ9E2uFEkqrqGp.2UR7Agr6rYR3zN9h0YAY-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:32:05 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMZC3SFhjn%2Fp52IvCC4suidtuavDyuGWEaVznax1xTS4DrnSsCQ9ibOEGxe0LaOh0Gr5kwOyglMmZyq4J8EI1guqend5S8VFWnYPZIqBc6rlg2%2FKBb0CkYpUspRSefldcOmXf%2FVCdkwS1nszrXhpDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 671a267a98a4061c-FRA
content-length: 43

Redirect headers

Date: Tue, 20 Jul 2021 06:32:05 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-nTWzwQ9E2uFEkqrqGp.2UR7Agr6rYR3zN9h0YAY-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 4B18
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=7148528222928203353

43 B
460 B

235ms
235ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=7148528222928203353
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:32:05 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1ajjhxskyQLsM7aiZU33ibrqm7I7xd7QU5sAdeUcGeIRenAdqh5%2Bfm3i%2FFZW8%2Fu45SQ2gariXOBs22GrRuDO5gnewgBtVe7YTwiWv52ogrY3jntQ9mhzsEvITE0Lw78jkDfAx7eZqCjIFdUdHGRUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 671a267a8899061c-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 06:32:05 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4368cc26-bea3-4b28-bce2-a2526b889ae1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=7148528222928203353
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 4B18
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=b5291f7d-b935-413c-b00c-d3c03ddac871

43 B
330 B

122ms
122ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=b5291f7d-b935-413c-b00c-d3c03ddac871
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:32:05 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQWSv1PS8hC0oQ%2FDd%2Bnikj74HjQFiufRrdTmOkhgmbP%2FGpLTqUs0jC5zNjGMGz%2Fzxk%2FLjpZriw1rysGlibfNlF0La0HboERwin07DR3OmaM231%2B75YQlEYjmnRQjJRk%2FcrN6aQeR4GbkIaGO3f0VDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 671a267a5841061c-FRA
content-length: 43

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=b5291f7d-b935-413c-b00c-d3c03ddac871
date: Tue, 20 Jul 2021 06:32:05 GMT
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 4B18
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=76406b7d-48d0-41e7-8bf8-785f7dc7dc6f

43 B
323 B

128ms
128ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=76406b7d-48d0-41e7-8bf8-785f7dc7dc6f
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:32:05 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGcYNCtMOrFoQ2PK1dqy5Iaz7pLHwakvMttIv2Wg0MQOOxZ9h3QR%2BlhfcUgUHwbDej9staCxjpEwIQB1S%2BD0pDDvqAGb8KnG15QADmHVnjgsO53f16tgC2cQwnDWWDWjqnD6EwK6teyUgGincuAGdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 671a267b19a0061c-FRA
content-length: 43

Redirect headers

date: Tue, 20 Jul 2021 06:32:05 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VNjY%2BYjqf%2F2kJgwliPqiIvYv%2BUETQ64nRfd6YytlrSnbj4op0926%2F90zf4sYwFNaWVmpLkAYCe1N1ja9sQ3%2BNG9dM%2BEqhF0CLPOoKE%2Fk25xMH106Vl5zLJnq5X1VHMso2VegUIEnsiEFB3Xv6GY%3D"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=76406b7d-48d0-41e7-8bf8-785f7dc7dc6f
cf-ray: 671a2679ef4b061c-FRA
content-length: 0

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame BFA0 43 B
555 B 74ms
19ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Tue, 20 Jul 2021 06:32:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s57129|YPZt6; path=/; domain=.go.sonobi.com

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D577 14 KB
5 KB 94ms
30ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=120784
expires: Wed, 21 Jul 2021 16:05:09 GMT
date: Tue, 20 Jul 2021 06:32:05 GMT
vary: Accept-Encoding

GET
H2 400 / Show response
ssc-cms.33across.com/ps/ Frame FC27 3 KB
3 KB 339ms
111ms Document
text/html 208.100.17.173
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.173 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip173.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: a250c006d6b747d0c6f489b530218db1547979de974f3c9b5ac51aef8c3ae735

