lanterman.web.fc2.com Open in urlscan Pro
104.244.99.169 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://lanterman.web.fc2.com/
Submission: On August 28 via manual (August 28th 2023, 3:29:02 pm UTC) from PL — Scanned from PL

Summary HTTP 262 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 55 IPs in 10 countries across 46 domains to perform 262 HTTP transactions. The main IP is 104.244.99.169, located in United States and belongs to FC2-INC-2, US. The main domain is lanterman.web.fc2.com.

This is the only time lanterman.web.fc2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	104.244.99.169 104.244.99.169	63210 (FC2-INC-2) (FC2-INC-2)
23	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 2	192.104.182.109 192.104.182.109	10668 (LEE-ASN) (LEE-ASN)
1	192.0.72.21 192.0.72.21	2635 (AUTOMATTIC) (AUTOMATTIC)
1 1	23.36.162.78 23.36.162.78	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.36.162.71 23.36.162.71	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	92.205.2.206 92.205.2.206	21499 (GODADDY-SXB) (GODADDY-SXB)
1	204.228.68.58 204.228.68.58	62671 (UNIVERSIT...) (UNIVERSITY-OF-COLORADO-SYSTEM)
1 2	23.227.60.200 23.227.60.200	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.244.99.54 104.244.99.54	63210 (FC2-INC-2) (FC2-INC-2)
1	94.229.72.117 94.229.72.117	42831 (UKSERVERS...) (UKSERVERS-AS UK Dedicated Servers)
3	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1 1	142.250.186.110 142.250.186.110	15169 (GOOGLE) (GOOGLE)
1 8	142.250.185.68 142.250.185.68	15169 (GOOGLE) (GOOGLE)
1	104.244.99.106 104.244.99.106	63210 (FC2-INC-2) (FC2-INC-2)
6 37	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
5	172.217.16.138 172.217.16.138	15169 (GOOGLE) (GOOGLE)
1 37	142.250.185.161 142.250.185.161	15169 (GOOGLE) (GOOGLE)
2	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
1	172.217.16.206 172.217.16.206	15169 (GOOGLE) (GOOGLE)
6	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
6	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
2	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3	178.79.242.41 178.79.242.41	22822 (LLNW) (LLNW)
6	104.244.99.100 104.244.99.100	63210 (FC2-INC-2) (FC2-INC-2)
1	104.244.99.68 104.244.99.68	63210 (FC2-INC-2) (FC2-INC-2)
5	199.48.209.214 199.48.209.214	63210 (FC2-INC-2) (FC2-INC-2)
4 8	14.0.41.202 14.0.41.202	54994 (ML-1432-5...) (ML-1432-54994)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
4	99.86.4.114 99.86.4.114	16509 (AMAZON-02) (AMAZON-02)
6	23.36.162.72 23.36.162.72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	202.233.84.9 202.233.84.9	131957 (MICROAD M...) (MICROAD MicroAd)
6	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
4	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	34.120.96.193 34.120.96.193	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	91.228.74.159 91.228.74.159	16509 (AMAZON-02) (AMAZON-02)
5 5	3.122.33.96 3.122.33.96	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	18.196.138.245 18.196.138.245	16509 (AMAZON-02) (AMAZON-02)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	63.215.202.137 63.215.202.137	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 5	104.18.25.173 104.18.25.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5 5	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
1	3.9.242.113 3.9.242.113	16509 (AMAZON-02) (AMAZON-02)
2 2	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
3 6	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 1	54.194.117.149 54.194.117.149	16509 (AMAZON-02) (AMAZON-02)
1 2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
27	104.17.201.110 104.17.201.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	130.211.14.194 130.211.14.194	15169 (GOOGLE) (GOOGLE)
4	202.233.84.10 202.233.84.10	131957 (MICROAD M...) (MICROAD MicroAd)
2	54.248.70.17 54.248.70.17	16509 (AMAZON-02) (AMAZON-02)
2	18.178.179.45 18.178.179.45	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.108 18.66.147.108	16509 (AMAZON-02) (AMAZON-02)
1	23.214.228.171 23.214.228.171	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.250.1.3 178.250.1.3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.194.4.143 52.194.4.143	() ()
1	35.201.98.24 35.201.98.24	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
262	55

11 104.244.99.169 (United States)

ASN63210 (FC2-INC-2, US)

lanterman.web.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.104.182.109 (United States) 1 redirects

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com

www.southhaventribune.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.heraldpalladium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.21 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

localtvwqad.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.162.78 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-78.deploy.static.akamaitechnologies.com

s3.india.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.162.71 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-71.deploy.static.akamaitechnologies.com

s3.india.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.205.2.206 (Strasbourg, France) 1 redirects

ASN21499 (GODADDY-SXB, DE)
PTR: 206.2.205.92.host.secureserver.net

www.woodlandsnaturalhealthcentre.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.228.68.58 (Arvada, United States)

ASN62671 (UNIVERSITY-OF-COLORADO-SYSTEM, US)
PTR: www.cusys.edu

www.cusys.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.227.60.200 (Canada) 1 redirects

ASN13335 (CLOUDFLARENET, US)
PTR: cdn.shopify.com

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.99.54 (United States)

ASN63210 (FC2-INC-2, US)

media.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.229.72.117 (London, United Kingdom)

ASN42831 (UKSERVERS-AS UK Dedicated Servers, Hosting and Co-Location, GB)
PTR: no.rdns.ukservers.com

secularcoalition.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.110 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.68 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.99.106 (United States)

ASN63210 (FC2-INC-2, US)

vip.chps-api.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 142.250.185.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f138.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 142.250.185.161 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f14.1e100.net

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.79.242.41 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-41.fra.llnw.net

static.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.244.99.100 (United States)

ASN63210 (FC2-INC-2, US)

media5.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.99.68 (United States)

ASN63210 (FC2-INC-2, US)

textad.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.48.209.214 (United States)

ASN63210 (FC2-INC-2, US)

storage1000-textad.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 14.0.41.202 (Osaka, Japan) 4 redirects

ASN54994 (ML-1432-54994, CA)

j.microad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jgl.microad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.4.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-114.fra6.r.cloudfront.net

cache.send.microadinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.36.162.72 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-72.deploy.static.akamaitechnologies.com

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 202.233.84.9 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

s-rtb.send.microadinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.96.193 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 193.96.120.34.bc.googleusercontent.com

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.159 (United Kingdom)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.122.33.96 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-33-96.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.138.245 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-138-245.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.215.202.137 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams01-nessy-float1.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.25.173 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.91.62.186 (Groningen, Netherlands) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.6.243 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.9.242.113 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-242-113.eu-west-2.compute.amazonaws.com

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.86.98 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 46.228.164.11 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.117.149 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-117-149.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 104.17.201.110 (None, )

ASN13335 (CLOUDFLARENET, US)

c.bannerflow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.14.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.14.211.130.bc.googleusercontent.com

cdn-fluct.sh.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 202.233.84.10 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

ssp.send.microadinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.248.70.17 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-248-70-17.ap-northeast-1.compute.amazonaws.com

sh.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.178.179.45 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-178-179-45.ap-northeast-1.compute.amazonaws.com

i.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-108.fra60.r.cloudfront.net

j.zucks.net.zimg.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.214.228.171 (Haarlem, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-214-228-171.deploy.static.akamaitechnologies.com

cdn.gmossp-sp.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.194.4.143 (None, )

ASN- ()

sh.zucks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.98.24 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 24.98.201.35.bc.googleusercontent.com

sp.gmossp-sp.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	654 KB
37	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 cm.g.doubleclick.net — Cisco Umbrella Rank: 242	236 KB
30	fc2.com lanterman.web.fc2.com media.fc2.com — Cisco Umbrella Rank: 456402 vip.chps-api.fc2.com static.fc2.com — Cisco Umbrella Rank: 289900 media5.fc2.com textad.fc2.com storage1000-textad.fc2.com	445 KB
27	bannerflow.net c.bannerflow.net — Cisco Umbrella Rank: 10169	618 KB
12	microadinc.com cache.send.microadinc.com — Cisco Umbrella Rank: 154058 s-rtb.send.microadinc.com — Cisco Umbrella Rank: 134677 ssp.send.microadinc.com — Cisco Umbrella Rank: 138843	21 KB
11	gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com www.gstatic.com fonts.gstatic.com	185 KB
9	google.com 2 redirects cse.google.com — Cisco Umbrella Rank: 3083 www.google.com — Cisco Umbrella Rank: 2	2 KB
8	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 25338 audiencedata.im-apps.net — Cisco Umbrella Rank: 28011	14 KB
8	microad.net 4 redirects j.microad.net — Cisco Umbrella Rank: 128177 jgl.microad.net — Cisco Umbrella Rank: 165184	119 KB
6	adingo.jp cdn-fluct.sh.adingo.jp — Cisco Umbrella Rank: 148634 sh.adingo.jp — Cisco Umbrella Rank: 72198 i.adingo.jp — Cisco Umbrella Rank: 105620	11 KB
6	turn.com 3 redirects ad.turn.com — Cisco Umbrella Rank: 864 r.turn.com — Cisco Umbrella Rank: 4052	3 KB
6	criteo.com gum.criteo.com — Cisco Umbrella Rank: 435 dis.criteo.com — Cisco Umbrella Rank: 626	8 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 328	122 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 222	340 KB
5	adform.net 5 redirects c1.adform.net — Cisco Umbrella Rank: 597	3 KB
5	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 817 s.tribalfusion.com — Cisco Umbrella Rank: 1944	3 KB
5	w55c.net 5 redirects pm.w55c.net — Cisco Umbrella Rank: 877	4 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45	5 KB
5	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1120 www.googleadservices.com — Cisco Umbrella Rank: 150	599 B
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 360	1 KB
4	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1014 syndication.twitter.com — Cisco Umbrella Rank: 1273	135 KB
3	simpli.fi 3 redirects um.simpli.fi — Cisco Umbrella Rank: 800	2 KB
3	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3135	310 B
2	gmossp-sp.jp cdn.gmossp-sp.jp — Cisco Umbrella Rank: 167586 sp.gmossp-sp.jp — Cisco Umbrella Rank: 82463	12 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1339	450 B
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 771	675 B
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 798	928 B
2	shopify.com 1 redirects cdn.shopify.com — Cisco Umbrella Rank: 2408	169 KB
2	woodlandsnaturalhealthcentre.co.uk 1 redirects www.woodlandsnaturalhealthcentre.co.uk	387 B
2	india.com 1 redirects s3.india.com — Cisco Umbrella Rank: 831011	38 KB
1	zucks.net sh.zucks.net k.zucks.net Failed	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 621	41 KB
1	zimg.jp j.zucks.net.zimg.jp — Cisco Umbrella Rank: 116837	3 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 458	716 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 7139	625 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1906	297 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 352	146 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6414	553 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1116	732 B
1	secularcoalition.info secularcoalition.info
1	cusys.edu www.cusys.edu	8 KB
1	wordpress.com localtvwqad.files.wordpress.com
1	heraldpalladium.com www.heraldpalladium.com
1	southhaventribune.net 1 redirects www.southhaventribune.net	248 B
0	xosnetwork.com Failed image.cdnllnwnl.xosnetwork.com Failed
0	indiana.edu Failed mcnair.indiana.edu Failed
262	46

	Domain	Requested by
37	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net lanterman.web.fc2.com tpc.googlesyndication.com pagead2.googlesyndication.com
27	c.bannerflow.net	s0.2mdn.net c.bannerflow.net lanterman.web.fc2.com
24	cm.g.doubleclick.net	4 redirects lanterman.web.fc2.com googleads.g.doubleclick.net
23	pagead2.googlesyndication.com	lanterman.web.fc2.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
13	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
11	lanterman.web.fc2.com	lanterman.web.fc2.com
8	www.google.com	1 redirects lanterman.web.fc2.com googleads.g.doubleclick.net tpc.googlesyndication.com
6	s0.2mdn.net	lanterman.web.fc2.com googleads.g.doubleclick.net s0.2mdn.net
6	dmp.im-apps.net	j.microad.net cdn.gmossp-sp.jp dmp.im-apps.net
6	media5.fc2.com	static.fc2.com media5.fc2.com lanterman.web.fc2.com
6	www.gstatic.com	googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net lanterman.web.fc2.com
5	c1.adform.net	5 redirects
5	pm.w55c.net	5 redirects
5	storage1000-textad.fc2.com	lanterman.web.fc2.com
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	ssp.send.microadinc.com	media5.fc2.com
4	match.adsrvr.org	googleads.g.doubleclick.net
4	gum.criteo.com	cache.send.microadinc.com static.criteo.net gum.criteo.com
4	s-rtb.send.microadinc.com	j.microad.net
4	cache.send.microadinc.com	j.microad.net
4	jgl.microad.net	media5.fc2.com
4	j.microad.net	4 redirects
4	www.googleadservices.com	lanterman.web.fc2.com
3	r.turn.com	googleads.g.doubleclick.net lanterman.web.fc2.com
3	ad.turn.com	3 redirects
3	um.simpli.fi	3 redirects
3	a.tribalfusion.com	2 redirects googleads.g.doubleclick.net
3	dclk-match.dotomi.com	googleads.g.doubleclick.net
3	static.fc2.com	vip.chps-api.fc2.com static.fc2.com
3	platform.twitter.com	lanterman.web.fc2.com platform.twitter.com
3	media.fc2.com	lanterman.web.fc2.com static.fc2.com
2	i.adingo.jp	media5.fc2.com
2	sh.adingo.jp	cdn-fluct.sh.adingo.jp
2	cdn-fluct.sh.adingo.jp	j.microad.net
2	sync.teads.tv	1 redirects lanterman.web.fc2.com
2	onetag-sys.com	2 redirects
2	s.tribalfusion.com	googleads.g.doubleclick.net
2	dis.criteo.com	googleads.g.doubleclick.net
2	cms.quantserve.com	googleads.g.doubleclick.net
2	audiencedata.im-apps.net	dmp.im-apps.net
2	fonts.gstatic.com	fonts.googleapis.com
2	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
2	cdn.shopify.com	1 redirects lanterman.web.fc2.com
2	www.woodlandsnaturalhealthcentre.co.uk	1 redirects lanterman.web.fc2.com
2	s3.india.com	1 redirects lanterman.web.fc2.com
1	sp.gmossp-sp.jp	cdn.gmossp-sp.jp
1	sh.zucks.net	j.zucks.net.zimg.jp
1	static.criteo.net	cdn.gmossp-sp.jp
1	cdn.gmossp-sp.jp	j.microad.net
1	j.zucks.net.zimg.jp	j.microad.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	ius.ctnsnet.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	x.bidswitch.net	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	sync.mathtag.com	1 redirects
1	syndication.twitter.com	platform.twitter.com
1	textad.fc2.com	static.fc2.com
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	vip.chps-api.fc2.com	lanterman.web.fc2.com
1	cse.google.com	1 redirects
1	secularcoalition.info	lanterman.web.fc2.com
1	www.cusys.edu	lanterman.web.fc2.com
1	localtvwqad.files.wordpress.com	lanterman.web.fc2.com
1	www.heraldpalladium.com	lanterman.web.fc2.com
1	www.southhaventribune.net	1 redirects
0	k.zucks.net Failed
0	image.cdnllnwnl.xosnetwork.com Failed	lanterman.web.fc2.com
0	mcnair.indiana.edu Failed	lanterman.web.fc2.com
262	71

This site contains links to these domains. Also see Links.

Domain
twitter.com
essaydot.conajans.com
paymetodoyourhomework.ukessays.xyz
custompaperwritingservice.grabmyessay.life
assignmentmasters.grabmyessay.life
procustomwriting.init-ltd.com
craftanessay.coolessay.xyz
web.fc2.com
textad.net

Subject Issuer	Validity	Valid
*.files.wordpress.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
cusys.edu Sectigo RSA Organization Validation Secure Server CA	`2022-12-14` - `2023-12-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.fc2.com RapidSSL TLS RSA CA G1	`2023-06-09` - `2024-07-08`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-08-20`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
cache.send.microadinc.com Amazon RSA 2048 M02	`2023-01-24` - `2024-02-22`	a year	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.send.microadinc.com GlobalSign RSA OV SSL CA 2018	`2022-10-05` - `2023-11-06`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
cdn-fluct.sh.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2022-10-12` - `2023-10-15`	a year	crt.sh
*.adingo.jp Amazon RSA 2048 M01	`2023-02-13` - `2023-11-11`	9 months	crt.sh
j.zucks.net.zimg.jp Amazon RSA 2048 M01	`2023-03-01` - `2023-11-27`	9 months	crt.sh
cdn.ad-cloud.jp GeoTrust RSA CA 2018	`2023-06-07` - `2024-06-07`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
sh.zucks.net Amazon RSA 2048 M02	`2023-04-02` - `2024-04-30`	a year	crt.sh
sp.gmossp-sp.jp GTS CA 1D4	`2023-07-15` - `2023-10-13`	3 months	crt.sh

This page contains 47 frames:

Primary Page: http://lanterman.web.fc2.com/
Frame ID: FA89666E48D5EACFA12B69FE2579C131
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/zrt_lookup.html
Frame ID: BF0F0AF1B05165D1049058E8129821AB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=600&slotname=3865380065&adk=2462822920&adf=233326967&pi=t.ma~as.3865380065&w=235&fwrn=4&fwrnh=100&lmt=1519982746&rafmt=1&format=235x600&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1693236529225&bpp=6&bdt=880&idt=417&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&correlator=7286624821826&frm=20&pv=2&ga_vid=216198697.1693236530&ga_sid=1693236530&ga_hid=307188461&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=270&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077370&oid=2&pvsid=815033577226452&tmod=1169466614&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AYsjVFNHV9&p=http%3A//lanterman.web.fc2.com&dtd=431
Frame ID: 4E123012A2D22EFF48EE2F3F2E0A67D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=280&slotname=3865380065&adk=3534818277&adf=2051345969&pi=t.ma~as.3865380065&w=800&fwrn=4&fwrnh=100&lmt=1519982746&rafmt=1&format=800x280&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1693236529231&bpp=2&bdt=886&idt=435&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&prev_fmts=235x600&correlator=7286624821826&frm=20&pv=1&ga_vid=216198697.1693236530&ga_sid=1693236530&ga_hid=307188461&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077370&oid=2&pvsid=815033577226452&tmod=1169466614&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Rcfm9ap4W8&p=http%3A//lanterman.web.fc2.com&dtd=439
Frame ID: 0E45EEC669C751A9F75D336A947B47A7
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js
Frame ID: 4BA7303F7C6ADEE9E148E9F46B9E3130
Requests: 1 HTTP requests in this frame

Frame: https://media5.fc2.com/1187/
Frame ID: 637DD9E6E6A62231DE9E9F5D9F4841FC
Requests: 7 HTTP requests in this frame

Frame: https://media5.fc2.com/1188/
Frame ID: 8230E932159D5890EADC3642BC07C1E4
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&adk=1812271804&adf=3025194257&lmt=1519982746&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x540_l%7C236x540_r&format=0x0&url=http%3A%2F%2Flanterman.web.fc2.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&dt=1693236534262&bpp=1&bdt=5917&idt=1&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98aa37815e78d97f-226094385fde007e%3AT%3D1693236529%3ART%3D1693236529%3AS%3DALNI_MYS07xBOu7MWu-fxDuXMXba1vF9Iw&gpic=UID%3D00000d8e4b362f28%3AT%3D1693236529%3ART%3D1693236529%3AS%3DALNI_MbKfFRux5vW5K9ZI3ZjoGlmcJkMfw&prev_fmts=235x600%2C800x280&nras=1&correlator=7286624821826&frm=20&pv=1&ga_vid=216198697.1693236530&ga_sid=1693236530&ga_hid=307188461&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077370&oid=2&psts=AOrYGskajdcBEFw6oFxt7Utb6sgo8AgBv65UAXXYLaT7S9NspbjPM6Lyn0bMSOB8LZOIlv-rTY7eas46DGUWQEXTe-V55w&pvsid=815033577226452&tmod=1169466614&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=10
Frame ID: 745231AAD2582B2084D0BED4781B5607
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Flanterman.web.fc2.com
Frame ID: FC330324532716E3CE73D39A424F9C5D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=280&adk=1221782170&adf=3105276512&pi=t.aa~a.1914032700~i.10~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1519982746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2593758635&ad_type=text_image&format=800x280&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1693236535350&bpp=1&bdt=7005&idt=1&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98aa37815e78d97f-226094385fde007e%3AT%3D1693236529%3ART%3D1693236529%3AS%3DALNI_MYS07xBOu7MWu-fxDuXMXba1vF9Iw&gpic=UID%3D00000d8e4b362f28%3AT%3D1693236529%3ART%3D1693236529%3AS%3DALNI_MbKfFRux5vW5K9ZI3ZjoGlmcJkMfw&prev_fmts=235x600%2C800x280%2C0x0&nras=2&correlator=7286624821826&frm=20&pv=1&ga_vid=216198697.1693236530&ga_sid=1693236530&ga_hid=307188461&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=3033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077370&oid=2&psts=AOrYGskajdcBEFw6oFxt7Utb6sgo8AgBv65UAXXYLaT7S9NspbjPM6Lyn0bMSOB8LZOIlv-rTY7eas46DGUWQEXTe-V55w&pvsid=815033577226452&tmod=1169466614&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=o7hLIvnGQF&p=http%3A//lanterman.web.fc2.com&dtd=5
Frame ID: 39668B01DAB041A8496D7A6A9F6D15BD
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Frame ID: 83DBFD5C5F45A8914473D8B8FD60A180
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Frame ID: 27070A6B85EB59B42223264F1F06F5EF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Frame ID: F495E01DDDC9F591D5805FC373AD528B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6EF58F350FC9E30BE35486093374787A
Requests: 10 HTTP requests in this frame

Frame: https://cache.send.microadinc.com/js/cookie_loader.html
Frame ID: 710EF26677A4CCB3860CDE3F955FDAFD
Requests: 2 HTTP requests in this frame

Frame: https://cache.send.microadinc.com/js/cookie_loader.html
Frame ID: 913548D4ABD64868058708D00523830E
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: 2F06D1B7A7480263C9571954C00F1F73
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: 45C712F7058A27186BF51B2E260D3BC2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EBA0143531CBB8BD8B63D0B4C3148EF4
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: FDAFD1D07FC3E2214AEF3126419F17D9
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 84DB3EE63B972D057FA7640BD75BBA55
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EDB24A2175C7A8F3EC5425E135938C8B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5A082FBA9A9D3F65C6AA06AD3449A18D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CEF5D33B83932BE47D1B1712232C27BF
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E5D87190E3ABCD6F1BB63E7FC02A1272
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DEEAD2A2F9EB4E912AB8415C1BDA8B5C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js
Frame ID: 46A06F10FE2244C021B29268957C8308
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3528926253E6A824F07EDDE1C67BC0B8
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12848455575800905728/CEE-PL_FX_Productrange-Polish-160x600-638181878750177544-2a8953fd-4da6-43f1-a1ab-5e58d59c9f74.html?ev=01_250
Frame ID: 54442F8A3228F1FA8AEF283032626D83
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12848455575800905728/CEE-PL_FX_Productrange-Polish-160x600-638181878750177544-2a8953fd-4da6-43f1-a1ab-5e58d59c9f74.html?ev=01_250
Frame ID: 8B9C9B4F955C6F93AA8DB5AB8B6F7470
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js
Frame ID: B1B835A0A5E632021113DD9AA422BA65
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js
Frame ID: 00DE1E95B14FDCE8B094036FD243DFC4
Requests: 1 HTTP requests in this frame

Frame: https://cdn-fluct.sh.adingo.jp/f.js?G=1000107337
Frame ID: F1CD94A707F56A70507E56E233BFC07D
Requests: 7 HTTP requests in this frame

Frame: https://cdn-fluct.sh.adingo.jp/f.js?G=1000107338
Frame ID: 05249D741E0631174FF16F3A7B0D74AA
Requests: 7 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/b96ab2ad-35cb-4763-82c5-34d526847a28
Frame ID: 27E31CCFBE210C21371812B3B39CB750
Requests: 1 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/a87fa8f9-44af-4d8b-ab95-299f4fcb4eda
Frame ID: A11E3099DD4BA70AB54807748D78F632
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/021777fe-341b-416a-97a2-eb2576dc6474.svg
Frame ID: CD3045FC4819E1A7F7EDB69627127607
Requests: 4 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/021777fe-341b-416a-97a2-eb2576dc6474.svg
Frame ID: D0FAE59F8232E8ABC43F3224B184EECA
Requests: 4 HTTP requests in this frame

Frame: https://c.bannerflow.net/bf-videos/5a0d39df4b0d911948f0e725/Saxo_AO_FX_Mobile_6Screens_2-84d8088b35094022aaf0c5f07eb84dc8.webm
Frame ID: 6EF8115565BB7A1921EE2CBB2D7B1CC0
Requests: 3 HTTP requests in this frame

Frame: https://c.bannerflow.net/bf-videos/5a0d39df4b0d911948f0e725/Saxo_AO_FX_Mobile_6Screens_2-84d8088b35094022aaf0c5f07eb84dc8.webm
Frame ID: BEE103D4F19DC4736C5CF791486F5DD3
Requests: 2 HTTP requests in this frame

Frame: https://cache.send.microadinc.com/js/cookie_loader.html
Frame ID: 4038F9A2B7A5E5C3A708A94FB692E17B
Requests: 1 HTTP requests in this frame

Frame: https://cache.send.microadinc.com/js/cookie_loader.html
Frame ID: 6A32973F3CD057F3846ADC936D6406E1
Requests: 1 HTTP requests in this frame

Frame: https://j.zucks.net.zimg.jp/n?f=_57ad65eb99
Frame ID: 7EDE4CA5436396EB25BE8DF0564B0952
Requests: 3 HTTP requests in this frame

Frame: https://cdn.gmossp-sp.jp/ads/loader.js?space_id=g914507
Frame ID: 6A08A17C8BAC4B974AA618493B03161D
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=lanterman.web.fc2.com
Frame ID: 48E03656331E7427A9004FA30A882EC8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3D9011B76CBF6FB86A8D38C627814E7C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BBDDFF4BB2FD1695F423377ECBB88FC7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Write My Essay : 100% Original Content - cost of attendance university of michigan law faculty - lanterman.web.fc2.com

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

262
Requests

78 %
HTTPS

0 %
IPv6

46
Domains

71
Subdomains

55
IPs

10
Countries

3189 kB
Transfer

7782 kB
Size

23
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/hashtag/buyessay
Title: #buyessay

Search URL Search Domain Scan URL

URL: http://essaydot.conajans.com/free-essays/8/paper/university-of-california-berkeley-wellness-letter-april-2000-stock/
Title: university of california berkeley wellness letter april 2000 stock...