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html;charset=utf-8
content-language: en
content-length: 2705
date: Tue, 20 Jul 2021 06:32:05 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame F295
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1

2 KB
3 KB

46ms
46ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 08f890eae8ec9d1cb0b4aff5ddb54350239cca80ba051f0eab192af043afbe85

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YPZt5XunUkgQeUuGCfuz2QAA; CMPS=1219
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|230|39|45|221|190|195|41
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1873
Expires: Tue, 20 Jul 2021 06:32:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 20 Jul 2021 06:32:05 GMT
Connection: keep-alive
Set-Cookie: CMID=YPZt5XunUkgQeUuGCfuz2QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 20 Jul 2022 06:32:05 GMT CMPS=1219;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 18 Oct 2021 06:32:05 GMT CMPRO=1158;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 18 Oct 2021 06:32:05 GMT CMRUM3=c360f66de505a00&e660f66de52760&be60f66de505a0&dd60f66de52760&2760f66de50b40&2960f66de505a0&f160f66de505a0&2d60f66de505a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 20 Jul 2022 06:32:05 GMT CMST=YPZt5WD2beUA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 21 Jul 2021 06:32:05 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 20 Jul 2021 06:32:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 20 Jul 2021 06:32:05 GMT
Connection: keep-alive
Set-Cookie: CMID=YPZt5XunUkgQeUuGCfuz2QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 20 Jul 2022 06:32:05 GMT CMPS=1219;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 18 Oct 2021 06:32:05 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 1977 2 KB
823 B 22ms
22ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame D577 0
42 B 83ms
25ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=56887091&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:32:04 GMT
content-length: 0

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame F295
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPZt5XunUkgQeUuGCfuz2QAABIYAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPZt5XunUkgQeUuGCfuz2QAABIYAAAIB&dcc=t

43 B
645 B

103ms
103ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPZt5XunUkgQeUuGCfuz2QAABIYAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 06:32:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: BP172NA76N5GZEFHZH9X
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 06:32:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZD52DNAHKYKYNE2Z692X
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPZt5XunUkgQeUuGCfuz2QAABIYAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame F295
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YPZt5XunUkgQeUuGCfuz2QAABIYAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YPZt5XunUkgQeUuGCfuz2QAABIYAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECPv3494st0AKcczR8LaHyk&google_cver=1

43 B
315 B

32ms
32ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECPv3494st0AKcczR8LaHyk&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 06:32:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 20 Jul 2021 06:32:05 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 06:32:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECPv3494st0AKcczR8LaHyk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame F295 70 B
264 B 48ms
46ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YPZt5XunUkgQeUuGCfuz2QAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 06:32:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F295
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YPZt5XunUkgQeUuGCfuz2QAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGyKE6PJzwFwM4fI9eRJlXw&google_cver=1

43 B
1 KB

36ms
36ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGyKE6PJzwFwM4fI9eRJlXw&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 06:32:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 20 Jul 2021 06:32:05 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 06:32:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGyKE6PJzwFwM4fI9eRJlXw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

tpid=YPZt5XunUkgQeUuGCfuz2QAA%261158
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame F295
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YPZt5XunUkgQeUuGCfuz2QAA%261158?gdpr_consent=&us_privacy=&gdpr=1
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YPZt5XunUkgQeUuGCfuz2QAA%261158?gdpr_consent=&us_privacy=&gdpr=1

49 B
264 B

41ms
40ms

Image
image/gif

34.253.109.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YPZt5XunUkgQeUuGCfuz2QAA%261158?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 06:32:05 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.12.78
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 06:32:05 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YPZt5XunUkgQeUuGCfuz2QAA%261158?gdpr_consent=&us_privacy=&gdpr=1
cache-control: no-cache
x-server: 10.45.0.172
content-length: 0
expires: 0

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame F295 0
0 23ms
21ms Image
text/html 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F295
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e855e7df-6e6c-49ff-aab1-330d190d5320