Search URL Search Domain Scan URL

URL: http://paymetodoyourhomework.ukessays.xyz/topic/4/paper/visit-malaysia-year-essay-help/
Title: visit malaysia year essay help...

Search URL Search Domain Scan URL

URL: http://custompaperwritingservice.grabmyessay.life/article/6/essay/lucas-jenkins-university-of-wisconsin/
Title: lucas jenkins university of wisconsin...

Search URL Search Domain Scan URL

URL: http://assignmentmasters.grabmyessay.life/topic/1/essay/how-do-i-start-my-essay-off/
Title: how do i start my essay off...

Search URL Search Domain Scan URL

URL: http://procustomwriting.init-ltd.com/article/2/paper/western-university-canada-location-video/
Title: western university canada location video...

Search URL Search Domain Scan URL

URL: http://craftanessay.coolessay.xyz/review/3/essay/university-of-ottawa-electronic-thesis-dissertation/
Title: university of ottawa electronic thesis dissertation...

Search URL Search Domain Scan URL

URL: http://web.fc2.com/
Title: Powered by FC2ホームページ

Search URL Search Domain Scan URL

URL: https://textad.net/cgi-bin/redir.cgi?uid=12572&bid=1&site=https://contents.fc2.com/?tag=TXpjMk1EY3dOak09&dref=textad_general

Search URL Search Domain Scan URL

URL: https://textad.net/cgi-bin/redir.cgi?uid=12572&bid=6&site=https://cart.fc2.com/

Search URL Search Domain Scan URL

URL: https://textad.net/cgi-bin/redir.cgi?uid=12572&bid=5&site=http://domain.fc2.com/ex/

Search URL Search Domain Scan URL

URL: https://textad.net/cgi-bin/redir.cgi?uid=12572&bid=4&site=https://web.fc2.com/fc2html/wordpress.html

Search URL Search Domain Scan URL

URL: https://textad.net/cgi-bin/redir.cgi?uid=12572&bid=7&site=https://domain.fc2.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://www.southhaventribune.net/yahoo_site_admin/assets/images/Miller_WEB.10080613_std.jpg HTTP 301
https://www.heraldpalladium.com/southhaventribune/yahoo_site_admin/assets/images/Miller_WEB.10080613_std.jpg

Request Chain 10

http://s3.india.com/wp-content/uploads/2016/08/teacher.jpg HTTP 301
https://s3.india.com/wp-content/uploads/2016/08/teacher.jpg

Request Chain 11

http://www.woodlandsnaturalhealthcentre.co.uk/wp-content/uploads/2011/10/NicholaSaundersLeaflet_inside.jpg HTTP 301
https://www.woodlandsnaturalhealthcentre.co.uk/wp-content/uploads/2011/10/NicholaSaundersLeaflet_inside.jpg

Request Chain 13

http://cdn.shopify.com/s/files/1/0659/0325/files/kyle_field.jpg?1819117143250975351 HTTP 301
https://cdn.shopify.com/s/files/1/0659/0325/files/kyle_field.jpg?1819117143250975351

Request Chain 18

https://cse.google.com/cse.js?cx=008587068278864670770:l6eqms_gbn0 HTTP 302
https://www.google.com/sorry/index?continue=https://cse.google.com/cse.js%3Fcx%3D008587068278864670770:l6eqms_gbn0&q=EgSwQ1a5GLH6sqcGIjBNLAAYXx7ff2rsJf3tg4g9AgJbxj8C3ajgwA2MpiOdeIgaUFhfN1_h4mgE1wb6iFUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

Request Chain 35

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDbsKyBCBCABBiAATII5oEQje8B24g HTTP 301
https://tpc.googlesyndication.com/simgad/7383912002397655444

Request Chain 43

https://googleads.g.doubleclick.net/pagead/adview?ai=C9qzhMb3sZMKeMMjGxtYP2u2G-AnxmMLcb8jHiYSQDobx_f6iOBABIKv6jB5g6eTJhdgaoAH767zPA8gBCakCik-GOUc2kD6oAwHIA8uEgIAEqgTgAU_QSUKIZEWYUr8GjtJRMU23jANycXXyF70sgon8wJ8fXtrAYwdKF5QuLy4HP1NX38CXsr4eH-RMFCOpz8_xE52UAsCTUvyy_P9ty_xd8EOrVkV6mZMr0OHz9ifbaD3uSilm-AsQ5uMPaPQ8F5WdG2zP3PS0iaeymlf1WfegXTtS7szlLgFQsb3oJxzMKD-EGDmP7NS5qgyYa5H6rWjTnPOn8J1bpzIuTv0NDhikZsIE8s0P_wNtoM_vbarzrI8xILBIMh6YEV9nIoN5GxZqP7ccXDZeD126RQ2jna_aMmd8wASt85W-cIgF8ejwqwKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH7ZPDMKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBD64ALSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkUaHR0cHM6Ly93d3cuY2VuZW8ucGyACgHICwHYEwyIFALQFQGYFgGAFwGyFxwKGggAEhRwdWItNjg5MDI4NzI1MDk3NTY3ORgA&sigh=jdTr_lAHrjs&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWfNyMbcRk6kdF2K-UvqwAn8BJXGEwdBgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218444541057885588113%22,%22debug_reporting%22:true,%22destination%22:%22https://ceneo.pl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22971978235%22],%224%22:[%2208-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210719437560270655681%22}&andc=true

Request Chain 59

https://j.microad.net/js/compass.js HTTP 302
https://jgl.microad.net/js/compass.js

Request Chain 66

https://j.microad.net/js/compass.js HTTP 302
https://jgl.microad.net/js/compass.js

Request Chain 129

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHy23jBIFTkP5GBznIqbbwM&google_cver=1&google_push=AXcoOmSgqdSzevlsMS08hTbVFbA-6G1YLbqWt8oRYR8davRAQ9qcV9HWm50obERhO_BY8ynyzl4l2b79XVpUK4MQnAeF1LXs59dXKxY HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHy23jBIFTkP5GBznIqbbwM&google_cver=1&google_push=AXcoOmSgqdSzevlsMS08hTbVFbA-6G1YLbqWt8oRYR8davRAQ9qcV9HWm50obERhO_BY8ynyzl4l2b79XVpUK4MQnAeF1LXs59dXKxY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VjN6eTRFTTExUUFFYUg1&google_gid=CAESEHy23jBIFTkP5GBznIqbbwM&google_cver=1&google_push=AXcoOmSgqdSzevlsMS08hTbVFbA-6G1YLbqWt8oRYR8davRAQ9qcV9HWm50obERhO_BY8ynyzl4l2b79XVpUK4MQnAeF1LXs59dXKxY

Request Chain 130

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPMUhmNdbNlHQ2sbNLSD-a0&google_cver=1&google_push=AXcoOmSXlaQQmmUeRXofMhFy0-SLIppvAsROv0oqRqDE-lslcXe-O3E9Phab3_RVU8aqW0dZ3-s3NM06gfFjR_2WZf5dv0SK7ynOhQI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSXlaQQmmUeRXofMhFy0-SLIppvAsROv0oqRqDE-lslcXe-O3E9Phab3_RVU8aqW0dZ3-s3NM06gfFjR_2WZf5dv0SK7ynOhQI

Request Chain 132

https://ads.travelaudience.com/google_pixel?google_gid=CAESEP-nJdBKeY4ngnuiBCY1MuA&google_cver=1&google_push=AXcoOmQpMT7ZvOqVkcXsb2Us3dgSq1TEpAXrzcKgBWEb2nYkRixk1QSVx_6J8qfa32exedV2mI2zZPcq1sc3TBBFNKvr5HWA4ALTiPE HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=QedbprI5Q0Cx5joKBSPcoA2&google_push=AXcoOmQpMT7ZvOqVkcXsb2Us3dgSq1TEpAXrzcKgBWEb2nYkRixk1QSVx_6J8qfa32exedV2mI2zZPcq1sc3TBBFNKvr5HWA4ALTiPE

Request Chain 138

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGW16Ah0pcf3dK085LYUn5I&google_cver=1&google_push=AXcoOmTL1O2ed_EEOry1nd2jFDJ-Kh-v4j1K3ofLT95m7Xb119mRIZ1RV0J4K-ym4TGujyCOeF26r6tKPV0UkI7jbsTL-7kFjAmgJw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTL1O2ed_EEOry1nd2jFDJ-Kh-v4j1K3ofLT95m7Xb119mRIZ1RV0J4K-ym4TGujyCOeF26r6tKPV0UkI7jbsTL-7kFjAmgJw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGW16Ah0pcf3dK085LYUn5I&google_cver=1&google_push=AXcoOmTL1O2ed_EEOry1nd2jFDJ-Kh-v4j1K3ofLT95m7Xb119mRIZ1RV0J4K-ym4TGujyCOeF26r6tKPV0UkI7jbsTL-7kFjAmgJw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTL1O2ed_EEOry1nd2jFDJ-Kh-v4j1K3ofLT95m7Xb119mRIZ1RV0J4K-ym4TGujyCOeF26r6tKPV0UkI7jbsTL-7kFjAmgJw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 139

https://um.simpli.fi/gp_match?google_gid=CAESEH0cxBfNpm-PzctFXQjST0g&google_cver=1&google_push=AXcoOmQvc3b8HdxeLu39qEfk9DUFcI0GKj6cugjUGQepEe5-7fP6YZck9JVODxRWAFx2_Z8ldufXOviDCXIbxlsWtO6akUecHBID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A5EDF3D58CCC44E6AEEA211842C58E4D&google_push=AXcoOmQvc3b8HdxeLu39qEfk9DUFcI0GKj6cugjUGQepEe5-7fP6YZck9JVODxRWAFx2_Z8ldufXOviDCXIbxlsWtO6akUecHBID

Request Chain 140

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJGrbXYThYFvsMXy98N4kYI&google_cver=1&google_push=AXcoOmRc51CsjxMbkuc1bS2MN_Wx84n6OgQpgmRy8wTukcGn57vLv8Vjzj4Nz97FblG0kKJn78o-1DUTYfQ_QZ_FPv_kEJ5w81H0Jg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJGrbXYThYFvsMXy98N4kYI&google_cver=1&google_push=AXcoOmRc51CsjxMbkuc1bS2MN_Wx84n6OgQpgmRy8wTukcGn57vLv8Vjzj4Nz97FblG0kKJn78o-1DUTYfQ_QZ_FPv_kEJ5w81H0Jg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzA1NjI4OTQ0MTY1MTMyMjk4Ng&google_push=AXcoOmRc51CsjxMbkuc1bS2MN_Wx84n6OgQpgmRy8wTukcGn57vLv8Vjzj4Nz97FblG0kKJn78o-1DUTYfQ_QZ_FPv_kEJ5w81H0Jg

Request Chain 142

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHPdDItbGbX3zT-YZBYRtWY&google_cver=1&google_push=AXcoOmSMiiJS0xgy3eIaNPfMhsBomHmwF88KlH8aEs3LDo6ldDq6-xdIO0ae1eGfuOBNXGy8CQqiC2VJMDqLPHk1QEAPuBFePI19Iw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSMiiJS0xgy3eIaNPfMhsBomHmwF88KlH8aEs3LDo6ldDq6-xdIO0ae1eGfuOBNXGy8CQqiC2VJMDqLPHk1QEAPuBFePI19Iw

Request Chain 143

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEIElVBQRS1lKXaFbvcGu3r4&google_cver=1&google_push=AXcoOmRIvP1xu-R8Bi4blnHuXSYh-U0dr3GLeZFACgRjNEyfDIve06H_FiIb36kwlQpClHCkgQvqV2LlJPxc2wMBqlVPk8YP5D1YaFg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRIvP1xu-R8Bi4blnHuXSYh-U0dr3GLeZFACgRjNEyfDIve06H_FiIb36kwlQpClHCkgQvqV2LlJPxc2wMBqlVPk8YP5D1YaFg&google_hm=dDx5O-plTqGMRpjyBFslbLk

Request Chain 145

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJTmCf1UPg8_SygmrtVD-S0&google_cver=1&google_push=AXcoOmT8dNQ1XuKNr_YqIp32jesao3s5ii8PC2fEi-pG9nvEIZSe5IUuk-1VdaxErLQ8dO-GbqoSavGmB3KDNiMr6gwmLsIvoHoXsXg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjU3ODI5NzAxOTczNzE5NTA5OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJTmCf1UPg8_SygmrtVD-S0&google_cver=1

Request Chain 147

https://um.simpli.fi/gp_match?google_gid=CAESEH0cxBfNpm-PzctFXQjST0g&google_cver=1&google_push=AXcoOmTz4TZJCG2kvodkCNy8pdvhEUdeLx6nHPXwioTWyLmedLgOWFrv6gwni1-PFtMmQfFQCiCMEDhRpIv11GWQmJ-4TzNYFAepdA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CD598E699EC74A459A66E34302FECDE6&google_push=AXcoOmTz4TZJCG2kvodkCNy8pdvhEUdeLx6nHPXwioTWyLmedLgOWFrv6gwni1-PFtMmQfFQCiCMEDhRpIv11GWQmJ-4TzNYFAepdA

Request Chain 149

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMwiARegLlEtx0kdYFmIcdc&google_cver=1&google_push=AXcoOmRlMSu_P-6BxlkG5XlauWRecjTa_ffH24FkoctGmsjXGwD31U0WDT6ODFAU_-mc0MYmySBuI9D2096AyLVVpmdy7FWbBG6VMao HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRlMSu_P-6BxlkG5XlauWRecjTa_ffH24FkoctGmsjXGwD31U0WDT6ODFAU_-mc0MYmySBuI9D2096AyLVVpmdy7FWbBG6VMao&google_hm=eS0waUczSzFwRTJwSFlXYWh0V2QxMjZlODlRWXZGUnBqNX5B

Request Chain 151

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJGrbXYThYFvsMXy98N4kYI&google_cver=1&google_push=AXcoOmTpl3kkVssrX505dc9kek5Wre2ihjEMGHM2L3ewR3Y9WziQwAyzbchhk_MUfgXkOuv-kZIyogfM_9zhagkDhqGefqzsLlN-zxs HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJGrbXYThYFvsMXy98N4kYI&google_cver=1&google_push=AXcoOmTpl3kkVssrX505dc9kek5Wre2ihjEMGHM2L3ewR3Y9WziQwAyzbchhk_MUfgXkOuv-kZIyogfM_9zhagkDhqGefqzsLlN-zxs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzMzMTQxNDc2MTE3Mjk5ODA5&google_push=AXcoOmTpl3kkVssrX505dc9kek5Wre2ihjEMGHM2L3ewR3Y9WziQwAyzbchhk_MUfgXkOuv-kZIyogfM_9zhagkDhqGefqzsLlN-zxs

Request Chain 153

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJTmCf1UPg8_SygmrtVD-S0&google_cver=1&google_push=AXcoOmRTg8HVriKbeQJOPdY9CboPB7m2p23ByD71u9uQxl8_lQAPd7CvW-qVqkFHCnhPAZG7rwODelzCgjWu3blQNUAkKJqTAVP7brg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM2MjEyNDIzNzYyMzQxMTI5MQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJTmCf1UPg8_SygmrtVD-S0&google_cver=1

Request Chain 155

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHy23jBIFTkP5GBznIqbbwM&google_cver=1&google_push=AXcoOmQVd-oRygwcn94t21q-Zkx9kA7BuzB813lm8tN3qBty4KjZnvd36piEVN9a4ZEziHEcml9loQcyCz0DKzrnyc0NjfQCe_kAIQ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHy23jBIFTkP5GBznIqbbwM&google_cver=1&google_push=AXcoOmQVd-oRygwcn94t21q-Zkx9kA7BuzB813lm8tN3qBty4KjZnvd36piEVN9a4ZEziHEcml9loQcyCz0DKzrnyc0NjfQCe_kAIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VjN6eTRFTTExUUFFYUg1&google_gid=CAESEHy23jBIFTkP5GBznIqbbwM&google_cver=1&google_push=AXcoOmQVd-oRygwcn94t21q-Zkx9kA7BuzB813lm8tN3qBty4KjZnvd36piEVN9a4ZEziHEcml9loQcyCz0DKzrnyc0NjfQCe_kAIQ

Request Chain 156

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGW16Ah0pcf3dK085LYUn5I&google_cver=1&google_push=AXcoOmR30cFWU3V_zmA-U0b2lRkzMNtl7Ds-yqxeUXBPswp7NkvfW-qFHbnCDdr1QkVfjoAn9q0kQmw9gkyZgbFzHrrp2qQ0v7752XA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR30cFWU3V_zmA-U0b2lRkzMNtl7Ds-yqxeUXBPswp7NkvfW-qFHbnCDdr1QkVfjoAn9q0kQmw9gkyZgbFzHrrp2qQ0v7752XA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGW16Ah0pcf3dK085LYUn5I&google_cver=1&google_push=AXcoOmR30cFWU3V_zmA-U0b2lRkzMNtl7Ds-yqxeUXBPswp7NkvfW-qFHbnCDdr1QkVfjoAn9q0kQmw9gkyZgbFzHrrp2qQ0v7752XA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR30cFWU3V_zmA-U0b2lRkzMNtl7Ds-yqxeUXBPswp7NkvfW-qFHbnCDdr1QkVfjoAn9q0kQmw9gkyZgbFzHrrp2qQ0v7752XA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 157

https://um.simpli.fi/gp_match?google_gid=CAESEH0cxBfNpm-PzctFXQjST0g&google_cver=1&google_push=AXcoOmSRABXYM6MWzjttR8NfYPaeukMrp7dWkWjezjc6aYK_KYGPqJn3AfzCiK8cXOkcAPpBzbwx9tMkXyd8Z-RRyFErKztgIjU8zmc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=48BE217A83004CEF900F0FC7AD86AB4E&google_push=AXcoOmSRABXYM6MWzjttR8NfYPaeukMrp7dWkWjezjc6aYK_KYGPqJn3AfzCiK8cXOkcAPpBzbwx9tMkXyd8Z-RRyFErKztgIjU8zmc

Request Chain 159

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPC5SnJvi_GSfd2FksSIHSs&google_cver=1&google_push=AXcoOmQ0uyCXf45g6Ph6R2J0YxU26ZIiFE05ilmEUaeYNMsatt4UK4uEyEk6UrlF63NfcijVckDVNIxrvOEuNVxtgJs3W4daDLjyo5C2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQ0uyCXf45g6Ph6R2J0YxU26ZIiFE05ilmEUaeYNMsatt4UK4uEyEk6UrlF63NfcijVckDVNIxrvOEuNVxtgJs3W4daDLjyo5C2 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 162

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 183

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJTmCf1UPg8_SygmrtVD-S0&google_cver=1&google_push=AXcoOmRlD4a7sowIBtB_4a2t30D0YY0KPfdYXR71QJeYdNqMo4PN_zFjKpvPs5hAqkV0flf5niJ08EzhPF_KHThJ3mYDw-26z9Q-ZQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM2MjEyNDIzNzYyMzQxMTI5MQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJTmCf1UPg8_SygmrtVD-S0&google_cver=1

Request Chain 185

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHy23jBIFTkP5GBznIqbbwM&google_cver=1&google_push=AXcoOmR3D0MmKILdLsiBHOcQh2lWd6i8pOEBkyxQGr8PZmZ3kuZQv5buBBKu4b1TJRLDu0ETiIZ93rhJ8oMcwZt8yiGEgUeLPlilVQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VjN6eTRFTTExUUFFYUg1&google_gid=CAESEHy23jBIFTkP5GBznIqbbwM&google_cver=1&google_push=AXcoOmR3D0MmKILdLsiBHOcQh2lWd6i8pOEBkyxQGr8PZmZ3kuZQv5buBBKu4b1TJRLDu0ETiIZ93rhJ8oMcwZt8yiGEgUeLPlilVQ

Request Chain 188

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJGrbXYThYFvsMXy98N4kYI&google_cver=1&google_push=AXcoOmTvN_XQVyTO7B53buqGDCMcIbi5UMKpq3UMRTfHpWCaU3aStTBsSYZ-_0lOuYA9YFEz2puxPKB9VVRHe3hPGJB7Cd2oBXBPYQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzMzMTQxNDc2MTE3Mjk5ODA5&google_push=AXcoOmTvN_XQVyTO7B53buqGDCMcIbi5UMKpq3UMRTfHpWCaU3aStTBsSYZ-_0lOuYA9YFEz2puxPKB9VVRHe3hPGJB7Cd2oBXBPYQ

Request Chain 189

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHPdDItbGbX3zT-YZBYRtWY&google_cver=1&google_push=AXcoOmSEjq_1cabwYHmpvTkH0547YSmlDa5wboFoOi3mYPSZHzOKdKytDG3dxzt4xgirxFRqlLqA1bgMmD8hpC0taZE3HSOXRYJqUA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSEjq_1cabwYHmpvTkH0547YSmlDa5wboFoOi3mYPSZHzOKdKytDG3dxzt4xgirxFRqlLqA1bgMmD8hpC0taZE3HSOXRYJqUA

Request Chain 193

https://googleads.g.doubleclick.net/pagead/adview?ai=Cvw58N73sZJjpG-LlvPIPl8yx4Aiq1ovOcquH2tiHEsTK-uCeDhABIKv6jB5g6eTJhdgaoAGfsbXTAcgBCakCmFasurQisj6oAwHIA8sEqgTbAU_QNEiWVWzujV9HJna7IZFFENLmh_wKAzBDRQpK2KfFrGwbEMcZz6UU8kIbpASyPbtsJvEBKpEGx-cPFQHRlczd_tn_Gpy4tnVkDHGS5hg3u5I4iL5a1IM0JjDml7mNc741MMzl4-fup0taLBm67Z-DVUzk9OuuqOxyWAfvDvKgB7rGawVEplYhz_aRYPc8vL4QNanKRcFWafUVR3VuMNrdyDWA9GAeh1zKKyVcp9eTASim5D7kfuDnDTWzbgX8bOxHm5R1indh__br93NW0XrdZ0GQj6-PTRP4EcAErojisbQEiAWO-OStTJIFBAgEGAGSBQQIBRgEoAYugAfQhN6sAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIGqAtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCTFodHRwczovL3d3dy5pdS5vcmcvbHAvY2FyZWVyLWluLWdlcm1hbnktMi0xMDAwLTIvgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTY4OTAyODcyNTA5NzU2NzkYAA&sigh=RDh27vrg-TA&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJW1-Ahq-W37-VwoDHCX8K2Ma0HHy-OvK8NVev2Mlc4d-S3qKOTIQ-MWbJUs8lgqRomRIYxLyPZyhgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217999904358454208196%22,%22debug_reporting%22:true,%22destination%22:%22https://iu.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22443373727%22],%224%22:[%2208-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22150924249405883521%22}&andc=true

Request Chain 234

https://j.microad.net/js/compass.js HTTP 302
https://jgl.microad.net/js/compass.js

Request Chain 236

https://j.microad.net/js/compass.js HTTP 302
https://jgl.microad.net/js/compass.js

262 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
lanterman.web.fc2.com/ 25 KB
26 KB 704ms
192ms Document
text/html 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL

http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache / ModLayout/5.1

Resource Hash

9cf26fb9689fd8a0cca272392d51ec09f0bb015df6ca4301834f56336cdfbbb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: close
Content-Type: text/html
Date: Mon, 28 Aug 2023 15:28:48 GMT
Last-Modified: Fri, 02 Mar 2018 10:25:46 GMT
Server: Apache
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Powered-By: ModLayout/5.1
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
lanterman.web.fc2.com// 69 KB
10 KB 206ms
205ms Stylesheet
text/css 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL

http://lanterman.web.fc2.com//style.css

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

be00c6b021883cb1684551714783bace4a657281ebdf833b2a5ff8a56e206bd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:25:13 GMT
Server: Apache
ETag: "114f3-5666b643ff440-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 9839
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.responsive.css
lanterman.web.fc2.com// 11 KB
2 KB 415ms
224ms Stylesheet
text/css 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL

http://lanterman.web.fc2.com//style.responsive.css

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

c6c572a51db4b19008dfcde69a5aab55e9cdbce88c99c7ad02f4d44eb939c681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:25:17 GMT
Server: Apache
ETag: "2c7a-5666b647cfd40-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 2076
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.js Show response
lanterman.web.fc2.com// 90 KB
32 KB 417ms
225ms Script
application/javascript 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL

http://lanterman.web.fc2.com//jquery.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:25:05 GMT
Server: Apache
ETag: "169d9-5666b63c5e240-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 32784
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK script.js Show response
lanterman.web.fc2.com// 57 KB
13 KB 416ms
224ms Script
application/javascript 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL

http://lanterman.web.fc2.com//script.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

0a87ba00eee82758c065fb6b0a604e671c9b39f6ea918bdc0a31dc44fb8ad9ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:25:08 GMT
Server: Apache
ETag: "e482-5666b63f3a900-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 12464
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK script.responsive.js Show response
lanterman.web.fc2.com// 22 KB
5 KB 415ms
223ms Script
application/javascript 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL

http://lanterman.web.fc2.com//script.responsive.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

bac62b9a825a47764961c656e99d737ad97e9dfe8f1480607c652b284a1131c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:25:10 GMT
Server: Apache
ETag: "56cc-5666b64122d80-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 4480
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK qwertymin.js Show response
lanterman.web.fc2.com//images/ 449 B
691 B 586ms
197ms Script
application/javascript 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL

http://lanterman.web.fc2.com//images/qwertymin.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

404b9260afb4ca4d67d51bc3ab9c58e6d139d47f9c1218a78ecac1492e0e3002

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:24:39 GMT
Server: Apache
ETag: "1c1-5666b623927c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 328
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
54 KB 141ms
98ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

4092593a3414cd0072062bb68bef96e56e3df8bb150afe086861fe40cc41979e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54231
X-XSS-Protection: 0
Server: cafe
ETag: 10022611089337164695
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Mon, 28 Aug 2023 15:28:49 GMT

GET
H2

404

Miller_WEB.10080613_std.jpg
www.heraldpalladium.com/southhaventribune/yahoo_site_admin/assets/images/
Redirect Chain

http://www.southhaventribune.net/yahoo_site_admin/assets/images/Miller_WEB.10080613_std.jpg
https://www.heraldpalladium.com/southhaventribune/yahoo_site_admin/assets/images/Miller_WEB.10080613_std.jpg

0
0

452ms
149ms

Image
text/html

192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldpalladium.com/southhaventribune/yahoo_site_admin/assets/images/Miller_WEB.10080613_std.jpg
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Redirect headers

location: https://www.heraldpalladium.com/southhaventribune/yahoo_site_admin/assets/images/Miller_WEB.10080613_std.jpg
date: Mon, 28 Aug 2023 15:28:49 GMT
cache-control: public, max-age=86400
content-length: 0

GET
H2 404 promo316932033.jpg
localtvwqad.files.wordpress.com/2017/04/ 0
0 247ms
65ms Image
text/html 192.0.72.21
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://localtvwqad.files.wordpress.com/2017/04/promo316932033.jpg?quality=85&strip=all&w=1200
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.21 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET chavez-ian.jpg
mcnair.indiana.edu/img/current-students/ 0
0

GET
H2

200

teacher.jpg
s3.india.com/wp-content/uploads/2016/08/
Redirect Chain

http://s3.india.com/wp-content/uploads/2016/08/teacher.jpg
https://s3.india.com/wp-content/uploads/2016/08/teacher.jpg

37 KB
38 KB

357ms
201ms

Image
image/avif

23.36.162.71
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.india.com/wp-content/uploads/2016/08/teacher.jpg

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Server

23.36.162.71 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-71.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

7320a35f8f5fbfd28be89b5588d9cee9dbdbd09151d4ce002da3fce47140e163

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'; base-uri 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' https:; script-src 'strict-dynamic' '509d3a638bdedea59f28b3ac35f6ee226fc1beb8798e69f263cd9edc619f4423' 'unsafe-inline' https:
X-Frame-Options	DENY

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' https:; script-src 'strict-dynamic' '509d3a638bdedea59f28b3ac35f6ee226fc1beb8798e69f263cd9edc619f4423' 'unsafe-inline' https:
date: Mon, 28 Aug 2023 15:28:49 GMT
last-modified: Fri, 05 May 2023 21:12:40 GMT
server: Akamai Image Manager
etag: "93205477b665c2a1f1d5344deba6c679"
x-frame-options: DENY
content-type: image/avif
cache-control: public, max-age=2592000
content-length: 38110
expires: Tue, 19 Sep 2023 20:51:14 GMT

Redirect headers

Location: https://s3.india.com/wp-content/uploads/2016/08/teacher.jpg
Date: Mon, 28 Aug 2023 15:28:49 GMT
Cache-Control: public, max-age=2592000
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0
Expires: Mon, 28 Aug 2023 15:28:49 GMT

GET
H2

404

NicholaSaundersLeaflet_inside.jpg
www.woodlandsnaturalhealthcentre.co.uk/wp-content/uploads/2011/10/
Redirect Chain

http://www.woodlandsnaturalhealthcentre.co.uk/wp-content/uploads/2011/10/NicholaSaundersLeaflet_inside.jpg
https://www.woodlandsnaturalhealthcentre.co.uk/wp-content/uploads/2011/10/NicholaSaundersLeaflet_inside.jpg

0
0

448ms
343ms

Image
text/html

92.205.2.206
GODADDY-SXB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.woodlandsnaturalhealthcentre.co.uk/wp-content/uploads/2011/10/NicholaSaundersLeaflet_inside.jpg
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Server: 92.205.2.206 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS: 206.2.205.92.host.secureserver.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Redirect headers

Date: Mon, 28 Aug 2023 15:28:49 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://www.woodlandsnaturalhealthcentre.co.uk/wp-content/uploads/2011/10/NicholaSaundersLeaflet_inside.jpg
Cache-Control: max-age=180
Connection: Keep-Alive
Keep-Alive: timeout=5
Content-Length: 315
Expires: Mon, 28 Aug 2023 15:31:49 GMT

GET
H/1.1 200
OK people_flowers.jpg
www.cusys.edu/newsletter/2010/03-24/images/ 8 KB
8 KB 759ms
184ms Image
image/jpeg 204.228.68.58
UNIVERSITY-OF-COL...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cusys.edu/newsletter/2010/03-24/images/people_flowers.jpg
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.228.68.58 Arvada, United States, ASN62671 (UNIVERSITY-OF-COLORADO-SYSTEM, US),
Reverse DNS: www.cusys.edu
Software: /
Resource Hash: 863395d0e38e9c9c42ff78d3c7ecaf11f3423b5734ccf09cf08e0331f444fbbe

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:49 GMT
Last-Modified: Wed, 24 Mar 2010 18:36:36 GMT
ETag: "209c-4829035c75500"
Content-Type: image/jpeg
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Connection: Keep-Alive
Accept-Ranges: bytes
X-UIS: AX active
Keep-Alive: timeout=5, max=100
Content-Length: 8348

GET
H2

200

kyle_field.jpg
cdn.shopify.com/s/files/1/0659/0325/files/
Redirect Chain

http://cdn.shopify.com/s/files/1/0659/0325/files/kyle_field.jpg?1819117143250975351
https://cdn.shopify.com/s/files/1/0659/0325/files/kyle_field.jpg?1819117143250975351

167 KB
168 KB

153ms
83ms

Image
image/webp

23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0659/0325/files/kyle_field.jpg?1819117143250975351

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

f82333103a1080f1da5da0c384159e0f10307305ea2b611289285f3da136c0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
source-type: image/jpeg
server-timing: imagery;dur=245.254, imageryFetch;dur=120.485, imageryProcess;dur=123.280;desc="image", cfRequestDuration;dur=49.999952
source-length: 315495
content-length: 171056
x-xss-protection: 1; mode=block
x-request-id: 98cf2e35-27e1-4170-938f-7e7aa975da4a
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 28 Aug 2023 07:54:46 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FZ%2BgXLcydHd7wey4PqMpMBSc5RlMwQ5JQ8G3gzfl036ese%2B5mlI2zCCtCQJ3kaIe%2F%2FQ%2FYp6NN%2BmfntQLlJelxQSMlwfjwGJ9vYJFgK8gi%2BSwt74g4dmnzu7G936%2BrjD5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0659/0325/files/kyle_field.jpg>; rel="canonical"
cf-ray: 7fdd9614ba6b3bc0-WAW

Redirect headers

Date: Mon, 28 Aug 2023 15:28:49 GMT
X-Content-Type-Options: nosniff
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bi4%2BTOL7vzY%2BhIJ%2FP%2FKUIJ2k7ZC8sB7h81Nlef7575SmKLvYdQi5ST05fMbuJThKyrPvgw2%2Be%2BxfNCI4IqpojBOHWlMozfgLsO0zmzrdP297HPBfI6Q7udtG23DUQ1eOmw%3D%3D"}],"group":"cf-nel","max_age":604800}
Location: https://cdn.shopify.com/s/files/1/0659/0325/files/kyle_field.jpg?1819117143250975351
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
Server-Timing: cfRequestDuration;dur=9.999752
CF-RAY: 7fdd9613683ffc5f-WAW
alt-svc: h3=":443"; ma=86400
Expires: Mon, 28 Aug 2023 16:28:49 GMT

GET VSIZAIANZRGNVOO.20151009142942.jpg
image.cdnllnwnl.xosnetwork.com/pics33/800/VS/ 0
0

GET
H/1.1 200
Ok counter_img.php
media.fc2.com/ 43 B
346 B 386ms
192ms Image
image/gif 104.244.99.54
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://media.fc2.com/counter_img.php?id=50
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: HTTP/1.1
Server: 104.244.99.54 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: b7f62f924ea7b82ad409df09417c32e7ace002d292675841dcfeeecc28a25925

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 15:28:49 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK KmVMGc Show response
secularcoalition.info/ 0
0 131ms
71ms Script
text/html 94.229.72.117
UKSERVERS-AS UK D...

General

Check archive.org

Show headers Download Go to

Full URL: http://secularcoalition.info/KmVMGc?default_keyword=cost+of+attendance+university+of+michigan+law+faculty
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: HTTP/1.1
Server: 94.229.72.117 London, United Kingdom, ASN42831 (UKSERVERS-AS UK Dedicated Servers, Hosting and Co-Location, GB),
Reverse DNS: no.rdns.ukservers.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://lanterman.web.fc2.com/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 129ms
82ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: HTTP/1.1
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:49 GMT
Content-Encoding: gzip
x-amz-server-side-encryption: AES256
X-Cache: HIT, HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 27630
X-Served-By: cache-iad-kjyo7100135-IAD, cache-fra-eddf8230121-FRA
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
Accept-Ranges: bytes
TW-CDN: FT

GET
H2

429

index
www.google.com/sorry/
Redirect Chain

https://cse.google.com/cse.js?cx=008587068278864670770:l6eqms_gbn0
https://www.google.com/sorry/index?continue=https://cse.google.com/cse.js%3Fcx%3D008587068278864670770:l6eqms_gbn0&q=EgSwQ1a5GLH6sqcGIjBNLAAYXx7ff2rsJf3tg4g9AgJbxj8C3ajgwA2MpiOdeIgaUFhfN1_h4mgE1wb6...

0
0

156ms
62ms

Script
text/html

142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/sorry/index?continue=https://cse.google.com/cse.js%3Fcx%3D008587068278864670770:l6eqms_gbn0&q=EgSwQ1a5GLH6sqcGIjBNLAAYXx7ff2rsJf3tg4g9AgJbxj8C3ajgwA2MpiOdeIgaUFhfN1_h4mgE1wb6iFUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Server: 142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f4.1e100.net
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Redirect headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-scujf-J1gd37QLr0yc4d1w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Mon, 28 Aug 2023 15:28:49 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
location: https://www.google.com/sorry/index?continue=https://cse.google.com/cse.js%3Fcx%3D008587068278864670770:l6eqms_gbn0&q=EgSwQ1a5GLH6sqcGIjBNLAAYXx7ff2rsJf3tg4g9AgJbxj8C3ajgwA2MpiOdeIgaUFhfN1_h4mgE1wb6iFUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIsfqypwYQ-_3PjwISBLBDVrk
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 445
x-xss-protection: 0

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
54 KB 95ms
95ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

44447bab034a384b6b29062baf94039cf0aefab72474acef47beccd2097aef3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54232
X-XSS-Protection: 0
Server: cafe
ETag: 5299394007369406671
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Mon, 28 Aug 2023 15:28:49 GMT

GET
H/1.1 200
OK / Show response
vip.chps-api.fc2.com/apis/footer/ 1 KB
1020 B 4422ms
4230ms Script
application/javascript 104.244.99.106
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL

http://vip.chps-api.fc2.com/apis/footer/?charset=UTF-8&url=http%3A%2F%2Flanterman.web.fc2.com%2F&service=0&r=86886522177

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

104.244.99.106 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

2f1062b5e1af2cc8a151377ca403596d9c62d3a11512d8d7cc821945c5329929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 15:28:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Aug 2023 15:28:53 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 498
X-XSS-Protection: 1; mode=block
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK page.jpg
lanterman.web.fc2.com//images/ 261 KB
261 KB 403ms
211ms Image
image/jpeg 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lanterman.web.fc2.com//images/page.jpg

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com//style.css

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

b7dad492260920af7d4a7996d2d662cca8f0d8aebef97c420eb89e5b4fc2cc9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com//style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:24:22 GMT
Server: Apache
ETag: "412ea-5666b6135c180"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 266986
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK header.png
lanterman.web.fc2.com//images/ 2 KB
2 KB 389ms
198ms Image
image/png 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lanterman.web.fc2.com//images/header.png

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com//style.css

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

e06a517c8ef78e142c00c1217c5a3e48c1c31dd55813530c225763ecf688b92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com//style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:24:01 GMT
Server: Apache
ETag: "6cb-5666b5ff55240"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 1739
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK object0.png
lanterman.web.fc2.com//images/ 12 KB
12 KB 392ms
201ms Image
image/png 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lanterman.web.fc2.com//images/object0.png

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com//style.css

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

3afca5001b290bb09b9b371385e12e24044a65eb613cb2928394a2ad0ea760d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com//style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:24:11 GMT
Server: Apache
ETag: "308c-5666b608de8c0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 12428
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK vmenuactiveitemicon.png
lanterman.web.fc2.com//images/ 1 KB
1 KB 393ms
198ms Image
image/png 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lanterman.web.fc2.com//images/vmenuactiveitemicon.png

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com//style.css

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

d1b526c5b87c80b5d6b9ec64df85a97e40578e2cd3c91f2f039a0709b1eb02ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com//style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:24:56 GMT
Server: Apache
ETag: "4b7-5666b633c8e00"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 1207
X-XSS-Protection: 1; mode=block

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/ 391 KB
132 KB 208ms
112ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890287250975679&plah=lanterman.web.fc2.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a1d4f177b052b64ccecc89b5a1890ba0b04ad7fd9b18fb7759650601b97c136f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134475
x-xss-protection: 0
server: cafe
etag: 1298706045958950516
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 15:28:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/ Frame BF0F 10 KB
5 KB 145ms
44ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 33651
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 06:07:58 GMT
etag: 9878862242593084568
expires: Mon, 11 Sep 2023 06:07:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 381 B
599 B 158ms
59ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=lanterman.web.fc2.com&callback=_gfp_s_&client=ca-pub-6890287250975679

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890287250975679&plah=lanterman.web.fc2.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

74ebe3d23a48509b84adfc7b4abb0b329cbcc70b60972fc1303cfba52c65e5e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4E12 436 B
432 B 212ms
211ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=600&slotname=3865380065&adk=2462822920&adf=233326967&pi=t.ma~as.3865380065&w=235&fwrn=4&fwrnh=100&lmt=1519982746&rafmt=1&format=235x600&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1693236529225&bpp=6&bdt=880&idt=417&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&correlator=7286624821826&frm=20&pv=2&ga_vid=216198697.1693236530&ga_sid=1693236530&ga_hid=307188461&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=270&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077370&oid=2&pvsid=815033577226452&tmod=1169466614&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AYsjVFNHV9&p=http%3A//lanterman.web.fc2.com&dtd=431

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

d36da76a74f6417213513db20dda3f81d6e86bd61b735d764ef83546d10bcdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 15:28:49 GMT
expires: Mon, 28 Aug 2023 15:28:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0E45 121 KB
40 KB 594ms
593ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=280&slotname=3865380065&adk=3534818277&adf=2051345969&pi=t.ma~as.3865380065&w=800&fwrn=4&fwrnh=100&lmt=1519982746&rafmt=1&format=800x280&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1693236529231&bpp=2&bdt=886&idt=435&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&prev_fmts=235x600&correlator=7286624821826&frm=20&pv=1&ga_vid=216198697.1693236530&ga_sid=1693236530&ga_hid=307188461&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077370&oid=2&pvsid=815033577226452&tmod=1169466614&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Rcfm9ap4W8&p=http%3A//lanterman.web.fc2.com&dtd=439

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e955fa868571747fcd5631bd4bc84d6f5de400b44e8e84277268b959f3086b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40478
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 15:28:50 GMT
expires: Mon, 28 Aug 2023 15:28:50 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 0E45 2 KB
975 B 169ms
58ms Stylesheet
text/css 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=280&slotname=3865380065&adk=3534818277&adf=2051345969&pi=t.ma~as.3865380065&w=800&fwrn=4&fwrnh=100&lmt=1519982746&rafmt=1&format=800x280&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1693236529231&bpp=2&bdt=886&idt=435&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&prev_fmts=235x600&correlator=7286624821826&frm=20&pv=1&ga_vid=216198697.1693236530&ga_sid=1693236530&ga_hid=307188461&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077370&oid=2&pvsid=815033577226452&tmod=1169466614&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Rcfm9ap4W8&p=http%3A//lanterman.web.fc2.com&dtd=439

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f138.1e100.net

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Aug 2023 15:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 14:07:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Aug 2023 15:28:50 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 0E45 2 KB
972 B 165ms
67ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 13:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7626
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 13:21:44 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 0E45 23 KB
23 KB 160ms
59ms Image
image/jpeg 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQGUDEUBwgI8q5RYeutrIOwg-Sp6IY1_P1tzmQjG2nMCUs9zZV27zDlwi4bDU8&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

sffe /

Resource Hash

e2602b9992ac7cd541ea994b6c15b23fef7ae4fd3601cb45e32ee03e2fc03a49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:55:25 GMT
x-content-type-options: nosniff
age: 412405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23501
x-xss-protection: 0
last-modified: Sun, 25 Oct 2020 20:06:26 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 22 Aug 2024 20:55:25 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 0E45 23 KB
23 KB 191ms
91ms Image
image/jpeg 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSWIHZg3kG01JqJWU53INJReq8SZcG6nrdZxj-dSrWv9ziuyUo7HYFWGGk8Zn0&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

sffe /

Resource Hash

8dfbc5e7eed6f6b353572fec951b69de8052ae0e73ab81841ab47570a480822e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:08:02 GMT
x-content-type-options: nosniff
age: 415248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23882
x-xss-protection: 0
last-modified: Sat, 03 Feb 2024 09:38:55 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 22 Aug 2024 20:08:02 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 0E45 24 KB
24 KB 160ms
59ms Image
image/jpeg 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSTqIB7ZZNF-kvehbK2_Yu4NxXMMeOmv3aeAC7NlbXrHsN6u27_TZd6yURyKaQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f14.1e100.net

Software

sffe /

Resource Hash

477c5c8eb6d0ed12f38a8d5dd5fd5ff86f638cfea3ebfd8f2839bc674f68857d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:00:05 GMT
x-content-type-options: nosniff
age: 451725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24140
x-xss-protection: 0
last-modified: Tue, 12 May 2020 20:56:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 22 Aug 2024 10:00:05 GMT

GET
H2

200

7383912002397655444
tpc.googlesyndication.com/simgad/ Frame 0E45
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDbsKyBCBCABBiAATII5oEQje8B24g
https://tpc.googlesyndication.com/simgad/7383912002397655444

14 KB
14 KB

45ms
44ms

Image
image/png

142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7383912002397655444

Requested by

Protocol

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

57238c70b77dbdb969993cb440f82321c765542ac7a16d3d03eaee7e033f3ccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 21:38:29 GMT
x-content-type-options: nosniff
age: 323421
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14439
x-xss-protection: 0
last-modified: Tue, 04 Aug 2020 07:09:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Aug 2024 21:38:29 GMT

Redirect headers

date: Mon, 28 Aug 2023 15:24:08 GMT
x-content-type-options: nosniff
server: cafe
age: 282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/7383912002397655444
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 27 Sep 2023 15:24:08 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame 0E45 23 KB
9 KB 150ms
68ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 13:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7626
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 13:21:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 0E45 3 KB
1 KB 132ms
50ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:13:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 11:13:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 0E45 20 KB
8 KB 127ms
45ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:13:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 11:13:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E45 181 KB
57 KB 204ms
84ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 15:28:50 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 0E45 35 KB
15 KB 165ms
45ms Script
text/javascript 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 03:15:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 18:25:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 03:15:29 GMT

GET
DATA 200
OK truncated
/ Frame 0E45 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 890acea775fde76af6cccba5856d54b19f811d9dac12835e21b6c55f298c4284

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 0E45 20 KB
21 KB 158ms
47ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 09:20:48 GMT
x-content-type-options: nosniff
age: 194882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 09:20:48 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0E45
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C9qzhMb3sZMKeMMjGxtYP2u2G-AnxmMLcb8jHiYSQDobx_f6iOBABIKv6jB5g6eTJhdgaoAH767zPA8gBCakCik-GOUc2kD6oAwHIA8uEgIAEqgTgAU_QSUKIZEWYUr8GjtJRMU23jANycXX...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218444541057885588113%22,%22debug_reporting%22:true,%22destination%22:%22https://ceneo.pl%22,%22event_report_window%22:%222...