43 B
1011 B

34ms
34ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e855e7df-6e6c-49ff-aab1-330d190d5320
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 06:32:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 20 Jul 2021 06:32:05 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e855e7df-6e6c-49ff-aab1-330d190d5320
date: Tue, 20 Jul 2021 06:32:05 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame F295 43 B
408 B 63ms
19ms Image
image/gif 72.251.241.204
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 06:32:05 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-6
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame F295 43 B
326 B 122ms
120ms Image
image/gif 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YPZt5XunUkgQeUuGCfuz2QAABIYAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:32:05 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5UqoNEcjEIfd0uB2eQ8P6Unv1KX5Lb7ULxya6CQpjBPgtTbEcnjBiaUasZ3fA%2FQTKQl49Ix0MC%2BAVes6hTZXEd8Qxt%2B5OnvjVtBeoGsu%2F2hDZWBwZceNbHInCIG6QdQAmSw0zSi4b20n78ICAld9Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 671a267ad949061c-FRA
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tgpsew.com
URL: https://tgpsew.com/ntload?a=1&e=aeyJwaWQiOjEwNjI4ODEsInNpZCI6MTA2NzU2MSwid2lkIjoxMzg5NDMsImQiOiJzdWJkbC5jb20iLCJsaSI6MTB9&tz=2&if=0

Domain: id5-sync.com
URL: https://id5-sync.com/c/12/112/4/6.gif?puid=1345A751D78768CC&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.zeotap.com/	1970-01-20 04:38:18	Name: zc Value: 59324b72-8a07-4a2b-4e3c-23861afd9cd8

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cst.cstwpush.com/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan version 2.1.7
console-api	info	URL: https://cst.cstwpush.com/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan run tag spots
console-api	info	URL: https://cst.cstwpush.com/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan init spot [object Object]
console-api	info	URL: https://cst.cstwpush.com/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan init spot [object Object]
console-api	log	URL: https://script.clickadilla.com/banner-admanager/build.js(Line 9) Message: Banner for AdManager. Version: 0.0459508890292315
console-api	warning	URL: https://script.clickadilla.com/banner-admanager/build.js(Line 9) Message: No banner mount target found: [data-clickadilla-banner="1066"]
console-api	warning	URL: https://script.clickadilla.com/banner-admanager/build.js(Line 9) Message: No banner mount target found: [data-clickadilla-banner="1065"]
console-api	log	(Line 17) Message: https://subdl.com/s/subtitleUpdate/sd16649
console-api	log	(Line 19) Message: sub up
console-api	error	URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js(Line 439) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849(Line 6) Message: [GPT] Ignoring the PubAdsService.enableSingleRequest() call since the service is already enabled.
console-api	log	URL: https://tag.vlitag.com/v1/1626753360/a38e0e0ce56e7c0101eaca269533bc36.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://tag.vlitag.com/v1/1626753360/a38e0e0ce56e7c0101eaca269533bc36.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://subdl.com/js/stats.js(Line 24) Message: some Data saved!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

27ef20d4e2cff6275a429d08a70f4c73.safeframe.googlesyndication.com
aa.agkn.com
acdn.adnxs.com
ads.pubmatic.com
ads.themoneytizer.com
ads.us.e-planning.net
adservice.google.be
adservice.google.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
ap.lijit.com
api.rlcdn.com
as-sec.casalemedia.com
assets.vlitag.com
bcp.crwdcntrl.net
bidder.criteo.com
bookbannershop.com
c.tmyzer.com
cdn.betgorebysson.club
cdn.jsdelivr.net
ced-ns.sascdn.com
cm.adgrx.com
cm.g.doubleclick.net
cst.cstwpush.com
d2zur9cc2gf1tx.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
eondunpea.com
fonts.googleapis.com
fonts.gstatic.com
g.themoneytizer.net
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs-simple.com
ib.adnxs.com
ice.360yield.com
id.sharedid.org
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
in-page-push.com
in.pdvacde.com
ipp.littlecdn.com
itgiblean.com
jewhouca.net
jighucme.com
js-sec.indexww.com
js.wpushsdk.com
littlecdn.com
match.adsrvr.org
match.sharethrough.com
mp.4dex.io
ms.quantumdex.io
mug.criteo.com
mwzeom.zeotap.com
my.rtmark.net
na.nawpush.com
ndroip.com
nep.advangelists.com
onetag-sys.com
onmarshtompor.com
p.cpx.to
pagead2.googlesyndication.com
pixel.advertising.com
pixel.mathtag.com
pixel.quantserve.com
prebid-eu.creativecdn.com
prebid.a-mo.net
rules.quantcount.com
s.amazon-adsystem.com
script.clickadilla.com
secure.quantserve.com
securepubads.g.doubleclick.net
servboost.tech
services.vlitag.com
spl.zeotap.com
splashforgodm.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
subdl.com
sync.go.sonobi.com
sync.quantumdex.io
tabloidsuggest.com
tag.leadplace.fr
tag.vlitag.com
tgpsew.com
tpc.googlesyndication.com
u-ams02.e-planning.net
ups.analytics.yahoo.com
useast.quantumdex.io
viewm.moonicorn.network
ww1097.smartadserver.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
id5-sync.com
tgpsew.com
109.206.162.83
13.224.89.3
13.248.242.197
136.144.58.223
139.45.195.8
139.45.197.15
139.45.197.236
139.45.197.239
139.45.197.243
139.45.197.81
142.250.184.226
145.239.192.166
145.239.193.145
151.101.13.108
151.139.241.23
152.228.227.59
172.255.6.115
176.34.224.114
178.162.133.149
178.250.2.131
178.250.2.146
18.156.0.31
185.184.8.65
185.33.221.15
185.33.221.53
185.64.190.78
185.86.137.17
192.243.59.20
194.58.108.104
2.18.233.180
2.18.233.201
2.18.234.21
205.185.216.10
208.100.17.173
209.54.178.82
213.174.135.24
213.174.135.25
216.58.212.130
2600:9000:2190:a800:6:44e3:f8c0:93a1
2606:4700:10::6816:1857
2606:4700:10::6816:1874
2606:4700:20::681a:34e
2606:4700:20::681a:eee
2606:4700:3031::ac43:dd65
2606:4700:3033::6815:17a
2606:4700::6810:5f41
2606:4700::6810:a723
2606:4700::6813:e85e
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:800::2003
2a00:1450:4001:801::2001
2a00:1450:4001:801::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200a
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9a
2a00:f940:2:2:1:1:0:250
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:6c00::210:ba29
2a04:4e42:3::485
3.11.29.5
3.126.63.176
3.127.73.204
34.120.133.55
34.216.100.107
34.231.105.138
34.253.109.165
35.158.176.66
35.227.247.230
46.249.52.249
5.178.65.245
51.89.9.254
52.210.129.48
54.171.168.191
54.38.64.100
72.251.241.204
72.251.249.9
88.208.30.231
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
01d21b65e11d78d951e92a45597da8866b9d5508c8fd97e2e527cd5bf713635c
068691e9b48173f74bf194cf9aa42b9afc1ca76c22b995d697930dee2d24bc7a
08f890eae8ec9d1cb0b4aff5ddb54350239cca80ba051f0eab192af043afbe85
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