0
0

168ms
77ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218444541057885588113%22,%22debug_reporting%22:true,%22destination%22:%22https://ceneo.pl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22971978235%22],%224%22:[%2208-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210719437560270655681%22}&andc=true

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:51 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"18444541057885588113","debug_reporting":true,"destination":"https://ceneo.pl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["971978235"],"4":["08-28"],"6":["true"]},"priority":"500","source_event_id":"10719437560270655681"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 28 Aug 2023 15:28:51 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 28 Aug 2023 15:28:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"18444541057885588113","debug_reporting":true,"destination":"https://ceneo.pl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["971978235"],"4":["08-28"],"6":["true"]},"priority":"500","source_event_id":"10719437560270655681"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js Show response
pagead2.googlesyndication.com/bg/ Frame 4BA7 37 KB
15 KB 44ms
43ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:34:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14626
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Aug 2024 11:34:44 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 182ms
78ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 28 Aug 2023 15:28:51 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0E45 42 B
64 B 238ms
148ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstX2mOXQNH72vaxATgZuSSE3_GhqdPikTKpTwyyhdMLCjAl7HLmt4Qr6xFXFkIKDPa0bwwtoyvTk2w4mlgpVSYB9f2f35xsnJJF-ETNTFtNDkFmlA59oumSfGJCiN7D-9Ue6hJWxIAqHUR&sai=AMfl-YSrlM9CGOX2I7EWszw8IiOWaIzHAEszYekldPvNRxS7xrUt5ojbTJB-AawBTNvUVwFhrtuvO4GUVRUu&sig=Cg0ArKJSzBqhcITWuWUuEAE&cid=CAQSGwBpAlJWfNyMbcRk6kdF2K-UvqwAn8BJXGEwdBgB&id=lidar2&mcvt=1004&p=0,0,280,800&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230823&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3534818277&rs=2&la=0&cr=0&vs=4&r=v&rst=1693236529672&rpt=1110&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK fc2_web_user_page.js Show response
static.fc2.com/fc2web/js/ 11 KB
4 KB 89ms
44ms Script
application/javascript 178.79.242.41
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: http://static.fc2.com/fc2web/js/fc2_web_user_page.js?20210719
Requested by: Host: vip.chps-api.fc2.com
URL: http://vip.chps-api.fc2.com/apis/footer/?charset=UTF-8&url=http%3A%2F%2Flanterman.web.fc2.com%2F&service=0&r=86886522177
Protocol: HTTP/1.1
Server: 178.79.242.41 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-41.fra.llnw.net
Software: nginx /
Resource Hash: d5280d87baee55df453debab6d2cf4079a730388c6773369fffa6c44ce9f159c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 07:06:20 GMT
Server: nginx
Age: 4999
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=6000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3926
X-LLID: 88fffcefc85f094a27b67e0a961c8fb6
Expires: Mon, 28 Aug 2023 15:45:34 GMT

GET
H/1.1 200
Ok / Show response
media5.fc2.com/1187/ Frame 637D 2 KB
1 KB 583ms
194ms Document
text/html 104.244.99.100
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://media5.fc2.com/1187/
Requested by: Host: static.fc2.com
URL: http://static.fc2.com/fc2web/js/fc2_web_user_page.js?20210719
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.100 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: 1cb7cab5eb7626900d579c45c233bfb4e09b2e262f0c9bc31c90641dd5e6c714

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 28 Aug 2023 15:28:54 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
Ok manager.cgi Show response
textad.fc2.com/cgi-bin/ 4 KB
4 KB 584ms
194ms Script
text/javascript 104.244.99.68
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://textad.fc2.com/cgi-bin/manager.cgi?category_id=0&i=1&type=1
Requested by: Host: static.fc2.com
URL: http://static.fc2.com/fc2web/js/fc2_web_user_page.js?20210719
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.68 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: 0c331c5c02bbe478df92f2bb37b67dfa4febfe6be572b5baf2b79ab5eff6c8b6

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:54 GMT
Server: nginx
Connection: keep-alive
Content-Length: 4163
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK fc2_header_bnr_close.gif
static.fc2.com/fc2web/image/ 972 B
1 KB 47ms
46ms Image
image/gif 178.79.242.41
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.fc2.com/fc2web/image/fc2_header_bnr_close.gif
Requested by: Host: static.fc2.com
URL: http://static.fc2.com/fc2web/js/fc2_web_user_page.js?20210719
Protocol: HTTP/1.1
Server: 178.79.242.41 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-41.fra.llnw.net
Software: nginx /
Resource Hash: 5a0df713b4660ba39052ceadce6b19b9945dcc2b8aecea57d84816524eb38b14

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:53 GMT
Last-Modified: Wed, 19 Mar 2014 06:20:31 GMT
Server: nginx
Age: 1792
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=6000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 972
X-LLID: b05a907c870aff4496cec9c6a855c727
Expires: Mon, 28 Aug 2023 16:39:01 GMT

GET
H/1.1 200
Ok counter_img.php
media.fc2.com/ 43 B
346 B 773ms
192ms Image
image/gif 104.244.99.54
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.fc2.com/counter_img.php?id=1781
Requested by: Host: static.fc2.com
URL: http://static.fc2.com/fc2web/js/fc2_web_user_page.js?20210719
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.54 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: b7f62f924ea7b82ad409df09417c32e7ace002d292675841dcfeeecc28a25925

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 15:28:54 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
Ok counter_img.php
media.fc2.com/ 43 B
346 B 774ms
192ms Image
image/gif 104.244.99.54
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.fc2.com/counter_img.php?id=1782
Requested by: Host: static.fc2.com
URL: http://static.fc2.com/fc2web/js/fc2_web_user_page.js?20210719
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.54 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: b7f62f924ea7b82ad409df09417c32e7ace002d292675841dcfeeecc28a25925

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 15:28:54 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fc2_bottom_bnr_close.png
static.fc2.com/fc2web/image/ 429 B
792 B 88ms
44ms Image
image/png 178.79.242.41
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.fc2.com/fc2web/image/fc2_bottom_bnr_close.png
Requested by: Host: static.fc2.com
URL: http://static.fc2.com/fc2web/js/fc2_web_user_page.js?20210719
Protocol: HTTP/1.1
Server: 178.79.242.41 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-41.fra.llnw.net
Software: nginx /
Resource Hash: 5b20a3e55eda8ed582681eb9a05069aaaf5da9c12d9b9d6769cfc05ebb539993

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:53 GMT
Last-Modified: Wed, 19 Mar 2014 06:20:31 GMT
Server: nginx
Age: 5304
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=6000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 429
X-LLID: cb71385b72a2b58d0e7abb537410efb3
Expires: Mon, 28 Aug 2023 15:40:29 GMT

GET
H2 200 668f540669179556b8cfb8e5a9d647f4.jpeg
storage1000-textad.fc2.com/textad/user12572/ 21 KB
22 KB 772ms
382ms Image
image/png 199.48.209.214
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://storage1000-textad.fc2.com/textad/user12572/668f540669179556b8cfb8e5a9d647f4.jpeg

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.48.209.214 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

nginx /

Resource Hash

26959420ff63fa61ceda84d3a420d0fb456221556aafd0ee0a7bcbdd9d1745a9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:54 GMT
content-security-policy: block-all-mixed-content
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 14:10:46 GMT
server: nginx
x-amz-request-id: 177F9557391FB3C5
etag: W/"c85fa96325b66f9b25f4b2301b8bc841"
vary: Accept-Encoding, Origin
content-type: image/png
x-xss-protection: 1; mode=block

GET
H2 200 5c485f00d4b543b30d68813d3ea2d237.jpeg
storage1000-textad.fc2.com/textad/user12572/ 10 KB
11 KB 960ms
571ms Image
image/png 199.48.209.214
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://storage1000-textad.fc2.com/textad/user12572/5c485f00d4b543b30d68813d3ea2d237.jpeg

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.48.209.214 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

nginx /

Resource Hash

1e560ff025fb7a37f6ef93d80f90f336741b83316fc4a2c5fdeec023c8ddb7a0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:54 GMT
content-security-policy: block-all-mixed-content
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 08:37:54 GMT
server: nginx
x-amz-request-id: 177F953AC096828B
etag: W/"3453b4341dc4bf7f9924472cef11d644"
vary: Accept-Encoding, Origin
content-type: image/png
x-xss-protection: 1; mode=block

GET
H2 200 a878e5f07a336ab7afb0c8207a4fed9d.jpeg
storage1000-textad.fc2.com/textad/user12572/ 9 KB
9 KB 961ms
571ms Image
image/png 199.48.209.214
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://storage1000-textad.fc2.com/textad/user12572/a878e5f07a336ab7afb0c8207a4fed9d.jpeg

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.48.209.214 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

nginx /

Resource Hash

5b207e7767f10ca66eaedbaee7e5023f9c55176e70d64fcaabf58656622d5513

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:54 GMT
content-security-policy: block-all-mixed-content
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 09:54:02 GMT
server: nginx
x-amz-request-id: 177F95573985E05D
etag: W/"119cd8747edd7fa245f6284f92a93009"
vary: Accept-Encoding, Origin
content-type: image/png
x-xss-protection: 1; mode=block

GET
H2 200 3bbdc7df2a557cccb41ba132f9531e26.jpeg
storage1000-textad.fc2.com/textad/user12572/ 8 KB
8 KB 581ms
191ms Image
image/png 199.48.209.214
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://storage1000-textad.fc2.com/textad/user12572/3bbdc7df2a557cccb41ba132f9531e26.jpeg

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.48.209.214 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

nginx /

Resource Hash

d4e38a51951999e9847ee305ad2eb73ca98f4d367fa5f92351e6c67312738b76

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:54 GMT
content-security-policy: block-all-mixed-content
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 08:33:08 GMT
server: nginx
x-amz-request-id: 177F9546E84D3CB7
etag: W/"e37e6bbfcc3982b57b3dd5069e702f44"
vary: Accept-Encoding, Origin
content-type: image/png
x-xss-protection: 1; mode=block

GET
H2 200 bbe8a512a00466e406cde884fa2d3564.jpeg
storage1000-textad.fc2.com/textad/user12572/ 10 KB
10 KB 961ms
572ms Image
image/png 199.48.209.214
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://storage1000-textad.fc2.com/textad/user12572/bbe8a512a00466e406cde884fa2d3564.jpeg

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.48.209.214 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

nginx /

Resource Hash

ab54017c0444167aa0373b35754d99768c225d38796dd834057dcd0341f42a00

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:54 GMT
content-security-policy: block-all-mixed-content
content-encoding: gzip
last-modified: Thu, 24 Nov 2022 10:07:18 GMT
server: nginx
x-amz-request-id: 177F95239337566E
etag: W/"2c9d09a5f7416e8bf918e4d9cfaabd54"
vary: Accept-Encoding, Origin
content-type: image/png
x-xss-protection: 1; mode=block

GET
H2

200

compass.js Show response
jgl.microad.net/js/ Frame 637D
Redirect Chain

https://j.microad.net/js/compass.js
https://jgl.microad.net/js/compass.js

128 KB
30 KB

291ms
290ms

Script
application/javascript

14.0.41.202
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://jgl.microad.net/js/compass.js
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1187/
Protocol: H2
Server: 14.0.41.202 Osaka, Japan, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 8d9792d8f1aa3e047b2fdc98300461ca65071e041bec1fb89e16669329c8c01c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:55 GMT
content-encoding: gzip
via: 1.1 PSrbJP1ww66:0 (W), 1.1 PSrbdbOSA1rw96:15 (W)
last-modified: Thu, 24 Aug 2023 08:56:05 GMT
server: PWS/8.3.1.0.8
etag: "1fe2d-gzip"
x-ws-request-id: 64ecbd37_PSrbdbOSA1gs91_23521-57348
content-type: application/javascript
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
cache-control: max-age=86400
x-px: ht PSrbdbOSA1rw96KIX
accept-ranges: bytes
content-length: 29887
expires: Tue, 29 Aug 2023 10:11:41 GMT

Redirect headers

date: Mon, 28 Aug 2023 15:28:54 GMT
via: 1.0 PSrbdbOSA1ap90:0 (W)
server: PWS/8.3.1.0.8
x-ws-request-id: 64ecbd36_PSrbdbOSA1gs91_23521-57318
location: https://jgl.microad.net/js/compass.js
access-control-allow-origin: *
cache-control: no-cache
x-px: -
content-length: 0

GET
H/1.1 200
OK ajax.module.js Show response
media5.fc2.com/js/ Frame 637D 2 KB
2 KB 192ms
192ms Script
application/javascript 104.244.99.100
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://media5.fc2.com/js/ajax.module.js
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1187/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.100 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: 08594aa8f6b8760ac36e53b99ddd70973dfc79447a1fc993a746ac975bd64565

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/1187/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:54 GMT
Last-Modified: Wed, 03 Jun 2020 11:50:42 GMT
Server: nginx
ETag: "5ed78e92-63b"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1595

GET
H/1.1 200
Ok / Show response
media5.fc2.com/1188/ Frame 8230 2 KB
1 KB 385ms
193ms Document
text/html 104.244.99.100
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://media5.fc2.com/1188/
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.100 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: cb8aa63b3f73eb99a9f475b1bd8235a6ece0c5051a1cbef6fa5f9df8a208f48a

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 28 Aug 2023 15:28:54 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7452 602 KB
130 KB 921ms
920ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&adk=1812271804&adf=3025194257&lmt=1519982746&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x540_l%7C236x540_r&format=0x0&url=http%3A%2F%2Flanterman.web.fc2.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&dt=1693236534262&bpp=1&bdt=5917&idt=1&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98aa37815e78d97f-226094385fde007e%3AT%3D1693236529%3ART%3D1693236529%3AS%3DALNI_MYS07xBOu7MWu-fxDuXMXba1vF9Iw&gpic=UID%3D00000d8e4b362f28%3AT%3D1693236529%3ART%3D1693236529%3AS%3DALNI_MbKfFRux5vW5K9ZI3ZjoGlmcJkMfw&prev_fmts=235x600%2C800x280&nras=1&correlator=7286624821826&frm=20&pv=1&ga_vid=216198697.1693236530&ga_sid=1693236530&ga_hid=307188461&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077370&oid=2&psts=AOrYGskajdcBEFw6oFxt7Utb6sgo8AgBv65UAXXYLaT7S9NspbjPM6Lyn0bMSOB8LZOIlv-rTY7eas46DGUWQEXTe-V55w&pvsid=815033577226452&tmod=1169466614&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

4e8ca0ba6f2b4993330dcbdbc467562185a94c5fb0bdee9ebe97f4e7df468375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 132990
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 15:28:55 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 142ms
142ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=fc2_bottom_bnr&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame FC33 320 KB
103 KB 142ms
46ms Document
text/html 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Flanterman.web.fc2.com
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 105435
content-type: text/html; charset=utf-8
date: Mon, 28 Aug 2023 15:28:54 GMT
etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
last-modified: Tue, 24 Jan 2023 21:41:13 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kjyo7100053-IAD, cache-fra-eddf8230093-FRA

GET
H2 200 settings Show response
syndication.twitter.com/ Frame FC33 869 B
657 B 504ms
240ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=6c94c8d705a5d2eca902ee58c4e353663626a4ef

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Flanterman.web.fc2.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-response-time: 109
date: Mon, 28 Aug 2023 15:28:54 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Mon, 28 Aug 2023 15:28:54 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 6207a2aa192fb26d
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: ccb4b88ac4335a3d26679e4c61fe7b616997a7ddec80b7e0e52639be5b1c1059
content-length: 337

GET
H2

200

compass.js Show response
jgl.microad.net/js/ Frame 8230
Redirect Chain

https://j.microad.net/js/compass.js
https://jgl.microad.net/js/compass.js

128 KB
30 KB

369ms
368ms

Script
application/javascript

14.0.41.202
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://jgl.microad.net/js/compass.js
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1188/
Protocol: H2
Server: 14.0.41.202 Osaka, Japan, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 8d9792d8f1aa3e047b2fdc98300461ca65071e041bec1fb89e16669329c8c01c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:55 GMT
content-encoding: gzip
via: 1.1 PSrbJP1ww66:0 (W), 1.1 PSrbdbOSA1ap90:1 (W)
last-modified: Thu, 24 Aug 2023 08:56:05 GMT
server: PWS/8.3.1.0.8
etag: "1fe2d-gzip"
x-ws-request-id: 64ecbd37_PSrbdbOSA1gs91_23521-57349
content-type: application/javascript
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
cache-control: max-age=86400
x-px: ht PSrbdbOSA1ap90KIX
accept-ranges: bytes
content-length: 29887
expires: Tue, 29 Aug 2023 10:20:49 GMT

Redirect headers

date: Mon, 28 Aug 2023 15:28:54 GMT
via: 1.0 PSrbdbOSA1gs91:14 (W)
server: PWS/8.3.1.0.8
x-ws-request-id: 64ecbd36_PSrbdbOSA1gs91_23521-57319
location: https://jgl.microad.net/js/compass.js
access-control-allow-origin: *
cache-control: no-cache
x-px: -
content-length: 0

GET
H/1.1 200
OK ajax.module.js Show response
media5.fc2.com/js/ Frame 8230 2 KB
2 KB 192ms
192ms Script
application/javascript 104.244.99.100
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://media5.fc2.com/js/ajax.module.js
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1188/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.100 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: 08594aa8f6b8760ac36e53b99ddd70973dfc79447a1fc993a746ac975bd64565

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/1188/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:54 GMT
Last-Modified: Wed, 03 Jun 2020 11:50:42 GMT
Server: nginx
ETag: "5ed78e92-63b"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1595

GET
H2 200 timeline.16b53cc33aaa562f8f41a495bf720289.js Show response
platform.twitter.com/js/ 8 KB
3 KB 48ms
47ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.16b53cc33aaa562f8f41a495bf720289.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7cccd8f78bd73c79f1281052eb4c9bdf6f38386fca206da9954fdf24ab0784af

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:55 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 2964
x-served-by: cache-iad-kjyo7100029-IAD, cache-fra-eddf8230093-FRA
last-modified: Tue, 24 Jan 2023 21:41:06 GMT
etag: "569768187d20181e1cdea6aa19f3a4b4+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/ 154 KB
52 KB 95ms
95ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

3fb3bbc71bd622d899aab19130d210aa0029b9b2d00a2b88c083ac0c0c98aef0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53634
x-xss-protection: 0
server: cafe
etag: 15811017015458870855
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 15:28:55 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3966 120 KB
41 KB 610ms
609ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=280&adk=1221782170&adf=3105276512&pi=t.aa~a.1914032700~i.10~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1519982746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2593758635&ad_type=text_image&format=800x280&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1693236535350&bpp=1&bdt=7005&idt=1&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98aa37815e78d97f-226094385fde007e%3AT%3D1693236529%3ART%3D1693236529%3AS%3DALNI_MYS07xBOu7MWu-fxDuXMXba1vF9Iw&gpic=UID%3D00000d8e4b362f28%3AT%3D1693236529%3ART%3D1693236529%3AS%3DALNI_MbKfFRux5vW5K9ZI3ZjoGlmcJkMfw&prev_fmts=235x600%2C800x280%2C0x0&nras=2&correlator=7286624821826&frm=20&pv=1&ga_vid=216198697.1693236530&ga_sid=1693236530&ga_hid=307188461&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=3033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077370&oid=2&psts=AOrYGskajdcBEFw6oFxt7Utb6sgo8AgBv65UAXXYLaT7S9NspbjPM6Lyn0bMSOB8LZOIlv-rTY7eas46DGUWQEXTe-V55w&pvsid=815033577226452&tmod=1169466614&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=o7hLIvnGQF&p=http%3A//lanterman.web.fc2.com&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

fdbffb7249f43d502d7814cac018ca6409d2eaa89ff5cf65cf3068b5f5a7aaee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 41936
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 15:28:55 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/ Frame 83DB 10 KB
4 KB 44ms
43ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 19518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 10:03:37 GMT
etag: 9878862242593084568
expires: Mon, 11 Sep 2023 10:03:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/ Frame 2707 10 KB
4 KB 44ms
43ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 19518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 10:03:37 GMT
etag: 9878862242593084568
expires: Mon, 11 Sep 2023 10:03:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/ Frame F495 10 KB
4 KB 44ms
43ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 19518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 10:03:37 GMT
etag: 9878862242593084568
expires: Mon, 11 Sep 2023 10:03:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/ Frame 6EF5 10 KB
4 KB 44ms
44ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 19518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 10:03:37 GMT
etag: 9878862242593084568
expires: Mon, 11 Sep 2023 10:03:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie_loader.html Show response
cache.send.microadinc.com/js/ Frame 710E 2 KB
2 KB 147ms
48ms Document
text/html 99.86.4.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microadinc.com/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-114.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: https://media5.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 54941
content-length: 1909
content-type: text/html
date: Mon, 28 Aug 2023 00:13:15 GMT
etag: "10cf9c751f3fdad8c8784c6bf8cee57a"
last-modified: Thu, 28 Oct 2021 12:57:38 GMT
server: AmazonS3
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-id: P_f-YJGoqNXlJ2iMc471-nrMxnWIXLkXCbtlN-aPfwG9uHtuwqayBw==
x-amz-cf-pop: FRA6-C1
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7
x-cache: Hit from cloudfront

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ Frame 637D 6 KB
3 KB 175ms
61ms Script
application/javascript 23.36.162.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-72.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Mon, 28 Aug 2023 15:28:55 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H2 200 cookie_loader.html Show response
cache.send.microadinc.com/js/ Frame 9135 2 KB
2 KB 134ms
48ms Document
text/html 99.86.4.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microadinc.com/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-114.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: https://media5.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 54941
content-length: 1909
content-type: text/html
date: Mon, 28 Aug 2023 00:13:15 GMT
etag: "10cf9c751f3fdad8c8784c6bf8cee57a"
last-modified: Thu, 28 Oct 2021 12:57:38 GMT
server: AmazonS3
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-id: VOWHbMMANJ_fcnr2eMJSeJsjYqrGEIPsX6XhffGgjadWtfZTr7GObQ==
x-amz-cf-pop: FRA6-C1
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7
x-cache: Hit from cloudfront

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ Frame 8230 6 KB
3 KB 160ms
60ms Script
application/javascript 23.36.162.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-72.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Mon, 28 Aug 2023 15:28:55 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H2 200 css2
fonts.googleapis.com/ Frame 83DB 4 KB
767 B 53ms
53ms Stylesheet
text/css 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f138.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Aug 2023 15:28:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 14:09:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Aug 2023 15:28:55 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 83DB 205 B
520 B 46ms
45ms Image
image/png 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 06:59:13 GMT
x-content-type-options: nosniff
age: 116982
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 26 Aug 2024 06:59:13 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 83DB 604 B
696 B 46ms
46ms Image
image/png 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 13:52:52 GMT
x-content-type-options: nosniff
age: 264963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 24 Aug 2024 13:52:52 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/ Frame 83DB 15 KB
6 KB 44ms
43ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

328cb29271341963f1503c02d0d00d7d67f60396961e4fdac73b74ebbe16d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:32:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6521
x-xss-protection: 0
server: cafe
etag: 18225085782652855565
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:32:40 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/ Frame 83DB 20 KB
8 KB 47ms
47ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:19:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8570
x-xss-protection: 0
server: cafe
etag: 11167480076894372452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:19:59 GMT

GET
H/1.1 200
200 ad Show response
s-rtb.send.microadinc.com/ Frame 637D 3 KB
3 KB 901ms
293ms Script
text/javascript 202.233.84.9
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microadinc.com/ad?spot=93a2ec9f57837adb360556712d6b9a91&cb=microadCompass.AdRequestor.callback&url=https%3A%2F%2Fmedia5.fc2.com%2F1187%2F&referrer=http%3A%2F%2Flanterman.web.fc2.com%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=4288d56ca5bbf018a3cc3211d

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.9 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

ccb63c70bb5c508db03e5a2a533e015573c19531a1ae7c3eb5841c29a483e173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:56 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: text/javascript;charset=UTF-8
Connection: close
Content-Length: 2582
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
200 ad Show response
s-rtb.send.microadinc.com/ Frame 8230 3 KB
3 KB 908ms
300ms Script
text/javascript 202.233.84.9
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microadinc.com/ad?spot=793761e06e731a9b432e33760ab1c55d&cb=microadCompass.AdRequestor.callback&url=https%3A%2F%2Fmedia5.fc2.com%2F1188%2F&referrer=http%3A%2F%2Flanterman.web.fc2.com%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=3cb335bfc9633e018a3cc3211e

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.9 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

1756bbeee8faff5bacefdd3c6f19718f2bac8ddd8c14ad3a2e73f03ae01e6ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:56 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: text/javascript;charset=UTF-8
Connection: close
Content-Length: 2567
X-XSS-Protection: 1; mode=block

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 2F06 111 KB
39 KB 154ms
43ms Script
text/javascript 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 10:55:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 10:55:10 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2F06 41 KB
13 KB 47ms
43ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 04:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 126387
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Aug 2024 04:22:28 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 2F06 34 KB
13 KB 49ms
45ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:23:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3931
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13552
x-xss-protection: 0
server: cafe
etag: 17023098769855550506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:23:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 2F06 3 KB
1 KB 98ms
95ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:13:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 11:13:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 2F06 20 KB
8 KB 61ms
58ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:13:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 11:13:53 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2F06 0
0 54ms
51ms Image
text/html 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ0JzD-xcTZ-HsVk3oh9mhZKTwoEWDEmtEHqkkSz7hy_qDshpSJvYK1OzEa9btgMrfUff2B69A9YuEpj4cPHLJLLEy_jA
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2F06 181 KB
57 KB 84ms
81ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 15:28:55 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame 2F06 23 KB
9 KB 99ms
97ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite_fy2021.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 13:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 13:21:44 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 45C7 111 KB
39 KB 181ms
97ms Script
text/javascript 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 10:55:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 10:55:10 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 45C7 41 KB
13 KB 82ms
82ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 04:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 126387
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Aug 2024 04:22:28 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 45C7 34 KB
13 KB 44ms
44ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:23:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3931
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13552
x-xss-protection: 0
server: cafe
etag: 17023098769855550506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:23:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 45C7 3 KB
1 KB 90ms
90ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:13:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 11:13:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 45C7 20 KB
8 KB 57ms
56ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:13:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 11:13:53 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 45C7 0
0 53ms
52ms Image
text/html 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTNg7zJvR5pkoVnE-Iq3TRnMWEFSfU0YTrf-Qmr0_N6KUTwt1YxaWSy8EjCnqn0A2BSN-E3GFEFXr7r5uBkPlpZtdIhWg
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 45C7 181 KB
57 KB 102ms
102ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 15:28:55 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame 45C7 23 KB
9 KB 90ms
90ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite_fy2021.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 13:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 13:21:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6EF5 14 KB
1 KB 52ms
52ms Stylesheet
text/css 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f138.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Aug 2023 15:28:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 14:15:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Aug 2023 15:28:55 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 6EF5 2 KB
892 B 81ms
81ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 13:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 13:21:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame 6EF5 23 KB
9 KB 82ms
81ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 13:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 13:21:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 6EF5 3 KB
1 KB 86ms
86ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:13:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 11:13:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EBA0 1 KB
643 B 43ms
43ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 15296
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 11:13:59 GMT
etag: 48472445140208031
expires: Tue, 29 Aug 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 6EF5 20 KB
8 KB 51ms
51ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:13:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 11:13:53 GMT

GET
H3 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 6EF5 225 B
249 B 84ms
84ms Image
image/png 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 21:21:09 GMT
x-content-type-options: nosniff
server: cafe
age: 65266
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Mon, 28 Aug 2023 21:21:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6EF5 0
0 51ms
51ms Image
text/html 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5WXhM7q3a7clkyEX3hxboV5Gx3cWitviodg9NQRUZ6BVaLxpbonjIjSGiMnfBAwr1bBEGtFZzmqYbAGf7JNTn30YoLQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6EF5 181 KB
57 KB 127ms
126ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 15:28:55 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 6EF5 35 KB
15 KB 44ms
43ms Script
text/javascript 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 03:15:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216806
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 18:25:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 03:15:29 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame 710E 45 B
287 B 175ms
56ms Script
text/javascript 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=46&r=2&j=handleData

Requested by

Host: cache.send.microadinc.com
URL: https://cache.send.microadinc.com/js/cookie_loader.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f82eeb7d741fcdd22be2f05939c7196ba620b539243541c6a56ab6cd62462613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://cache.send.microadinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:55 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 234367
expires: 60

GET
H2 200 sync Show response
gum.criteo.com/ Frame 9135 45 B
286 B 172ms
57ms Script
text/javascript 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=46&r=2&j=handleData

Requested by

Host: cache.send.microadinc.com
URL: https://cache.send.microadinc.com/js/cookie_loader.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f82eeb7d741fcdd22be2f05939c7196ba620b539243541c6a56ab6cd62462613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://cache.send.microadinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:55 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 259797
expires: 60

GET
H3 200 css
fonts.googleapis.com/ Frame FDAF 14 KB
1 KB 55ms
54ms Stylesheet
text/css 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f138.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Aug 2023 15:28:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 14:07:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Aug 2023 15:28:55 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame FDAF 2 KB
892 B 44ms
43ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 13:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 13:21:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame FDAF 23 KB
9 KB 44ms
43ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 13:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 13:21:44 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 84DB 143 B
166 B 47ms
43ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 15:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame FDAF 3 KB
1 KB 48ms
47ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:13:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 11:13:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EDB2 1 KB
643 B 47ms
45ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 15296
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 11:13:59 GMT
etag: 48472445140208031
expires: Tue, 29 Aug 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame FDAF 20 KB
8 KB 43ms
43ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:13:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 11:13:53 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FDAF 0
0 56ms
51ms Image
text/html 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwFDKk4nKDcSpC_7eICMyA20ly6-4u0Gnu3lVviUDv6tR73cMnFhr4qjEtQLXD99W6gbsBN4mbqSsNu3weChrAd_hK_Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FDAF 181 KB
56 KB 110ms
105ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 15:28:55 GMT

GET
H3 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame FDAF 35 KB
15 KB 49ms
44ms Script
text/javascript 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 03:15:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216806
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 18:25:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 03:15:29 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5A08 1 KB
643 B 44ms
44ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 15296
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 11:13:59 GMT
etag: 48472445140208031
expires: Tue, 29 Aug 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CEF5 1 KB
643 B 50ms
48ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 15296
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 11:13:59 GMT
etag: 48472445140208031
expires: Tue, 29 Aug 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ Frame 8230 10 B
182 B 372ms
290ms XHR
application/json 34.120.96.193
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=1011503&vid=01H8YC68DVPA9CCQ568WMK74J3
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.96.193 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 193.96.120.34.bc.googleusercontent.com
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: https://media5.fc2.com
date: Mon, 28 Aug 2023 15:28:55 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E5D8 22 KB
8 KB 44ms
43ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 126385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Aug 2023 04:22:30 GMT
expires: Mon, 26 Aug 2024 04:22:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame EBA0 35 B
465 B 169ms
54ms Image
image/gif 91.228.74.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEHsWzoGqw4leDz7ZgWvgqM&google_cver=1&google_push=AXcoOmSDVCcN2hYNWr_OIj27O4EuVez-FtUBIS6tHp6gX7niV7kIGmTnphibo3hZyi8Wn4mupogsXYspB9E8hJoIqfiOpvcr-zNuvw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.159 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:55 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EBA0
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHy23jBIFTkP5GBznIqbbwM&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHy23jBIFTkP5GBznIqbbwM&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VjN6eTRFTTExUUFFYUg1&google_gid=CAESEHy23jBIFTkP5GBznIqbbwM&google_cver=1&google_push=AXcoOmSgqdSzevlsMS08hTbVFbA-6G1YLbqWt8oRYR8davR...

170 B
188 B

78ms
72ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VjN6eTRFTTExUUFFYUg1&google_gid=CAESEHy23jBIFTkP5GBznIqbbwM&google_cver=1&google_push=AXcoOmSgqdSzevlsMS08hTbVFbA-6G1YLbqWt8oRYR8davRAQ9qcV9HWm50obERhO_BY8ynyzl4l2b79XVpUK4MQnAeF1LXs59dXKxY

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 15:28:55 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0dcb732bd13b1eb84@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VjN6eTRFTTExUUFFYUg1&google_gid=CAESEHy23jBIFTkP5GBznIqbbwM&google_cver=1&google_push=AXcoOmSgqdSzevlsMS08hTbVFbA-6G1YLbqWt8oRYR8davRAQ9qcV9HWm50obERhO_BY8ynyzl4l2b79XVpUK4MQnAeF1LXs59dXKxY
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EBA0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPMUhmNdbNlHQ2sbNLSD-a0&google_cver=1&google_push=AXcoOmSXlaQQmmUeRXofMhFy0-SLIppvAsROv0oqRqDE-lslcXe-O3E9Phab3_RVU8aqW0dZ3-s3NM06gfFjR_2W...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSXlaQQmmUeRXofMhFy0-SLIppvAsROv0oqRqDE-lslcXe-O3E9Phab3_RVU8aqW0dZ3-s3NM06gfFjR_2WZf5dv0SK7ynOhQI

170 B
188 B

69ms
68ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSXlaQQmmUeRXofMhFy0-SLIppvAsROv0oqRqDE-lslcXe-O3E9Phab3_RVU8aqW0dZ3-s3NM06gfFjR_2WZf5dv0SK7ynOhQI

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 28 Aug 2023 15:28:55 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x14 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSXlaQQmmUeRXofMhFy0-SLIppvAsROv0oqRqDE-lslcXe-O3E9Phab3_RVU8aqW0dZ3-s3NM06gfFjR_2WZf5dv0SK7ynOhQI
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 28 Aug 2023 15:28:54 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame EBA0 70 B
264 B 195ms
64ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENLe9uAdKhaGztFZVLV-nFI&google_cver=1&google_push=AXcoOmSKUMoQQ9ZDnozWsbdQNN40xKok05FhSBNFgUojCAq5DDfdshEpo7nv7YkiZHHsIMQxw3_DkNjxBHI1EeuY13Fe8nWy7lcaSIw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 28 Aug 2023 15:28:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EBA0
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEP-nJdBKeY4ngnuiBCY1MuA&google_cver=1&google_push=AXcoOmQpMT7ZvOqVkcXsb2Us3dgSq1TEpAXrzcKgBWEb2nYkRixk1QSVx_6J8qfa32exedV2mI2zZPcq1sc3TBBF...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=QedbprI5Q0Cx5joKBSPcoA2&google_push=AXcoOmQpMT7ZvOqVkcXsb2Us3dgSq1TEpAXrzcKgBWEb2nYkRixk1QSVx_6J8qfa32exedV2mI2zZPcq1sc3TBBFNKvr5HWA4ALTiPE

170 B
188 B

58ms
57ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=QedbprI5Q0Cx5joKBSPcoA2&google_push=AXcoOmQpMT7ZvOqVkcXsb2Us3dgSq1TEpAXrzcKgBWEb2nYkRixk1QSVx_6J8qfa32exedV2mI2zZPcq1sc3TBBFNKvr5HWA4ALTiPE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 28 Aug 2023 15:28:55 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=QedbprI5Q0Cx5joKBSPcoA2&google_push=AXcoOmQpMT7ZvOqVkcXsb2Us3dgSq1TEpAXrzcKgBWEb2nYkRixk1QSVx_6J8qfa32exedV2mI2zZPcq1sc3TBBFNKvr5HWA4ALTiPE
x-host: tde-deliveryengine-production-5c85b8f797-lr7d9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame EBA0 43 B
146 B 167ms
53ms Image
image/gif 18.196.138.245
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKjnjQ1RN9t2BbE6n9hFC-M&google_cver=1&google_push=AXcoOmQLy5oqy0Gdn_xs8oXcgONPAnp4174msK_mZXvc_9d05fht5btf2fSQGsaPFb9gYU0xXr1nimBi4y-3qoxXvf8-yk49ACE1Yg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.138.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-138-245.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame EBA0 43 B
363 B 164ms
60ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSjF2BQkDd2Do1TszGleZdgcJ1B_RtC6AQiNQvxsafXm8KTLBfilGgHl2AbJGhvBDE3J1eyoa0_-C7k5UuUSvKgqcXAeKlEe8k&google_gid=CAESEAOS0Vg2C3IcC4WKEsLzz9A&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:55 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 178605
expires: Mon, 28 Aug 2023 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame EBA0 0
69 B 56ms
54ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J-mwHlKJ48pjLVUmatPgeUGdtInHTlTPf3PlF_tQMdM8gAprvz2azHDwwWphHh7-WlS4Ji

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DEEA 22 KB
8 KB 46ms
45ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 126385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Aug 2023 04:22:30 GMT
expires: Mon, 26 Aug 2024 04:22:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame EDB2 0
104 B 235ms
116ms Image
text/plain 63.215.202.137
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEA41bWOHgpF2OBZIQ9EB1Cg&google_cver=1&google_push=AXcoOmQ3fSF7roXqsY9MiyYKMvtPqWfJ-swu6nu7_D4oAykzeQxQxYvdrWctqAZvn8R-yVznMapFytQ3ZbEYwJNh1L1b9bAmfGJ-PA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.215.202.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams01-nessy-float1.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame EDB2
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGW16Ah0pcf3dK085LYUn5I&google_cver=1&google_push=AXcoOmTL1O2ed_EEOry1nd2jFDJ-Kh-v4j1K3ofLT95m7Xb119mRIZ1RV0J4K-ym4TGujyCOeF26r6tKPV0UkI7jbsTL-7kFjAmgJ...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGW16Ah0pcf3dK085LYUn5I&google_cver=1&google_push=AXcoOmTL1O2ed_EEOry1nd2jFDJ-Kh-v4j1K3ofLT95m7Xb119mRIZ1RV0J4K-ym4TGujyCOeF26r6tKPV0UkI7jbsTL-7kFjAm...

43 B
398 B

223ms
215ms

Image
image/gif

104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGW16Ah0pcf3dK085LYUn5I&google_cver=1&google_push=AXcoOmTL1O2ed_EEOry1nd2jFDJ-Kh-v4j1K3ofLT95m7Xb119mRIZ1RV0J4K-ym4TGujyCOeF26r6tKPV0UkI7jbsTL-7kFjAmgJw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTL1O2ed_EEOry1nd2jFDJ-Kh-v4j1K3ofLT95m7Xb119mRIZ1RV0J4K-ym4TGujyCOeF26r6tKPV0UkI7jbsTL-7kFjAmgJw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fdd963f9bb6351b-WAW
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 7
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGW16Ah0pcf3dK085LYUn5I&google_cver=1&google_push=AXcoOmTL1O2ed_EEOry1nd2jFDJ-Kh-v4j1K3ofLT95m7Xb119mRIZ1RV0J4K-ym4TGujyCOeF26r6tKPV0UkI7jbsTL-7kFjAmgJw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTL1O2ed_EEOry1nd2jFDJ-Kh-v4j1K3ofLT95m7Xb119mRIZ1RV0J4K-ym4TGujyCOeF26r6tKPV0UkI7jbsTL-7kFjAmgJw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fdd963dd960351b-WAW
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EDB2
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEH0cxBfNpm-PzctFXQjST0g&google_cver=1&google_push=AXcoOmQvc3b8HdxeLu39qEfk9DUFcI0GKj6cugjUGQepEe5-7fP6YZck9JVODxRWAFx2_Z8ldufXOviDCXIbxlsWtO6akUecHBID
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A5EDF3D58CCC44E6AEEA211842C58E4D&google_push=AXcoOmQvc3b8HdxeLu39qEfk9DUFcI0GKj6cugjUGQepEe5-7fP6YZck9JVODxRWAFx2_Z8ldufXOviDCXIbxls...

170 B
188 B

77ms
71ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A5EDF3D58CCC44E6AEEA211842C58E4D&google_push=AXcoOmQvc3b8HdxeLu39qEfk9DUFcI0GKj6cugjUGQepEe5-7fP6YZck9JVODxRWAFx2_Z8ldufXOviDCXIbxlsWtO6akUecHBID

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 28 Aug 2023 15:28:56 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A5EDF3D58CCC44E6AEEA211842C58E4D&google_push=AXcoOmQvc3b8HdxeLu39qEfk9DUFcI0GKj6cugjUGQepEe5-7fP6YZck9JVODxRWAFx2_Z8ldufXOviDCXIbxlsWtO6akUecHBID
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 27 Aug 2023 15:28:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EDB2
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJGrbXYThYFvsMXy98N4kYI&google_cver=1&google_push=AXcoOmRc51CsjxMbkuc1bS2MN_Wx84n6OgQpgmRy8wTukcGn57vLv8Vjzj4Nz97FblG0kKJn78o-1DUT...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJGrbXYThYFvsMXy98N4kYI&google_cver=1&google_push=AXcoOmRc51CsjxMbkuc1bS2MN_Wx84n6OgQpgmRy8wTukcGn57vLv8Vjzj4Nz97FblG0kKJn78o...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzA1NjI4OTQ0MTY1MTMyMjk4Ng&google_push=AXcoOmRc51CsjxMbkuc1bS2MN_Wx84n6OgQpgmRy8wTukcGn57vLv8Vjzj4Nz97FblG0kKJn78o-1D...

170 B
188 B

55ms
55ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzA1NjI4OTQ0MTY1MTMyMjk4Ng&google_push=AXcoOmRc51CsjxMbkuc1bS2MN_Wx84n6OgQpgmRy8wTukcGn57vLv8Vjzj4Nz97FblG0kKJn78o-1DUTYfQ_QZ_FPv_kEJ5w81H0Jg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzA1NjI4OTQ0MTY1MTMyMjk4Ng&google_push=AXcoOmRc51CsjxMbkuc1bS2MN_Wx84n6OgQpgmRy8wTukcGn57vLv8Vjzj4Nz97FblG0kKJn78o-1DUTYfQ_QZ_FPv_kEJ5w81H0Jg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 trk
ag.innovid.com/ Frame EDB2 43 B
297 B 363ms
49ms Image
image/gif 3.9.242.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEIQ6GgdgdomUu2fxse-BhJY&google_cver=1&google_push=AXcoOmQpz_bNlZe9sFhZ0r6ZcUCvhWN8e6v_R0xB-WhMk5WJ7yPX4lV5lUxmVYpeRbM0wl5SOkUWrM3szOUoU92MnW-0OugjK4I3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.242.113 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-242-113.eu-west-2.compute.amazonaws.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EDB2
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHPdDItbGbX3zT-YZBYRtWY&google_cver=1&google_push=AXcoOmSMiiJS0xgy3eIaNPfMhsBomHmwF88KlH8aEs3LDo6ldDq6-xdIO0ae1eGfuOBNXGy8CQqiC2VJMDqL...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSMiiJS0xgy3eIaNPfMhsBomHmwF88KlH8aEs3LDo6ldDq6-xdIO0ae1eGfuOBNXGy8CQqiC2VJMDqLPHk1QEAPuBFePI19Iw

170 B
188 B

90ms
70ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSMiiJS0xgy3eIaNPfMhsBomHmwF88KlH8aEs3LDo6ldDq6-xdIO0ae1eGfuOBNXGy8CQqiC2VJMDqLPHk1QEAPuBFePI19Iw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSMiiJS0xgy3eIaNPfMhsBomHmwF88KlH8aEs3LDo6ldDq6-xdIO0ae1eGfuOBNXGy8CQqiC2VJMDqLPHk1QEAPuBFePI19Iw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EDB2
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEIElVBQRS1lKXaFbvcGu3r4&google_cver=1&google_push=AXcoOmRIvP1xu-R8Bi4blnHuXSYh-U0dr3GLeZFACgRjNEyfDIve06H_FiIb36kwlQ...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRIvP1xu-R8Bi4blnHuXSYh-U0dr3GLeZFACgRjNEyfDIve06H_FiIb36kwlQpClHCkgQvqV2LlJPxc2wMBqlVPk8YP5D1YaFg&google_hm=...

170 B
188 B

64ms
61ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRIvP1xu-R8Bi4blnHuXSYh-U0dr3GLeZFACgRjNEyfDIve06H_FiIb36kwlQpClHCkgQvqV2LlJPxc2wMBqlVPk8YP5D1YaFg&google_hm=dDx5O-plTqGMRpjyBFslbLk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:55 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRIvP1xu-R8Bi4blnHuXSYh-U0dr3GLeZFACgRjNEyfDIve06H_FiIb36kwlQpClHCkgQvqV2LlJPxc2wMBqlVPk8YP5D1YaFg&google_hm=dDx5O-plTqGMRpjyBFslbLk
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EDB2 0
12 B 74ms
72ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KwOTaSR2PlnucjsrMvhjcIV79D-2304n8ysy2-k_KuWpVinoL6gxyjC89epDud7hHk-ztMsA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5A08
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJTmCf1UPg8_SygmrtVD-S0&google_cver=1&google_push=AXcoOmT8dNQ1XuKNr_YqIp32jesao3s5ii8PC2fEi-pG9nvEIZSe5IUuk-1VdaxErLQ8dO-GbqoSavGmB3KDNiMr6gwmLsIvoHoXsXg
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjU3ODI5NzAxOTczNzE5NTA5OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJTmCf1UPg8_SygmrtVD-S0&google_cver=1

43 B
398 B

81ms
50ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJTmCf1UPg8_SygmrtVD-S0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 28 Aug 2023 15:28:55 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJTmCf1UPg8_SygmrtVD-S0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 5A08 0
103 B 232ms
117ms Image
text/plain 63.215.202.137
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEA41bWOHgpF2OBZIQ9EB1Cg&google_cver=1&google_push=AXcoOmSP-f9GgJ5IAPd4VE4g2pxHThoaOA80fmOo0EU48Q2Z33d9B9DmWcfPk1zmH_EQMPkOrehKPxKoR6p20Kgk4exU1JrHAfER_g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.215.202.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams01-nessy-float1.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A08
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEH0cxBfNpm-PzctFXQjST0g&google_cver=1&google_push=AXcoOmTz4TZJCG2kvodkCNy8pdvhEUdeLx6nHPXwioTWyLmedLgOWFrv6gwni1-PFtMmQfFQCiCMEDhRpIv11GWQmJ-4TzNYFAepdA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CD598E699EC74A459A66E34302FECDE6&google_push=AXcoOmTz4TZJCG2kvodkCNy8pdvhEUdeLx6nHPXwioTWyLmedLgOWFrv6gwni1-PFtMmQfFQCiCMEDhRpIv11GW...

170 B
188 B

78ms
71ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CD598E699EC74A459A66E34302FECDE6&google_push=AXcoOmTz4TZJCG2kvodkCNy8pdvhEUdeLx6nHPXwioTWyLmedLgOWFrv6gwni1-PFtMmQfFQCiCMEDhRpIv11GWQmJ-4TzNYFAepdA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 28 Aug 2023 15:28:56 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CD598E699EC74A459A66E34302FECDE6&google_push=AXcoOmTz4TZJCG2kvodkCNy8pdvhEUdeLx6nHPXwioTWyLmedLgOWFrv6gwni1-PFtMmQfFQCiCMEDhRpIv11GWQmJ-4TzNYFAepdA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 27 Aug 2023 15:28:56 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 5A08 70 B
265 B 88ms
63ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENLe9uAdKhaGztFZVLV-nFI&google_cver=1&google_push=AXcoOmQB65pKB_a_9w5HUQijjC2Lx7ZSA5GzHNkrGwpfLfGQK9Hn1S6gcmDlsCGj-RqxgwpRDhFYg7wOBGXMceGRyvjG-r57fBwju-Y
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 28 Aug 2023 15:28:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A08
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMwiARegLlEtx0kdYFmIcdc&google_cver=1&google_push=AXcoOmRlMSu_P-6BxlkG5XlauWRecjTa_ffH24FkoctGmsjXGwD31U0WDT6ODFAU_-mc0MYmySBuI9D2096AyLVVpmdy7FW...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRlMSu_P-6BxlkG5XlauWRecjTa_ffH24FkoctGmsjXGwD31U0WDT6ODFAU_-mc0MYmySBuI9D2096AyLVVpmdy7FWbBG6VMao&google_hm=eS0waUczSzFwRTJwSFl...