11995232de4f3d1a0e964186801525fb5d85f20e4e47bc98338648d14520e5e4
13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1
1582bd9500cd40b5e48145ee49c1c545560ece33b3bfc7ba2f29a363abdfc09c
17d7d067b3ae55d458ad5e3cbba16b85e23e6a62c9c4ded0dbc32da6f0917d70
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
19512340d9a32714d1d2adbd379712714eed62b36bdc0d2ea2892fc4792cc8ef
1b75db0e5722775eab0dd769853b3db1f5da999aaabbb8b30bb9fb69e2bfd2cf
203f37686b0290ad3792762df30851c1804f3cfacebf7c8dba0e1d822c470552
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
212294a5f16893bffd79be8dbd50bc41c673b455803c35cd87f998db63bf444c
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
23d09927fa6103e66e73c5d03eff8747df802f568a068bf402e2726ede86f745
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29c05b59c065f80b61637991e37a9e69757d76b64b43d227b5c17a0593f23ccd
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
303f0c618a70421081ab899d61b413b4875e8f632d239d7fccd074be2c94e14d
34c23b497ddd8082de966a179ca647e0530aae34c18e5758b65d86bb7104c84e
35a671251bc18f004d16b56f0e64464e9c9f5954b6da83af275d66a7c536d2ed
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3c5cbaece85077a77bb3a0d8fb29ff1c868baa3c115cac8a608ffe56147cf991
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
41a1857e679cc8f0d48f2a256c2f2d712990396469a662c994e77fa09fc4e210
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
4715e61ef23364459fd94f0926699f194a21f53484a926acf3762720841380f0
4734c7be236f8ec2980468fb2f52519febeb0c32d619535c9b15d5a7e000251d
4af6759404ba54893cfb1b44d50c34f647b4c3746ee6d4152d63279530508ce9
4ddf42e6c72f3fa54bd96c776a9d3ddfe96a1d602595bb6dc01800c870b2379d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb63fdc7730a350373555327d3cc2ce80e133a98f80ab3e96a0c489c267aaf5
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5143ef6170d4a47a67e0ade59f9657ce75ad1b02febfd0f36d395b7e1914732e
516ca39b8754cb5dd66a16ccb86f904fcf4fb39686a4c87a19329195d01b3a30
54ea784269cd544f79e53db0368e3f64ea0fcbef0ef60433c319d08a42257955
57315b91194383a56350bb2239e01bb279c9bc15ca1cb5c13c62461990b2d7b9
5a5601c78ea4e04ea7a2c5e63f48bdbb6095739a5c8d4a25af1328d2413d920f
5cce2306a2b7a641280a0e61d53b3cd645edb91d9389edaa2ba961a29337cfc0
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
664e375a7c6ca8d749dd3aa12d9ad7dd1cc6429b3ff4e28f4e0e6730d21faa8b
6aaa4cfd17d329d412e6f209d8c8ffa82ae43400e51d21ea6c3f3f2224d395bd
6b319959359eed631e2da73311f8d977a108860f3aa5b6788cd82e7889b13be3
6c9217530f052396c07698c0ea94e9f7e418d03c258a32e6b360f09e6589b829
6effce255d7f2979735f1bf309576400a04124d7f45d98e30b9348f3dbae3e34
73967da9d5e9c3f9facbbbea4afa02db331825e4499f75e32804fc681712b733
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
79128d82f7e974b8b7a7837efe69cf291fb863ee14c352bce1564d22a249ea7d
79aa2ea675fee615ed72d18532ada370afa3486a35a0d3e367c81dbbc679ab4b
7c4211437b5f76849cb7279b2e13673d75fc8e01c070576a3238964803673fea
7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c
7e4266121afb19d86aacb3efbf0cd45af58e03377dccbd9d2f0ac254c2f864f8
8344578acdfa3416efadcead0495371ec1c56376d47444452ce3e032cf81b496
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85f3f84f5e29d36213fe0d7b714f1533b21b9b70791b0c129f75df31ee6b521b
87c3dc773b6a3cd4db0a619c65ce20a8048528dd76de853f48a540c413f80c07
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b6f1b48cd5175f987c8d9c15233cde35ad4a06473c89b4f46076b6fc3259e6b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da935c18168ab5561137d875449b7b5b4e38ec854c5f3d2296823cf0b93a3f9