170 B
188 B

54ms
54ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRlMSu_P-6BxlkG5XlauWRecjTa_ffH24FkoctGmsjXGwD31U0WDT6ODFAU_-mc0MYmySBuI9D2096AyLVVpmdy7FWbBG6VMao&google_hm=eS0waUczSzFwRTJwSFlXYWh0V2QxMjZlODlRWXZGUnBqNX5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 28 Aug 2023 15:28:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRlMSu_P-6BxlkG5XlauWRecjTa_ffH24FkoctGmsjXGwD31U0WDT6ODFAU_-mc0MYmySBuI9D2096AyLVVpmdy7FWbBG6VMao&google_hm=eS0waUczSzFwRTJwSFlXYWh0V2QxMjZlODlRWXZGUnBqNX5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 5A08 43 B
362 B 58ms
54ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSyphCx3XDDMxnYHlYnuAhd5I_NztDCRWU81waMjLfQQNoj_ObbifeoAU-rl4Q5GU1y9K5fqrfRloo2hu4DYOqMydllg4Z54Vo&google_gid=CAESEAOS0Vg2C3IcC4WKEsLzz9A&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:55 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 191460
expires: Mon, 28 Aug 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A08
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJGrbXYThYFvsMXy98N4kYI&google_cver=1&google_push=AXcoOmTpl3kkVssrX505dc9kek5Wre2ihjEMGHM2L3ewR3Y9WziQwAyzbchhk_MUfgXkOuv-kZIyogfM...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJGrbXYThYFvsMXy98N4kYI&google_cver=1&google_push=AXcoOmTpl3kkVssrX505dc9kek5Wre2ihjEMGHM2L3ewR3Y9WziQwAyzbchhk_MUfgXkOuv-kZI...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzMzMTQxNDc2MTE3Mjk5ODA5&google_push=AXcoOmTpl3kkVssrX505dc9kek5Wre2ihjEMGHM2L3ewR3Y9WziQwAyzbchhk_MUfgXkOuv-kZIyogfM...

170 B
188 B

56ms
56ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzMzMTQxNDc2MTE3Mjk5ODA5&google_push=AXcoOmTpl3kkVssrX505dc9kek5Wre2ihjEMGHM2L3ewR3Y9WziQwAyzbchhk_MUfgXkOuv-kZIyogfM_9zhagkDhqGefqzsLlN-zxs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzMzMTQxNDc2MTE3Mjk5ODA5&google_push=AXcoOmTpl3kkVssrX505dc9kek5Wre2ihjEMGHM2L3ewR3Y9WziQwAyzbchhk_MUfgXkOuv-kZIyogfM_9zhagkDhqGefqzsLlN-zxs
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5A08 0
12 B 73ms
69ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KC2Fm8scHXO67FXYIYKIEuaCkxw0EpZakIoeIhH5q1QBZyo-K0fI92P-1rnQxITYoncBHY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame CEF5
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJTmCf1UPg8_SygmrtVD-S0&google_cver=1&google_push=AXcoOmRTg8HVriKbeQJOPdY9CboPB7m2p23ByD71u9uQxl8_lQAPd7CvW-qVqkFHCnhPAZG7rwODelzCgjWu3blQNUAkKJqTAVP7brg
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM2MjEyNDIzNzYyMzQxMTI5MQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJTmCf1UPg8_SygmrtVD-S0&google_cver=1

43 B
398 B

80ms
49ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJTmCf1UPg8_SygmrtVD-S0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 28 Aug 2023 15:28:55 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJTmCf1UPg8_SygmrtVD-S0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame CEF5 35 B
463 B 58ms
56ms Image
image/gif 91.228.74.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEHsWzoGqw4leDz7ZgWvgqM&google_cver=1&google_push=AXcoOmSHXW1Y6fuZ3KJ2ldc8_aSnJS03PIOcxPoVPOSnhTB9tGC7Ip6K4t0mcCzr732_OTDUl_5cW9c3GBoxX9jJMeSA45eyLtRSHbQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.159 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:55 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CEF5
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHy23jBIFTkP5GBznIqbbwM&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHy23jBIFTkP5GBznIqbbwM&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VjN6eTRFTTExUUFFYUg1&google_gid=CAESEHy23jBIFTkP5GBznIqbbwM&google_cver=1&google_push=AXcoOmQVd-oRygwcn94t21q-Zkx9kA7BuzB813lm8tN3qBt...

170 B
188 B

55ms
55ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VjN6eTRFTTExUUFFYUg1&google_gid=CAESEHy23jBIFTkP5GBznIqbbwM&google_cver=1&google_push=AXcoOmQVd-oRygwcn94t21q-Zkx9kA7BuzB813lm8tN3qBty4KjZnvd36piEVN9a4ZEziHEcml9loQcyCz0DKzrnyc0NjfQCe_kAIQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 15:28:55 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0f5e39ca57a5c2bae@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VjN6eTRFTTExUUFFYUg1&google_gid=CAESEHy23jBIFTkP5GBznIqbbwM&google_cver=1&google_push=AXcoOmQVd-oRygwcn94t21q-Zkx9kA7BuzB813lm8tN3qBty4KjZnvd36piEVN9a4ZEziHEcml9loQcyCz0DKzrnyc0NjfQCe_kAIQ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame CEF5
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGW16Ah0pcf3dK085LYUn5I&google_cver=1&google_push=AXcoOmR30cFWU3V_zmA-U0b2lRkzMNtl7Ds-yqxeUXBPswp7NkvfW-qFHbnCDdr1QkVfjoAn9q0kQmw9gkyZgbFzHrrp2qQ0v7752...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGW16Ah0pcf3dK085LYUn5I&google_cver=1&google_push=AXcoOmR30cFWU3V_zmA-U0b2lRkzMNtl7Ds-yqxeUXBPswp7NkvfW-qFHbnCDdr1QkVfjoAn9q0kQmw9gkyZgbFzHrrp2qQ0v77...

43 B
431 B

219ms
210ms

Image
image/gif

104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGW16Ah0pcf3dK085LYUn5I&google_cver=1&google_push=AXcoOmR30cFWU3V_zmA-U0b2lRkzMNtl7Ds-yqxeUXBPswp7NkvfW-qFHbnCDdr1QkVfjoAn9q0kQmw9gkyZgbFzHrrp2qQ0v7752XA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR30cFWU3V_zmA-U0b2lRkzMNtl7Ds-yqxeUXBPswp7NkvfW-qFHbnCDdr1QkVfjoAn9q0kQmw9gkyZgbFzHrrp2qQ0v7752XA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fdd963f9bb4351b-WAW
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 772
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGW16Ah0pcf3dK085LYUn5I&google_cver=1&google_push=AXcoOmR30cFWU3V_zmA-U0b2lRkzMNtl7Ds-yqxeUXBPswp7NkvfW-qFHbnCDdr1QkVfjoAn9q0kQmw9gkyZgbFzHrrp2qQ0v7752XA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR30cFWU3V_zmA-U0b2lRkzMNtl7Ds-yqxeUXBPswp7NkvfW-qFHbnCDdr1QkVfjoAn9q0kQmw9gkyZgbFzHrrp2qQ0v7752XA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fdd963dd961351b-WAW
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CEF5
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEH0cxBfNpm-PzctFXQjST0g&google_cver=1&google_push=AXcoOmSRABXYM6MWzjttR8NfYPaeukMrp7dWkWjezjc6aYK_KYGPqJn3AfzCiK8cXOkcAPpBzbwx9tMkXyd8Z-RRyFErKztgIjU8zmc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=48BE217A83004CEF900F0FC7AD86AB4E&google_push=AXcoOmSRABXYM6MWzjttR8NfYPaeukMrp7dWkWjezjc6aYK_KYGPqJn3AfzCiK8cXOkcAPpBzbwx9tMkXyd8Z-R...

170 B
188 B

78ms
71ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=48BE217A83004CEF900F0FC7AD86AB4E&google_push=AXcoOmSRABXYM6MWzjttR8NfYPaeukMrp7dWkWjezjc6aYK_KYGPqJn3AfzCiK8cXOkcAPpBzbwx9tMkXyd8Z-RRyFErKztgIjU8zmc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 28 Aug 2023 15:28:56 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=48BE217A83004CEF900F0FC7AD86AB4E&google_push=AXcoOmSRABXYM6MWzjttR8NfYPaeukMrp7dWkWjezjc6aYK_KYGPqJn3AfzCiK8cXOkcAPpBzbwx9tMkXyd8Z-RRyFErKztgIjU8zmc
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 27 Aug 2023 15:28:56 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame CEF5 70 B
264 B 75ms
65ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENLe9uAdKhaGztFZVLV-nFI&google_cver=1&google_push=AXcoOmQ8nPHQ0OxwO7pVE8bYNoINZYNEk_Xcvc-YAEMoyzOzVoOEjlqi7R1XKGtDPHXdxTT7xjaFXVYFMd8U3FxGtmOkvisK5lSJMI0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 28 Aug 2023 15:28:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

report
sync.teads.tv/um/ Frame CEF5
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPC5SnJvi_GS...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQ0uyCXf45g6Ph6R2J0YxU26ZIiFE05ilmEUaeYNMsatt4UK4uEyEk6UrlF63NfcijVckDVNIxrvOEuNVxtgJs3W4daDLjyo5C2
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

78ms
78ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

expires: Mon, 28 Aug 2023 15:28:56 GMT
pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CEF5 0
12 B 60ms
59ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I9KGs2D7hZtuWAlXVXWno9LxiJJjAOfqV0nycwhy4ipf6hqEaXibhzelyjP5jxiZpRrK2RDA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 594704715939374457
s0.2mdn.net/simgad/ Frame 2F06 20 KB
20 KB 150ms
56ms Image
image/jpeg 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/594704715939374457

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

d1d9bcc868a5af3451dfc14345a5d8fe527a97528118c4d0c6a432de14763c8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 22:32:13 GMT
x-content-type-options: nosniff
age: 61003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20778
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 10:24:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Aug 2024 22:32:13 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 84DB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

76ms
76ms

Document
text/html

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 15:28:56 GMT
expires: Mon, 28 Aug 2023 15:28:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 15:28:55 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 594704715939374457
s0.2mdn.net/simgad/ Frame 45C7 20 KB
20 KB 93ms
57ms Image
image/jpeg 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/594704715939374457

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

d1d9bcc868a5af3451dfc14345a5d8fe527a97528118c4d0c6a432de14763c8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 22:32:13 GMT
x-content-type-options: nosniff
age: 61003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20778
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 10:24:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Aug 2024 22:32:13 GMT

GET
H3 200 F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js Show response
pagead2.googlesyndication.com/bg/ Frame E5D8 37 KB
14 KB 47ms
47ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:34:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14626
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Aug 2024 11:34:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3966 14 KB
1 KB 59ms
58ms Stylesheet
text/css 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=280&adk=1221782170&adf=3105276512&pi=t.aa~a.1914032700~i.10~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1519982746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2593758635&ad_type=text_image&format=800x280&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1693236535350&bpp=1&bdt=7005&idt=1&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98aa37815e78d97f-226094385fde007e%3AT%3D1693236529%3ART%3D1693236529%3AS%3DALNI_MYS07xBOu7MWu-fxDuXMXba1vF9Iw&gpic=UID%3D00000d8e4b362f28%3AT%3D1693236529%3ART%3D1693236529%3AS%3DALNI_MbKfFRux5vW5K9ZI3ZjoGlmcJkMfw&prev_fmts=235x600%2C800x280%2C0x0&nras=2&correlator=7286624821826&frm=20&pv=1&ga_vid=216198697.1693236530&ga_sid=1693236530&ga_hid=307188461&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=3033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077370&oid=2&psts=AOrYGskajdcBEFw6oFxt7Utb6sgo8AgBv65UAXXYLaT7S9NspbjPM6Lyn0bMSOB8LZOIlv-rTY7eas46DGUWQEXTe-V55w&pvsid=815033577226452&tmod=1169466614&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=o7hLIvnGQF&p=http%3A//lanterman.web.fc2.com&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f138.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Aug 2023 15:28:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 14:03:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Aug 2023 15:28:56 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 3966 2 KB
892 B 56ms
55ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 13:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 13:21:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame 3966 23 KB
9 KB 65ms
64ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 13:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 13:21:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 3966 3 KB
1 KB 67ms
66ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:13:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15304
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 11:13:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 3966 20 KB
8 KB 55ms
55ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:13:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 11:13:53 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3966 0
0 69ms
68ms Image
text/html 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRYWLegbkHXeHS6EvsWWaJUbDkWwxjB4ejlMk_MCoaWK85U8LrOhWjMnwWAAOHSUd9y8YwAHH1lTVTWprS4wOFp5BK_VA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=280&adk=1221782170&adf=3105276512&pi=t.aa~a.1914032700~i.10~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1519982746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2593758635&ad_type=text_image&format=800x280&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1693236535350&bpp=1&bdt=7005&idt=1&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98aa37815e78d97f-226094385fde007e%3AT%3D1693236529%3ART%3D1693236529%3AS%3DALNI_MYS07xBOu7MWu-fxDuXMXba1vF9Iw&gpic=UID%3D00000d8e4b362f28%3AT%3D1693236529%3ART%3D1693236529%3AS%3DALNI_MbKfFRux5vW5K9ZI3ZjoGlmcJkMfw&prev_fmts=235x600%2C800x280%2C0x0&nras=2&correlator=7286624821826&frm=20&pv=1&ga_vid=216198697.1693236530&ga_sid=1693236530&ga_hid=307188461&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=3033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077370&oid=2&psts=AOrYGskajdcBEFw6oFxt7Utb6sgo8AgBv65UAXXYLaT7S9NspbjPM6Lyn0bMSOB8LZOIlv-rTY7eas46DGUWQEXTe-V55w&pvsid=815033577226452&tmod=1169466614&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=o7hLIvnGQF&p=http%3A//lanterman.web.fc2.com&dtd=5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3966 181 KB
56 KB 117ms
116ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 15:28:56 GMT

GET
H3 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 3966 35 KB
15 KB 71ms
70ms Script
text/javascript 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 03:15:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 18:25:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 03:15:29 GMT

GET
H3 200 F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js Show response
pagead2.googlesyndication.com/bg/ Frame 46A0 37 KB
14 KB 52ms
51ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:34:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14626
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Aug 2024 11:34:44 GMT

GET
H3 200 F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js Show response
pagead2.googlesyndication.com/bg/ Frame DEEA 37 KB
14 KB 48ms
47ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:34:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14626
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Aug 2024 11:34:44 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3528 1 KB
643 B 62ms
57ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 15297
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 11:13:59 GMT
etag: 48472445140208031
expires: Tue, 29 Aug 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/17277914116773231948/ Frame 3966 24 KB
24 KB 59ms
58ms Image
image/jpeg 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17277914116773231948/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

ab159c21ad387307cfb74673bf95dca3ce81acae6029a84fb4a475c788e50ea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 14:30:14 GMT
x-content-type-options: nosniff
age: 176322
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24145
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 15:58:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Aug 2024 14:30:14 GMT

GET
DATA 200
OK truncated
/ Frame 3966 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3966 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3966 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9efed56a9838d11eea9f613a22134eecef4dde68dd298eee453687801f3d2a4e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 CEE-PL_FX_Productrange-Polish-160x600-638181878750177544-2a8953fd-4da6-43f1-a1ab-5e58d59c9f74.html Show response
s0.2mdn.net/sadbundle/12848455575800905728/ Frame 5444 4 KB
1 KB 45ms
44ms Document
text/html 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12848455575800905728/CEE-PL_FX_Productrange-Polish-160x600-638181878750177544-2a8953fd-4da6-43f1-a1ab-5e58d59c9f74.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

767f76af092a9b0b3f4f7c664df1e556adc17cc7e9e3dd528eeeaac48e798a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 61003
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1418
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Aug 2023 22:32:13 GMT
expires: Mon, 26 Aug 2024 22:32:13 GMT
last-modified: Thu, 27 Apr 2023 10:24:45 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 CEE-PL_FX_Productrange-Polish-160x600-638181878750177544-2a8953fd-4da6-43f1-a1ab-5e58d59c9f74.html Show response
s0.2mdn.net/sadbundle/12848455575800905728/ Frame 8B9C 4 KB
1 KB 44ms
44ms Document
text/html 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12848455575800905728/CEE-PL_FX_Productrange-Polish-160x600-638181878750177544-2a8953fd-4da6-43f1-a1ab-5e58d59c9f74.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

767f76af092a9b0b3f4f7c664df1e556adc17cc7e9e3dd528eeeaac48e798a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 61003
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1418
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Aug 2023 22:32:13 GMT
expires: Mon, 26 Aug 2024 22:32:13 GMT
last-modified: Thu, 27 Apr 2023 10:24:45 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js Show response
pagead2.googlesyndication.com/bg/ Frame B1B8 37 KB
14 KB 44ms
44ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:34:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14626
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Aug 2024 11:34:44 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3528
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJTmCf1UPg8_SygmrtVD-S0&google_cver=1&google_push=AXcoOmRlD4a7sowIBtB_4a2t30D0YY0KPfdYXR71QJeYdNqMo4PN_zFjKpvPs5hAqkV0flf5niJ08EzhPF_KHThJ3mYDw-26z9Q-ZQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM2MjEyNDIzNzYyMzQxMTI5MQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJTmCf1UPg8_SygmrtVD-S0&google_cver=1

43 B
398 B

49ms
49ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJTmCf1UPg8_SygmrtVD-S0&google_cver=1
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 28 Aug 2023 15:28:55 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJTmCf1UPg8_SygmrtVD-S0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 3528 0
103 B 49ms
47ms Image
text/plain 63.215.202.137
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEA41bWOHgpF2OBZIQ9EB1Cg&google_cver=1&google_push=AXcoOmQ56umJgEWmp-JQN6Lqr4jKsYgtzegs8LTfIM62RaygYMcQxJ6qgb7SyyR5LHQ8zA-BzsA9IwsrqL1I-L5wn9sc8eRDP03WwA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=280&adk=1221782170&adf=3105276512&pi=t.aa~a.1914032700~i.10~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1519982746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2593758635&ad_type=text_image&format=800x280&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1693236535350&bpp=1&bdt=7005&idt=1&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98aa37815e78d97f-226094385fde007e%3AT%3D1693236529%3ART%3D1693236529%3AS%3DALNI_MYS07xBOu7MWu-fxDuXMXba1vF9Iw&gpic=UID%3D00000d8e4b362f28%3AT%3D1693236529%3ART%3D1693236529%3AS%3DALNI_MbKfFRux5vW5K9ZI3ZjoGlmcJkMfw&prev_fmts=235x600%2C800x280%2C0x0&nras=2&correlator=7286624821826&frm=20&pv=1&ga_vid=216198697.1693236530&ga_sid=1693236530&ga_hid=307188461&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=3033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077370&oid=2&psts=AOrYGskajdcBEFw6oFxt7Utb6sgo8AgBv65UAXXYLaT7S9NspbjPM6Lyn0bMSOB8LZOIlv-rTY7eas46DGUWQEXTe-V55w&pvsid=815033577226452&tmod=1169466614&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=o7hLIvnGQF&p=http%3A//lanterman.web.fc2.com&dtd=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.215.202.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams01-nessy-float1.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3528
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHy23jBIFTkP5GBznIqbbwM&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VjN6eTRFTTExUUFFYUg1&google_gid=CAESEHy23jBIFTkP5GBznIqbbwM&google_cver=1&google_push=AXcoOmR3D0MmKILdLsiBHOcQh2lWd6i8pOEBkyxQGr8PZmZ...

170 B
188 B

53ms
53ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VjN6eTRFTTExUUFFYUg1&google_gid=CAESEHy23jBIFTkP5GBznIqbbwM&google_cver=1&google_push=AXcoOmR3D0MmKILdLsiBHOcQh2lWd6i8pOEBkyxQGr8PZmZ3kuZQv5buBBKu4b1TJRLDu0ETiIZ93rhJ8oMcwZt8yiGEgUeLPlilVQ

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 15:28:56 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0f5e39ca57a5c2bae@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VjN6eTRFTTExUUFFYUg1&google_gid=CAESEHy23jBIFTkP5GBznIqbbwM&google_cver=1&google_push=AXcoOmR3D0MmKILdLsiBHOcQh2lWd6i8pOEBkyxQGr8PZmZ3kuZQv5buBBKu4b1TJRLDu0ETiIZ93rhJ8oMcwZt8yiGEgUeLPlilVQ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame 3528 43 B
399 B 205ms
203ms Image
image/gif 104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEGW16Ah0pcf3dK085LYUn5I&google_cver=1&google_push=AXcoOmTzNp_ew20-VGA0aXgsQtnFCiJnqqG6P44f8H0OlZtU-F5qUWkepriLhGFnV99prQtdyNwgdx-fWqkh6WCdHSXpW9nwD2bNqA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTzNp_ew20-VGA0aXgsQtnFCiJnqqG6P44f8H0OlZtU-F5qUWkepriLhGFnV99prQtdyNwgdx-fWqkh6WCdHSXpW9nwD2bNqA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=280&adk=1221782170&adf=3105276512&pi=t.aa~a.1914032700~i.10~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1519982746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2593758635&ad_type=text_image&format=800x280&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1693236535350&bpp=1&bdt=7005&idt=1&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98aa37815e78d97f-226094385fde007e%3AT%3D1693236529%3ART%3D1693236529%3AS%3DALNI_MYS07xBOu7MWu-fxDuXMXba1vF9Iw&gpic=UID%3D00000d8e4b362f28%3AT%3D1693236529%3ART%3D1693236529%3AS%3DALNI_MbKfFRux5vW5K9ZI3ZjoGlmcJkMfw&prev_fmts=235x600%2C800x280%2C0x0&nras=2&correlator=7286624821826&frm=20&pv=1&ga_vid=216198697.1693236530&ga_sid=1693236530&ga_hid=307188461&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=3033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077370&oid=2&psts=AOrYGskajdcBEFw6oFxt7Utb6sgo8AgBv65UAXXYLaT7S9NspbjPM6Lyn0bMSOB8LZOIlv-rTY7eas46DGUWQEXTe-V55w&pvsid=815033577226452&tmod=1169466614&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=o7hLIvnGQF&p=http%3A//lanterman.web.fc2.com&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fdd96403ca1351b-WAW
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 3528 70 B
264 B 63ms
61ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENLe9uAdKhaGztFZVLV-nFI&google_cver=1&google_push=AXcoOmTVSuC74ClLJOEZw14mSgk7zCl7Nj7acsA-BQZ0_vGd26bhdNTiejB-lV7kKUlThnWpVlZ2TEcQwZTqVwxs6rMGuRl32xdP8A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=280&adk=1221782170&adf=3105276512&pi=t.aa~a.1914032700~i.10~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1519982746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2593758635&ad_type=text_image&format=800x280&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1693236535350&bpp=1&bdt=7005&idt=1&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98aa37815e78d97f-226094385fde007e%3AT%3D1693236529%3ART%3D1693236529%3AS%3DALNI_MYS07xBOu7MWu-fxDuXMXba1vF9Iw&gpic=UID%3D00000d8e4b362f28%3AT%3D1693236529%3ART%3D1693236529%3AS%3DALNI_MbKfFRux5vW5K9ZI3ZjoGlmcJkMfw&prev_fmts=235x600%2C800x280%2C0x0&nras=2&correlator=7286624821826&frm=20&pv=1&ga_vid=216198697.1693236530&ga_sid=1693236530&ga_hid=307188461&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=3033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077370&oid=2&psts=AOrYGskajdcBEFw6oFxt7Utb6sgo8AgBv65UAXXYLaT7S9NspbjPM6Lyn0bMSOB8LZOIlv-rTY7eas46DGUWQEXTe-V55w&pvsid=815033577226452&tmod=1169466614&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=o7hLIvnGQF&p=http%3A//lanterman.web.fc2.com&dtd=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3528
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJGrbXYThYFvsMXy98N4kYI&google_cver=1&google_push=AXcoOmTvN_XQVyTO7B53buqGDCMcIbi5UMKpq3UMRTfHpWCaU3aStTBsSYZ-_0lOuYA9YFEz2puxPKB9...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzMzMTQxNDc2MTE3Mjk5ODA5&google_push=AXcoOmTvN_XQVyTO7B53buqGDCMcIbi5UMKpq3UMRTfHpWCaU3aStTBsSYZ-_0lOuYA9YFEz2puxPKB9...

170 B
188 B

55ms
55ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzMzMTQxNDc2MTE3Mjk5ODA5&google_push=AXcoOmTvN_XQVyTO7B53buqGDCMcIbi5UMKpq3UMRTfHpWCaU3aStTBsSYZ-_0lOuYA9YFEz2puxPKB9VVRHe3hPGJB7Cd2oBXBPYQ

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzMzMTQxNDc2MTE3Mjk5ODA5&google_push=AXcoOmTvN_XQVyTO7B53buqGDCMcIbi5UMKpq3UMRTfHpWCaU3aStTBsSYZ-_0lOuYA9YFEz2puxPKB9VVRHe3hPGJB7Cd2oBXBPYQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3528
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHPdDItbGbX3zT-YZBYRtWY&google_cver=1&google_push=AXcoOmSEjq_1cabwYHmpvTkH0547YSmlDa5wboFoOi3mYPSZHzOKdKytDG3dxzt4xgirxFRqlLqA1bgMmD8h...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSEjq_1cabwYHmpvTkH0547YSmlDa5wboFoOi3mYPSZHzOKdKytDG3dxzt4xgirxFRqlLqA1bgMmD8hpC0taZE3HSOXRYJqUA

170 B
188 B

55ms
55ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSEjq_1cabwYHmpvTkH0547YSmlDa5wboFoOi3mYPSZHzOKdKytDG3dxzt4xgirxFRqlLqA1bgMmD8hpC0taZE3HSOXRYJqUA

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSEjq_1cabwYHmpvTkH0547YSmlDa5wboFoOi3mYPSZHzOKdKytDG3dxzt4xgirxFRqlLqA1bgMmD8hpC0taZE3HSOXRYJqUA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3528 0
12 B 52ms
51ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KR0AHJzwrzLyywRjPfsGLu2GjQehbXz0HqtyQMVHCTGIx-suqOUtotPaXoHXSDSOxQGl6K

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:56 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 3966 33 KB
33 KB 44ms
44ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 210295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 05:04:01 GMT

GET
H2 200 644a4d4989644c37b4d2581f Show response
c.bannerflow.net/a/ Frame 5444 72 KB
24 KB 135ms
62ms Script
application/javascript 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/644a4d4989644c37b4d2581f?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstmuIZiVC_vnKZggVuay4m7EW0UOT17RGSzd-_XZicEu-4KhjyaJ7OmAGPBjUIyWOFySWpfscSykXsNoa3JvTOfA71vYs58cVHS9yg_Iw0hbWk-Mxfcni1kxgQNk5oLUGVR5dyFY8z7ulyku9EVmGzOLGbk95YUm3iXlHufk8pGuysmW4daXoXr3GoS72yWNZdpnBtwUUeNbFQ4QmkJMvFnYRxM8T1hK_iKTIQm0Ye0L0rQbGByOHQJc3JxAA_IOj9wf3Hv7Zyaf2rIEUFZc8-niJNpnO-NghMidXfbEXoJXXoDt_b_fm7dZtlXkCHl0cr98ylSoqLz31GXKaLvBr2FF70T32GO1WEKlCjX1AX8qA_hUu4tqQ6ytc0FGDFhFx6rscu43bk-yQL_fZeljXL28zHPD4Zl35XEioKbWf5jxH1XrC0WdcFsatZE2zotuw0d5HTfCnrohT77eMJ6D9yYSxDuo-_gZxw64w0v75pG7YIj4TByl_t73SBBI_vZZwKDJCbSry4xhrlNq3Y6OYCrEOz795bGLUqQbXjXwqQrwfecU4ZzzX2a0mCvL_FQ1oj3pUyw-ZzVzA_TNJGXpn890-QXZ8TdHJZf5fkxreQQ5Dt4KqIzsXQS6CvNrCF5oTmKEsfUqp-4XgQkWPTPn8sZHdvW-JHAchABOdZ-_SkXscBzkU5rUgtsHzz5AbqID2UDhOTLdSFVjy7KBUltFXJjjaPrUuQmgrdZYR7sMpgLd_WNgoKAcEhmbRiveVscAAPd0olwvCnx1Sj6heti7hahUL4MP7gL3791IElJcV_UysVz9evDa0hDw0odZ9QU-IbnZ9CssgDVZqSBzzd3kbOeRnAJxux1t-4yDgwGTt3PmUataRaQg0aCPqcd953h2pdteI-V7R0xk6ZLPaT-0L0TGi-fsNgqRiQOlyoFs-1alU8B-oTy04ZCdjtZXWQ6zqoBKCIr6MSoNXMo2ZWlhi3hDE_S8DoCZFyR4QULnVnaPohLNzHM_9vXwk0iwGJGLXIFRz-Mx3SY9DEgQQP9zi_7MtfDcc2zQ0eLkO8LL1VwJSGz6Dgfu3y7qTy6bqz7OBYjpabRKJhW4jSUdauqrHnpfVf60a2i3A8NmDsudiKuwwmqDQut81s7tJ70bMkZtFbOryMoVD8dkujoKnJ_E1XA4X3iPqjCxXxn-nYjEQrpeB1OINPsnO1vCZl7-duykkLIcfFDIA%26sai%3DAMfl-YSVS_2kv2kArP4_syzBMqB6FBxdCjF7IBtlfWjj62-hwwcMd9Kic32qX2d5jOjKxEcdobntkwcxMJ819UZaK_OPa7KhTyH7V6fhcrgWs3zb9S5yHD-2JzzOpjslAz-1YAbLewpJcLKoZaW81FX9pfkqTpL7iyU78cJiYolvMTIEF5T6UeAqSdM6KiHOG2-CbvIZeY0X6oCxN7fAj-jDRBvoI1KEQ4idKjybyQb9TFyxcxIpDWS8ibvbiWYjoVmN5w-sFNrwONrHaPuXA8eDOR_faQyp0KTeONZYygImU-4ZLo3hHXflBYZtte7s7Bx6cs_6VZ9aDcorh4P2qSJKxNmbfk5mGxx0C4sr7QI%26sig%3DCg0ArKJSzFWnr9l9VGdyEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fpl-pl%252Fproducts%252Fforex%253Fcmpid%253Ddisp_google_18021031909_145673789025_656617296655%2526dclid%253D%2525edclid!
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12848455575800905728/CEE-PL_FX_Productrange-Polish-160x600-638181878750177544-2a8953fd-4da6-43f1-a1ab-5e58d59c9f74.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82fc3c66501ae8d7102071d175705977441f89011029ffbddfd26c7415ca4ece

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 28 Aug 2023 15:28:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, s-maxage=10
cf-ray: 7fdd9641ad05fbc2-WAW
request-context: appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 3966
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cvw58N73sZJjpG-LlvPIPl8yx4Aiq1ovOcquH2tiHEsTK-uCeDhABIKv6jB5g6eTJhdgaoAGfsbXTAcgBCakCmFasurQisj6oAwHIA8sEqgTbAU_QNEiWVWzujV9HJna7IZFFENLmh_wKAzB...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217999904358454208196%22,%22debug_reporting%22:true,%22destination%22:%22https://iu.org%22,%22event_report_window%22:%22259...

0
0

77ms
77ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217999904358454208196%22,%22debug_reporting%22:true,%22destination%22:%22https://iu.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22443373727%22],%224%22:[%2208-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22150924249405883521%22}&andc=true

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:56 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"17999904358454208196","debug_reporting":true,"destination":"https://iu.org","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["443373727"],"4":["08-28"],"6":["true"]},"priority":"500","source_event_id":"150924249405883521"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 28 Aug 2023 15:28:56 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 28 Aug 2023 15:28:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17999904358454208196","debug_reporting":true,"destination":"https://iu.org","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["443373727"],"4":["08-28"],"6":["true"]},"priority":"500","source_event_id":"150924249405883521"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 644a4d4989644c37b4d2581f Show response
c.bannerflow.net/a/ Frame 8B9C 72 KB
24 KB 107ms
66ms Script
application/javascript 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/644a4d4989644c37b4d2581f?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssSDSAxPKANI2UVXtRiIVCY5RK-DGpa0C6-EhdQbiOkza2EPA9e-rfK4lABj1orCzQBFm7CEZ6w0FzpZKCC91QxM_I-UTA-qje40qYonHg8C9V1kOP6QFj6r0UbUQUDIixuNcdzvZwNIW7WoKDXcJPHC-jqlXPfN93yUGKBdyceZsiBrbiPDoaFmgE40Wn8a4QHD9od63xXUlHZWOO6ho3dngBA0epxFB2d8tCozehmi14Cqp-4Hkxl3DQ5vHoOAOmonofkbir53KfT_4ujqciDza2XA3WkB9BM1ER8-gS1mKFwCvsZibLd6WqdLJy7uEfpXdInrmT1dV4Ujq0qf7RvqWcLELAF9xpK6CD2-0H0f2FKb4RhZg0DSZomglP9FBJGymVU-jXFkrLVncwdF2h9dAFDkU73zTSbpC7HN0JRzqotMQOKCCfjDEurKirAuU9H0s4KuE10iLuMyeAHceg-IrQaWJaJPj7kXXxRXHufM9sF24TqVimgLFuZh46ss_jab_Tdlw2QsTO2KKXCYSgmF6zHmdN46Zc5HsXJ01AFxYuXKAHXGJlrCLPXv0hI8iRDtS8K0Fl8bP0J7kRVXq_w-Yvspm7zdV03y88XvbzOi4fqnEYJ9wf2Iyt-Lgzxwc5PHo_GSlNEc70lBJJEHAJmG4P8xChw8df4dFxQO_FYYfo-Kc-e20lYoTRyAXAnbAOr6agrIqvsDiIZZLmTxqJfoHhSoYoIK-pvmdQfhQdztm5sa3mAQdgO2w_-rlDUxUUOZWwQurxR7jdX4s2dJsvAZLs8A1Msk6Y6w6i59xqU4YJTuFpBQrQcKq-1M7g0fi_zPF8V4-r4AyH7nvWEuhoE9TItqwE3lK5hMKgoVZ_87LC16NDYMR91CvxZb9UPMjaXcTSVjfFnqJs-Cl7Fzv0B1usMsXPLrsQ7MEOXEIe6vC0E8D33oZQ1G5iG0Cf-6TsNeQ1PJ_IGG1xL9lN0ibjH269byZ-tBlOsG_H3lGlwNeOgWti7dxn8v13f7YlnKn6UhJu5qvt1xFdIXaSyPH9UYyEG6cdkmDGRvTD0MF1xzD9M_p_2jYQ7PzFLlybKf-FTt0yM6d9Fp5IFNcEMzdiNj3A4Z-hf3TY-WmsA2EKCJ3GawXT14mdPX30r2fWmxejl1Qqp_lxYAz3DNB7sIoac-P45sFEV7gyQL_sAWOs2U4BZ_5lXGK9KCmBjFSYnecmzFJMKTLM_%26sai%3DAMfl-YRyfmt5tzcI4Ox-Y9nJ8Q4S4-hM_FhVWWDm7wimDgScvTbzv4juZNnjb44AbPw1fmR_-j4Prj4sHkLEdCRdq8-7V2laMXUQMtIJldsH564d1eQxL3z9HThFp4l0d7qFCOiN1Xq35tmbCAEB-dIqqbsUTxHpEDMeTJ5r2IRHIGoz2c4vqix9mIwgF11zN_k3HzLQlhlLm0FHEtg20SIZB2YOXijGDEw_at6IpihePrvz7BmAFYsTYwZkp3ncuVr6E4WsUuXhy-52h8ztDATQb-AUzdxQbcKDbTuWXq86oIJydDF7qT0Xr_MnF56Z1eivOe3FI9ONUg2dV0mlvAtt0qBvkT3AX1f07153tNg%26sig%3DCg0ArKJSzEfDb9rMemImEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fpl-pl%252Fproducts%252Fforex%253Fcmpid%253Ddisp_google_18021031909_145673789025_656617296655%2526dclid%253D%2525edclid!
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12848455575800905728/CEE-PL_FX_Productrange-Polish-160x600-638181878750177544-2a8953fd-4da6-43f1-a1ab-5e58d59c9f74.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82fc3c66501ae8d7102071d175705977441f89011029ffbddfd26c7415ca4ece

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 28 Aug 2023 15:28:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, s-maxage=10
cf-ray: 7fdd9641ad06fbc2-WAW
request-context: appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb

GET
H3 200 F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js Show response
pagead2.googlesyndication.com/bg/ Frame 00DE 37 KB
14 KB 44ms
44ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:34:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14626
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Aug 2024 11:34:44 GMT

GET
H2 200 f.js Show response
cdn-fluct.sh.adingo.jp/ Frame F1CD 3 KB
3 KB 394ms
308ms Script
application/javascript 130.211.14.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000107337
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.14.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.14.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 94f36b60ffa01cf673284849dc3558bc77f69ade38897f6b9d88d831e803bf7e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:56 GMT
via: 1.1 google
last-modified: Mon, 12 Apr 2021 01:23:17 GMT
server: nginx
etag: "cf5ec206a0bc2705586f1c0fb0bd458b"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2747
expires: Mon, 28 Aug 2023 16:28:56 GMT

GET
H/1.1 200
200 ic
ssp.send.microadinc.com/ Frame 637D 43 B
340 B 885ms
294ms Image
image/gif 202.233.84.10
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microadinc.com/ic?ep=5ZOy9OBSBBgCrQhMqq54atPDllGZMugavgb4su7Gww5eftiLIg31jxV4xCQMKrWUH9g_AunFiwtixT1LxZTEIMjmfVg7YPaibQlPD1rF9avVyAT0EC6lvCMUNma1wQ07EuJ1uC5SWKVt-
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1187/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.10 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:57 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: image/gif
Connection: close
Content-Length: 57

GET
H2 200 f.js Show response
cdn-fluct.sh.adingo.jp/ Frame 0524 3 KB
3 KB 380ms
303ms Script
application/javascript 130.211.14.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000107338
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.14.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.14.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 94f36b60ffa01cf673284849dc3558bc77f69ade38897f6b9d88d831e803bf7e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:56 GMT
via: 1.1 google
last-modified: Mon, 12 Apr 2021 01:23:17 GMT
server: nginx
etag: "cf5ec206a0bc2705586f1c0fb0bd458b"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2747
expires: Mon, 28 Aug 2023 16:28:56 GMT

GET
H/1.1 200
200 ic
ssp.send.microadinc.com/ Frame 8230 43 B
340 B 882ms
293ms Image
image/gif 202.233.84.10
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microadinc.com/ic?ep=5ZOy9OBS-DwBc07thhlHpoLUJHN5lO8w2kQvn-inynDdjS1JOamqT5MAbjNDPVQEF6tpE9pa4DARYWKLR8huI4fxnMgzE6C_YpIgMC1lqmtTsK7vWz1AKC9jYHe-XmYBDRpoZ6gpG2S6M
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1188/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.10 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:57 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: image/gif
Connection: close
Content-Length: 57

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5D8 0
20 B 147ms
147ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKKwaNr3sZODaFridxtYPsKiMuAoAAAAAOAHgBAI&bg=!QkGlQQ7NAAYkVgHwBFY7ADQBe5WfOGoCPx0OTUJG5hB0pyVCAnIInPdE5Bqls_8-QnrdDKG7HWlXXOamm5SiugkkVtFoAgAAAdRSAAAAB2gBB5kDCGidYU7CCgcI4N4oUnXFlRyN2swQ5_KyH9tmYD773qQN3bwSJmmU_paf6Ay9YM0k9K50MAgtn0Zntz3MUqnBV1phCmUpgQg06AxyZOC4hbZ-jxbgXEiiqHhLK1kja_APtLcPBnL-IfAybFgzHOs2L0ji4N44zBfl01Wi3ccZii1Bze-gsLTfSK5uWppwl9uDF9VnBrPFtQv5-bpH1Ck2DoRsjbGou3v2uKiCgqUcoIld2SzC3WKZ6XXoKdaT5qtCnhzGUFMtBZUgN0SfhEE872SIUJO-6hLTTFkiyAapequg03AKHu-Q3YER3PCZKUJHdXg5Q8tlTjXDG86WPzaG1mG0_TPimDuMvKyi9aUpUiEte0SbMGzKSXs27ZZ-Lrb7rdquFdCg9f9HAOMZyuHlh6L1Jg7THe12fd8JAhLqTt1bT-F20NXzVufqqSpEVrzR9pcKq-lBm0Uf2rEFkolqJ5u2Q2Zj4kxANYm7TmSN8bkWlQv87fGVbtR_lKBb1MzUo3qOtK1-h3W0QeZvRWXHRG2eWVZh-uVHKFIL0qIFp25GrBFdRqWosVu-hw2d6VYRD9EEtQojjxrz0Szty9cnzJHsro05Gt3EsofSonkGxt1VEfaLlV8xTuLe7rC2pL-r0BQvmvIEh8W38OlyLUsDMSl_pGEOFcd9pOmCXisEeDCb7EGAfzURth-Ni7Ni9Dq1mqJ_LacGnX1vDdkFS6Y2GmTxGhV125BiY9XMc2ASBNimRbIP7X9aJIsht8psHV4hvB85nVPsEJ0WxQgpeoaUkyXQmOah3CVIQvTpUU663OXsQYdIYvlQmILNIoqP5lmyJ9ew499nPN4c1l0SX0NdZj1-_fDJ5ENHvpxUb3xeQu-hGyoYeIDkIMJKrMVmc6ka5JuQb10cHMWGy0JKVuqaZ4383yGDYvAzHHOUc3co6vzULfQQ_zonPQNM3rp6rudqC4aYp-b3ikAS9aXrNC-cft8TD3a59piMaAxzDwhtaNsyLjlOuO5vbqP0Tc7rlzbh2yf-6DJqvQp0

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 78ms
77ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 28 Aug 2023 15:28:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 widget.6521e226c52cfcf3cca7.js Show response
c.bannerflow.net/scripts/ Frame 5444 23 KB
9 KB 70ms
69ms Script
application/javascript 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/widget.6521e226c52cfcf3cca7.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/644a4d4989644c37b4d2581f?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstmuIZiVC_vnKZggVuay4m7EW0UOT17RGSzd-_XZicEu-4KhjyaJ7OmAGPBjUIyWOFySWpfscSykXsNoa3JvTOfA71vYs58cVHS9yg_Iw0hbWk-Mxfcni1kxgQNk5oLUGVR5dyFY8z7ulyku9EVmGzOLGbk95YUm3iXlHufk8pGuysmW4daXoXr3GoS72yWNZdpnBtwUUeNbFQ4QmkJMvFnYRxM8T1hK_iKTIQm0Ye0L0rQbGByOHQJc3JxAA_IOj9wf3Hv7Zyaf2rIEUFZc8-niJNpnO-NghMidXfbEXoJXXoDt_b_fm7dZtlXkCHl0cr98ylSoqLz31GXKaLvBr2FF70T32GO1WEKlCjX1AX8qA_hUu4tqQ6ytc0FGDFhFx6rscu43bk-yQL_fZeljXL28zHPD4Zl35XEioKbWf5jxH1XrC0WdcFsatZE2zotuw0d5HTfCnrohT77eMJ6D9yYSxDuo-_gZxw64w0v75pG7YIj4TByl_t73SBBI_vZZwKDJCbSry4xhrlNq3Y6OYCrEOz795bGLUqQbXjXwqQrwfecU4ZzzX2a0mCvL_FQ1oj3pUyw-ZzVzA_TNJGXpn890-QXZ8TdHJZf5fkxreQQ5Dt4KqIzsXQS6CvNrCF5oTmKEsfUqp-4XgQkWPTPn8sZHdvW-JHAchABOdZ-_SkXscBzkU5rUgtsHzz5AbqID2UDhOTLdSFVjy7KBUltFXJjjaPrUuQmgrdZYR7sMpgLd_WNgoKAcEhmbRiveVscAAPd0olwvCnx1Sj6heti7hahUL4MP7gL3791IElJcV_UysVz9evDa0hDw0odZ9QU-IbnZ9CssgDVZqSBzzd3kbOeRnAJxux1t-4yDgwGTt3PmUataRaQg0aCPqcd953h2pdteI-V7R0xk6ZLPaT-0L0TGi-fsNgqRiQOlyoFs-1alU8B-oTy04ZCdjtZXWQ6zqoBKCIr6MSoNXMo2ZWlhi3hDE_S8DoCZFyR4QULnVnaPohLNzHM_9vXwk0iwGJGLXIFRz-Mx3SY9DEgQQP9zi_7MtfDcc2zQ0eLkO8LL1VwJSGz6Dgfu3y7qTy6bqz7OBYjpabRKJhW4jSUdauqrHnpfVf60a2i3A8NmDsudiKuwwmqDQut81s7tJ70bMkZtFbOryMoVD8dkujoKnJ_E1XA4X3iPqjCxXxn-nYjEQrpeB1OINPsnO1vCZl7-duykkLIcfFDIA%26sai%3DAMfl-YSVS_2kv2kArP4_syzBMqB6FBxdCjF7IBtlfWjj62-hwwcMd9Kic32qX2d5jOjKxEcdobntkwcxMJ819UZaK_OPa7KhTyH7V6fhcrgWs3zb9S5yHD-2JzzOpjslAz-1YAbLewpJcLKoZaW81FX9pfkqTpL7iyU78cJiYolvMTIEF5T6UeAqSdM6KiHOG2-CbvIZeY0X6oCxN7fAj-jDRBvoI1KEQ4idKjybyQb9TFyxcxIpDWS8ibvbiWYjoVmN5w-sFNrwONrHaPuXA8eDOR_faQyp0KTeONZYygImU-4ZLo3hHXflBYZtte7s7Bx6cs_6VZ9aDcorh4P2qSJKxNmbfk5mGxx0C4sr7QI%26sig%3DCg0ArKJSzFWnr9l9VGdyEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fpl-pl%252Fproducts%252Fforex%253Fcmpid%253Ddisp_google_18021031909_145673789025_656617296655%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6d10e033b6c11514dcc70b6eca95b3ba2c34ed4dcad56b15b1c44233260d2e6

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 15:28:56 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: BR+X/mIblNYMKtrW+8QiJg==
age: 5463823
cf-polished: origSize=23370
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Mon, 26 Jun 2023 08:38:50 GMT
server: cloudflare
etag: W/"0x8DB7620C413E7B5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9a353399-601e-0039-3112-a8163a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7fdd96428e62fbc2-WAW