8f40eb8f12acaa274789ed4fd686d118c75446d263a3951e27a0ed27a3cddfc8
9411bba13ac9d988cf2adddd933602dd8923d1cb8afb0241e4daa7a914d1ff1b
9832d569aad4acc2a825cdfbbb08f207e161ad0ae8b06cf7740b78f41d0500bd
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
9a6c398e4093449ec03a42f829527a740f4d53c592ad0edd036f5f8fdbfd631a
9f15b8af7867594bc1eca497e2318cf93c0c7d4d72210d101822f4e9e2dabbfb
9ff436fab49df92696f967740c5e06e9d3c23f81d8224d2c8056c718fcb5671f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e7a55ca212cf9fbce4695489dd4aa21f9a6e82219ea4535636e1af4ee67435
a250c006d6b747d0c6f489b530218db1547979de974f3c9b5ac51aef8c3ae735
a33f0dff45ec00a74d89c8c07a2dd118b32b6e09e76f1286a0496fa3f7a50a9e
a3540c12b0002f18e4625e209ffc599cfc484a6749cf9ebc5af653075720d887
a3977efef5215f018d68e249348803f07c8d4828660fd154ffc72d2b85afedde
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ae81682ad039df7411347b89c511484b7f3d63fd41660df5b12759f2a453f11d
af00002220c22fbb4d3b3fcf80eac8e89f1f1432ad4c0b5f010a083c769f0210
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b448e67b62dddd9f97c0cd148d031c36e52f46d872b395552ee034e573350f0f
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b72d02b125c22f5a242d08b1cfa4d06cb24af1012ecb71ff0a3f0409936df397
b780c05b9b8e1f7acff640ef794ca777ffa43e5d4354a84eebf3dd98975f8675
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac
be9217659e6c290e433ee9f204882ab2adec018e31b18047c538e5d040ab3999
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c478b284e1f4ad7641fb6096c81262a1460c52baa524b7ac0673a3eb931996a9
cae5e15438046c7b624cfdfb28201d0bbed94af739c52727c5cc4a8ec60aaa4e
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc6799e5d7a80f65dbcf0d769767c90f0bcc1d71c22d8784695552494e6496b7
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d214fff5feb960756e38628aec462cec6d840a3744cb976acdb6eb68d9c3a26c
d2c42d1ab225018d3d446ce7f3178e25b9ee7a744bb0d47d99052ab914469b06
d38d9f6700a1231af6fe5ba13c13861160d70cc3b05b1ccacff37c8b537e1e51
d4c49848dafab0f2179662d6451b1481010d11af42ad23ff37e2062491d38e58
dc7d71e7d5d945325845bb111de15e91913c771d8ec2903a6d88031151c21c77
dc9e1eb95c07f91b563e1d60d116f46caa50a63a214652528d002594b7f78f9c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0c33471158b183e0cc6bde6fd6fa614e82220087dc9a05017571ddad9c4426b
e1fe9cd1e90b583ba58d2bb0ed5b7a72c2d7d60b81e2c142a8bc66916d24a1b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf
e619814571ed766753a2d70e2cd4b3f0e2f5548bba2f464af4bcdf747ecf36d5
e969b16f254575e7eb4aa63ee6a603921a8e23e96e462036339eb4324a7c326f
e9ce2fa8bb72095774c5bae58dbaadce9997155424f273e7fe8defb902883e59
ec1d0dcf5283896671dfa61c998d05fec60bb0b166a9d13c376f9b59d2843c3a
ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
f4e4f8350b4ab2bdfeba46488ee6b0f4c1f05794979042ea3da496b0116e04d1
fc63b746bd89683fc3915b4f22ef93da9ad313524f16c3a618f7288cffe989e4
ff740ec598862df26c33f682103479c0d08ef731a9a12ddec5a409a9337e57fc

subdl.com Open in urlscan Pro 2606:4700:3031::ac43:dd65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

188 Requests

98 %HTTPS

36 %IPv6

79 Domains

101 Subdomains

79 IPs

10 Countries

2180 kBTransfer

5207 kBSize

1 Cookies

3 Outgoing links

Redirected requests

188 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

subdl.com Open in urlscan Pro
2606:4700:3031::ac43:dd65 Public Scan

Screenshot
Live screenshot

Full Image

188
Requests

98 %
HTTPS

36 %
IPv6

79
Domains

101
Subdomains

79
IPs

10
Countries

2180 kB
Transfer

5207 kB
Size

1
Cookies

188 HTTP transactions
1 data transactions