GET
H2 200 document.00000028A0A813.js Show response
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/4421796/6775318/ Frame 5444 114 KB
27 KB 68ms
68ms Script
application/javascript 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/4421796/6775318/document.00000028A0A813.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/644a4d4989644c37b4d2581f?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstmuIZiVC_vnKZggVuay4m7EW0UOT17RGSzd-_XZicEu-4KhjyaJ7OmAGPBjUIyWOFySWpfscSykXsNoa3JvTOfA71vYs58cVHS9yg_Iw0hbWk-Mxfcni1kxgQNk5oLUGVR5dyFY8z7ulyku9EVmGzOLGbk95YUm3iXlHufk8pGuysmW4daXoXr3GoS72yWNZdpnBtwUUeNbFQ4QmkJMvFnYRxM8T1hK_iKTIQm0Ye0L0rQbGByOHQJc3JxAA_IOj9wf3Hv7Zyaf2rIEUFZc8-niJNpnO-NghMidXfbEXoJXXoDt_b_fm7dZtlXkCHl0cr98ylSoqLz31GXKaLvBr2FF70T32GO1WEKlCjX1AX8qA_hUu4tqQ6ytc0FGDFhFx6rscu43bk-yQL_fZeljXL28zHPD4Zl35XEioKbWf5jxH1XrC0WdcFsatZE2zotuw0d5HTfCnrohT77eMJ6D9yYSxDuo-_gZxw64w0v75pG7YIj4TByl_t73SBBI_vZZwKDJCbSry4xhrlNq3Y6OYCrEOz795bGLUqQbXjXwqQrwfecU4ZzzX2a0mCvL_FQ1oj3pUyw-ZzVzA_TNJGXpn890-QXZ8TdHJZf5fkxreQQ5Dt4KqIzsXQS6CvNrCF5oTmKEsfUqp-4XgQkWPTPn8sZHdvW-JHAchABOdZ-_SkXscBzkU5rUgtsHzz5AbqID2UDhOTLdSFVjy7KBUltFXJjjaPrUuQmgrdZYR7sMpgLd_WNgoKAcEhmbRiveVscAAPd0olwvCnx1Sj6heti7hahUL4MP7gL3791IElJcV_UysVz9evDa0hDw0odZ9QU-IbnZ9CssgDVZqSBzzd3kbOeRnAJxux1t-4yDgwGTt3PmUataRaQg0aCPqcd953h2pdteI-V7R0xk6ZLPaT-0L0TGi-fsNgqRiQOlyoFs-1alU8B-oTy04ZCdjtZXWQ6zqoBKCIr6MSoNXMo2ZWlhi3hDE_S8DoCZFyR4QULnVnaPohLNzHM_9vXwk0iwGJGLXIFRz-Mx3SY9DEgQQP9zi_7MtfDcc2zQ0eLkO8LL1VwJSGz6Dgfu3y7qTy6bqz7OBYjpabRKJhW4jSUdauqrHnpfVf60a2i3A8NmDsudiKuwwmqDQut81s7tJ70bMkZtFbOryMoVD8dkujoKnJ_E1XA4X3iPqjCxXxn-nYjEQrpeB1OINPsnO1vCZl7-duykkLIcfFDIA%26sai%3DAMfl-YSVS_2kv2kArP4_syzBMqB6FBxdCjF7IBtlfWjj62-hwwcMd9Kic32qX2d5jOjKxEcdobntkwcxMJ819UZaK_OPa7KhTyH7V6fhcrgWs3zb9S5yHD-2JzzOpjslAz-1YAbLewpJcLKoZaW81FX9pfkqTpL7iyU78cJiYolvMTIEF5T6UeAqSdM6KiHOG2-CbvIZeY0X6oCxN7fAj-jDRBvoI1KEQ4idKjybyQb9TFyxcxIpDWS8ibvbiWYjoVmN5w-sFNrwONrHaPuXA8eDOR_faQyp0KTeONZYygImU-4ZLo3hHXflBYZtte7s7Bx6cs_6VZ9aDcorh4P2qSJKxNmbfk5mGxx0C4sr7QI%26sig%3DCg0ArKJSzFWnr9l9VGdyEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fpl-pl%252Fproducts%252Fforex%253Fcmpid%253Ddisp_google_18021031909_145673789025_656617296655%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba79f10e2c0d5c4549f9414fea4f08bccdc1d40e917c91f9a4753b5f1989676a

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 15:28:56 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 2o3ZOQlP3cEGp8X6tyLubg==
age: 1374668
cf-polished: origSize=121577
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Tue, 11 Jul 2023 11:44:58 GMT
server: cloudflare
etag: W/"0x8DB82044103284F"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d170aa28-e01e-00a1-1943-cd365b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7fdd96428e64fbc2-WAW

GET
H2 200 animated-creative.80566aad0db45ccaad54.js Show response
c.bannerflow.net/scripts/ Frame 5444 155 KB
53 KB 39ms
38ms Script
application/javascript 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.80566aad0db45ccaad54.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/644a4d4989644c37b4d2581f?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstmuIZiVC_vnKZggVuay4m7EW0UOT17RGSzd-_XZicEu-4KhjyaJ7OmAGPBjUIyWOFySWpfscSykXsNoa3JvTOfA71vYs58cVHS9yg_Iw0hbWk-Mxfcni1kxgQNk5oLUGVR5dyFY8z7ulyku9EVmGzOLGbk95YUm3iXlHufk8pGuysmW4daXoXr3GoS72yWNZdpnBtwUUeNbFQ4QmkJMvFnYRxM8T1hK_iKTIQm0Ye0L0rQbGByOHQJc3JxAA_IOj9wf3Hv7Zyaf2rIEUFZc8-niJNpnO-NghMidXfbEXoJXXoDt_b_fm7dZtlXkCHl0cr98ylSoqLz31GXKaLvBr2FF70T32GO1WEKlCjX1AX8qA_hUu4tqQ6ytc0FGDFhFx6rscu43bk-yQL_fZeljXL28zHPD4Zl35XEioKbWf5jxH1XrC0WdcFsatZE2zotuw0d5HTfCnrohT77eMJ6D9yYSxDuo-_gZxw64w0v75pG7YIj4TByl_t73SBBI_vZZwKDJCbSry4xhrlNq3Y6OYCrEOz795bGLUqQbXjXwqQrwfecU4ZzzX2a0mCvL_FQ1oj3pUyw-ZzVzA_TNJGXpn890-QXZ8TdHJZf5fkxreQQ5Dt4KqIzsXQS6CvNrCF5oTmKEsfUqp-4XgQkWPTPn8sZHdvW-JHAchABOdZ-_SkXscBzkU5rUgtsHzz5AbqID2UDhOTLdSFVjy7KBUltFXJjjaPrUuQmgrdZYR7sMpgLd_WNgoKAcEhmbRiveVscAAPd0olwvCnx1Sj6heti7hahUL4MP7gL3791IElJcV_UysVz9evDa0hDw0odZ9QU-IbnZ9CssgDVZqSBzzd3kbOeRnAJxux1t-4yDgwGTt3PmUataRaQg0aCPqcd953h2pdteI-V7R0xk6ZLPaT-0L0TGi-fsNgqRiQOlyoFs-1alU8B-oTy04ZCdjtZXWQ6zqoBKCIr6MSoNXMo2ZWlhi3hDE_S8DoCZFyR4QULnVnaPohLNzHM_9vXwk0iwGJGLXIFRz-Mx3SY9DEgQQP9zi_7MtfDcc2zQ0eLkO8LL1VwJSGz6Dgfu3y7qTy6bqz7OBYjpabRKJhW4jSUdauqrHnpfVf60a2i3A8NmDsudiKuwwmqDQut81s7tJ70bMkZtFbOryMoVD8dkujoKnJ_E1XA4X3iPqjCxXxn-nYjEQrpeB1OINPsnO1vCZl7-duykkLIcfFDIA%26sai%3DAMfl-YSVS_2kv2kArP4_syzBMqB6FBxdCjF7IBtlfWjj62-hwwcMd9Kic32qX2d5jOjKxEcdobntkwcxMJ819UZaK_OPa7KhTyH7V6fhcrgWs3zb9S5yHD-2JzzOpjslAz-1YAbLewpJcLKoZaW81FX9pfkqTpL7iyU78cJiYolvMTIEF5T6UeAqSdM6KiHOG2-CbvIZeY0X6oCxN7fAj-jDRBvoI1KEQ4idKjybyQb9TFyxcxIpDWS8ibvbiWYjoVmN5w-sFNrwONrHaPuXA8eDOR_faQyp0KTeONZYygImU-4ZLo3hHXflBYZtte7s7Bx6cs_6VZ9aDcorh4P2qSJKxNmbfk5mGxx0C4sr7QI%26sig%3DCg0ArKJSzFWnr9l9VGdyEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fpl-pl%252Fproducts%252Fforex%253Fcmpid%253Ddisp_google_18021031909_145673789025_656617296655%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be721fab17ac58de873aa54537193d60b334335491a6a1faa222f2f57be1fd87

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 15:28:56 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 2kMvAV2hMYY9VqrcIU1JyA==
age: 4673455
cf-polished: origSize=159295
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 12:51:30 GMT
server: cloudflare
etag: W/"0x8DB7D568DE6300D"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6292aba2-201e-0065-6043-af4362000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7fdd96428e65fbc2-WAW

GET
H2 200 widget.6521e226c52cfcf3cca7.js Show response
c.bannerflow.net/scripts/ Frame 8B9C 23 KB
9 KB 35ms
35ms Script
application/javascript 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/widget.6521e226c52cfcf3cca7.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/644a4d4989644c37b4d2581f?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssSDSAxPKANI2UVXtRiIVCY5RK-DGpa0C6-EhdQbiOkza2EPA9e-rfK4lABj1orCzQBFm7CEZ6w0FzpZKCC91QxM_I-UTA-qje40qYonHg8C9V1kOP6QFj6r0UbUQUDIixuNcdzvZwNIW7WoKDXcJPHC-jqlXPfN93yUGKBdyceZsiBrbiPDoaFmgE40Wn8a4QHD9od63xXUlHZWOO6ho3dngBA0epxFB2d8tCozehmi14Cqp-4Hkxl3DQ5vHoOAOmonofkbir53KfT_4ujqciDza2XA3WkB9BM1ER8-gS1mKFwCvsZibLd6WqdLJy7uEfpXdInrmT1dV4Ujq0qf7RvqWcLELAF9xpK6CD2-0H0f2FKb4RhZg0DSZomglP9FBJGymVU-jXFkrLVncwdF2h9dAFDkU73zTSbpC7HN0JRzqotMQOKCCfjDEurKirAuU9H0s4KuE10iLuMyeAHceg-IrQaWJaJPj7kXXxRXHufM9sF24TqVimgLFuZh46ss_jab_Tdlw2QsTO2KKXCYSgmF6zHmdN46Zc5HsXJ01AFxYuXKAHXGJlrCLPXv0hI8iRDtS8K0Fl8bP0J7kRVXq_w-Yvspm7zdV03y88XvbzOi4fqnEYJ9wf2Iyt-Lgzxwc5PHo_GSlNEc70lBJJEHAJmG4P8xChw8df4dFxQO_FYYfo-Kc-e20lYoTRyAXAnbAOr6agrIqvsDiIZZLmTxqJfoHhSoYoIK-pvmdQfhQdztm5sa3mAQdgO2w_-rlDUxUUOZWwQurxR7jdX4s2dJsvAZLs8A1Msk6Y6w6i59xqU4YJTuFpBQrQcKq-1M7g0fi_zPF8V4-r4AyH7nvWEuhoE9TItqwE3lK5hMKgoVZ_87LC16NDYMR91CvxZb9UPMjaXcTSVjfFnqJs-Cl7Fzv0B1usMsXPLrsQ7MEOXEIe6vC0E8D33oZQ1G5iG0Cf-6TsNeQ1PJ_IGG1xL9lN0ibjH269byZ-tBlOsG_H3lGlwNeOgWti7dxn8v13f7YlnKn6UhJu5qvt1xFdIXaSyPH9UYyEG6cdkmDGRvTD0MF1xzD9M_p_2jYQ7PzFLlybKf-FTt0yM6d9Fp5IFNcEMzdiNj3A4Z-hf3TY-WmsA2EKCJ3GawXT14mdPX30r2fWmxejl1Qqp_lxYAz3DNB7sIoac-P45sFEV7gyQL_sAWOs2U4BZ_5lXGK9KCmBjFSYnecmzFJMKTLM_%26sai%3DAMfl-YRyfmt5tzcI4Ox-Y9nJ8Q4S4-hM_FhVWWDm7wimDgScvTbzv4juZNnjb44AbPw1fmR_-j4Prj4sHkLEdCRdq8-7V2laMXUQMtIJldsH564d1eQxL3z9HThFp4l0d7qFCOiN1Xq35tmbCAEB-dIqqbsUTxHpEDMeTJ5r2IRHIGoz2c4vqix9mIwgF11zN_k3HzLQlhlLm0FHEtg20SIZB2YOXijGDEw_at6IpihePrvz7BmAFYsTYwZkp3ncuVr6E4WsUuXhy-52h8ztDATQb-AUzdxQbcKDbTuWXq86oIJydDF7qT0Xr_MnF56Z1eivOe3FI9ONUg2dV0mlvAtt0qBvkT3AX1f07153tNg%26sig%3DCg0ArKJSzEfDb9rMemImEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fpl-pl%252Fproducts%252Fforex%253Fcmpid%253Ddisp_google_18021031909_145673789025_656617296655%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6d10e033b6c11514dcc70b6eca95b3ba2c34ed4dcad56b15b1c44233260d2e6

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 15:28:56 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: BR+X/mIblNYMKtrW+8QiJg==
age: 5463823
cf-polished: origSize=23370
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Mon, 26 Jun 2023 08:38:50 GMT
server: cloudflare
etag: W/"0x8DB7620C413E7B5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9a353399-601e-0039-3112-a8163a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7fdd96428e70fbc2-WAW

GET
H2 200 document.00000028A0A813.js Show response
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/4421796/6775318/ Frame 8B9C 114 KB
27 KB 38ms
37ms Script
application/javascript 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/4421796/6775318/document.00000028A0A813.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/644a4d4989644c37b4d2581f?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssSDSAxPKANI2UVXtRiIVCY5RK-DGpa0C6-EhdQbiOkza2EPA9e-rfK4lABj1orCzQBFm7CEZ6w0FzpZKCC91QxM_I-UTA-qje40qYonHg8C9V1kOP6QFj6r0UbUQUDIixuNcdzvZwNIW7WoKDXcJPHC-jqlXPfN93yUGKBdyceZsiBrbiPDoaFmgE40Wn8a4QHD9od63xXUlHZWOO6ho3dngBA0epxFB2d8tCozehmi14Cqp-4Hkxl3DQ5vHoOAOmonofkbir53KfT_4ujqciDza2XA3WkB9BM1ER8-gS1mKFwCvsZibLd6WqdLJy7uEfpXdInrmT1dV4Ujq0qf7RvqWcLELAF9xpK6CD2-0H0f2FKb4RhZg0DSZomglP9FBJGymVU-jXFkrLVncwdF2h9dAFDkU73zTSbpC7HN0JRzqotMQOKCCfjDEurKirAuU9H0s4KuE10iLuMyeAHceg-IrQaWJaJPj7kXXxRXHufM9sF24TqVimgLFuZh46ss_jab_Tdlw2QsTO2KKXCYSgmF6zHmdN46Zc5HsXJ01AFxYuXKAHXGJlrCLPXv0hI8iRDtS8K0Fl8bP0J7kRVXq_w-Yvspm7zdV03y88XvbzOi4fqnEYJ9wf2Iyt-Lgzxwc5PHo_GSlNEc70lBJJEHAJmG4P8xChw8df4dFxQO_FYYfo-Kc-e20lYoTRyAXAnbAOr6agrIqvsDiIZZLmTxqJfoHhSoYoIK-pvmdQfhQdztm5sa3mAQdgO2w_-rlDUxUUOZWwQurxR7jdX4s2dJsvAZLs8A1Msk6Y6w6i59xqU4YJTuFpBQrQcKq-1M7g0fi_zPF8V4-r4AyH7nvWEuhoE9TItqwE3lK5hMKgoVZ_87LC16NDYMR91CvxZb9UPMjaXcTSVjfFnqJs-Cl7Fzv0B1usMsXPLrsQ7MEOXEIe6vC0E8D33oZQ1G5iG0Cf-6TsNeQ1PJ_IGG1xL9lN0ibjH269byZ-tBlOsG_H3lGlwNeOgWti7dxn8v13f7YlnKn6UhJu5qvt1xFdIXaSyPH9UYyEG6cdkmDGRvTD0MF1xzD9M_p_2jYQ7PzFLlybKf-FTt0yM6d9Fp5IFNcEMzdiNj3A4Z-hf3TY-WmsA2EKCJ3GawXT14mdPX30r2fWmxejl1Qqp_lxYAz3DNB7sIoac-P45sFEV7gyQL_sAWOs2U4BZ_5lXGK9KCmBjFSYnecmzFJMKTLM_%26sai%3DAMfl-YRyfmt5tzcI4Ox-Y9nJ8Q4S4-hM_FhVWWDm7wimDgScvTbzv4juZNnjb44AbPw1fmR_-j4Prj4sHkLEdCRdq8-7V2laMXUQMtIJldsH564d1eQxL3z9HThFp4l0d7qFCOiN1Xq35tmbCAEB-dIqqbsUTxHpEDMeTJ5r2IRHIGoz2c4vqix9mIwgF11zN_k3HzLQlhlLm0FHEtg20SIZB2YOXijGDEw_at6IpihePrvz7BmAFYsTYwZkp3ncuVr6E4WsUuXhy-52h8ztDATQb-AUzdxQbcKDbTuWXq86oIJydDF7qT0Xr_MnF56Z1eivOe3FI9ONUg2dV0mlvAtt0qBvkT3AX1f07153tNg%26sig%3DCg0ArKJSzEfDb9rMemImEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fpl-pl%252Fproducts%252Fforex%253Fcmpid%253Ddisp_google_18021031909_145673789025_656617296655%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba79f10e2c0d5c4549f9414fea4f08bccdc1d40e917c91f9a4753b5f1989676a

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 15:28:56 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 2o3ZOQlP3cEGp8X6tyLubg==
age: 1374668
cf-polished: origSize=121577
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Tue, 11 Jul 2023 11:44:58 GMT
server: cloudflare
etag: W/"0x8DB82044103284F"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d170aa28-e01e-00a1-1943-cd365b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7fdd96429e72fbc2-WAW

GET
H2 200 animated-creative.80566aad0db45ccaad54.js Show response
c.bannerflow.net/scripts/ Frame 8B9C 155 KB
53 KB 63ms
62ms Script
application/javascript 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.80566aad0db45ccaad54.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/644a4d4989644c37b4d2581f?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssSDSAxPKANI2UVXtRiIVCY5RK-DGpa0C6-EhdQbiOkza2EPA9e-rfK4lABj1orCzQBFm7CEZ6w0FzpZKCC91QxM_I-UTA-qje40qYonHg8C9V1kOP6QFj6r0UbUQUDIixuNcdzvZwNIW7WoKDXcJPHC-jqlXPfN93yUGKBdyceZsiBrbiPDoaFmgE40Wn8a4QHD9od63xXUlHZWOO6ho3dngBA0epxFB2d8tCozehmi14Cqp-4Hkxl3DQ5vHoOAOmonofkbir53KfT_4ujqciDza2XA3WkB9BM1ER8-gS1mKFwCvsZibLd6WqdLJy7uEfpXdInrmT1dV4Ujq0qf7RvqWcLELAF9xpK6CD2-0H0f2FKb4RhZg0DSZomglP9FBJGymVU-jXFkrLVncwdF2h9dAFDkU73zTSbpC7HN0JRzqotMQOKCCfjDEurKirAuU9H0s4KuE10iLuMyeAHceg-IrQaWJaJPj7kXXxRXHufM9sF24TqVimgLFuZh46ss_jab_Tdlw2QsTO2KKXCYSgmF6zHmdN46Zc5HsXJ01AFxYuXKAHXGJlrCLPXv0hI8iRDtS8K0Fl8bP0J7kRVXq_w-Yvspm7zdV03y88XvbzOi4fqnEYJ9wf2Iyt-Lgzxwc5PHo_GSlNEc70lBJJEHAJmG4P8xChw8df4dFxQO_FYYfo-Kc-e20lYoTRyAXAnbAOr6agrIqvsDiIZZLmTxqJfoHhSoYoIK-pvmdQfhQdztm5sa3mAQdgO2w_-rlDUxUUOZWwQurxR7jdX4s2dJsvAZLs8A1Msk6Y6w6i59xqU4YJTuFpBQrQcKq-1M7g0fi_zPF8V4-r4AyH7nvWEuhoE9TItqwE3lK5hMKgoVZ_87LC16NDYMR91CvxZb9UPMjaXcTSVjfFnqJs-Cl7Fzv0B1usMsXPLrsQ7MEOXEIe6vC0E8D33oZQ1G5iG0Cf-6TsNeQ1PJ_IGG1xL9lN0ibjH269byZ-tBlOsG_H3lGlwNeOgWti7dxn8v13f7YlnKn6UhJu5qvt1xFdIXaSyPH9UYyEG6cdkmDGRvTD0MF1xzD9M_p_2jYQ7PzFLlybKf-FTt0yM6d9Fp5IFNcEMzdiNj3A4Z-hf3TY-WmsA2EKCJ3GawXT14mdPX30r2fWmxejl1Qqp_lxYAz3DNB7sIoac-P45sFEV7gyQL_sAWOs2U4BZ_5lXGK9KCmBjFSYnecmzFJMKTLM_%26sai%3DAMfl-YRyfmt5tzcI4Ox-Y9nJ8Q4S4-hM_FhVWWDm7wimDgScvTbzv4juZNnjb44AbPw1fmR_-j4Prj4sHkLEdCRdq8-7V2laMXUQMtIJldsH564d1eQxL3z9HThFp4l0d7qFCOiN1Xq35tmbCAEB-dIqqbsUTxHpEDMeTJ5r2IRHIGoz2c4vqix9mIwgF11zN_k3HzLQlhlLm0FHEtg20SIZB2YOXijGDEw_at6IpihePrvz7BmAFYsTYwZkp3ncuVr6E4WsUuXhy-52h8ztDATQb-AUzdxQbcKDbTuWXq86oIJydDF7qT0Xr_MnF56Z1eivOe3FI9ONUg2dV0mlvAtt0qBvkT3AX1f07153tNg%26sig%3DCg0ArKJSzEfDb9rMemImEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fpl-pl%252Fproducts%252Fforex%253Fcmpid%253Ddisp_google_18021031909_145673789025_656617296655%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be721fab17ac58de873aa54537193d60b334335491a6a1faa222f2f57be1fd87

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 15:28:56 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 2kMvAV2hMYY9VqrcIU1JyA==
age: 4673455
cf-polished: origSize=159295
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 12:51:30 GMT
server: cloudflare
etag: W/"0x8DB7D568DE6300D"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6292aba2-201e-0065-6043-af4362000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7fdd96429e74fbc2-WAW

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DEEA 0
20 B 148ms
148ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMjMONr3sZOHaFridxtYPsKiMuAoAAAAAOAHgBAI&bg=!7O-l76DNAAYkVgHwBFY7ADQBe5WfOJ8McFcx_CIGudAZHOnDxPMroChLk-tgVyf9A44gOAvcRMERtt09U709nkxuqCa6AgAAAZ5SAAAAB2gBBwoAJRHV1pZ58jP-PWckcPab6MWjPjbZ9hp2id4DFPsEP-JbZZQnktWZAxmpeOUoFis7Cbb_zrtDDrN9IH0fCL1TUsHa5HqondtNgCoFYhmwQ42D8v1L-r1cFcUZfq7ycnV-vuHjLzZ4AL64MCa0w0HjndThgzoLvybRZ-YSKGdm_fUriFYBIxlL8l5m3BEvq2hNZDOdqm04NLJeQAllTujJSADbhGz9f712D-LdgosO_a0m4t3aWUvLBXkwTDqTYO_n-S16puH_gcej-3TQJHP5po_QIoROj-A9Wpffp6CYAU6waiO-tjIBNf8h4T-2CsYfefGAA20YgMnZETmM3T4dsIsvx_6uCskGuJt2m_JHoLFihLa39XYoa6BnrYh73Wj50P24-IQFs8HWaKCdxBOVxWYbHGKZmXb-7WXib4ldKh5SZTyuReyhRTfmLCKDH5JGYa5QRDH_1LcGhQwvx_5qFdeb8st0wSkZUMTe98ij9jTmsNKOc-yI-x1ImPfJZNY-egqAa6cG2CmljpYxT2t6yngSqvDBy7I9zYXau5Ccp80o15N2rCFvvno1UZgmJYFWOsCKZ_WQOgXzVMD_w4FBw87-JngZq9gCWG-VCEEAJrzbtFFeE4ZWh3eIlMtffOrmxeoajH_TZfi2jq1wkRXlhx4z1t_DSDVZrOX0UIHOKeMUgG-YCvvLXEEcic2XfMDMsbnI6sdL7b95eHWw_nQqz0Jeo-xvDAwNuHsQkiCnrvxc-83CCORZ1iHSF7JsHoRCZ5gf3XzApKif7B2GYz6PC-LKHUfS_7TAwac6FakxbPumkQcLpVBUtuMmSOmEpr3SXxWuhgLmSp72J2qre5xIR4KDmVsNPVXzt1fMYq5D-l2TobXvxLAjTqEBd7pHJouYj8V-F_KMhJ0JGMf5eRz346Hrn74u3o92VoHKZ48l1jtwhMddDbpozONOKeVN9P0vPr55oUV2MlCMv9kr8Jg11IEdXefm7fVogGSI3W1PVl1_99xKcJmTGgXY8JNT80JaOLfagVDXdLgTbXrriwtvKPMH_OCFtIj-27qHgEnnt9MrHF0NX-cFh0NaAF-v2PPDRwZSrbfDN-xJxcyOXHJFb4R_

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5444 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK b96ab2ad-35cb-4763-82c5-34d526847a28 Show response
https://s0.2mdn.net/ Frame 27E3 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://s0.2mdn.net/b96ab2ad-35cb-4763-82c5-34d526847a28
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.80566aad0db45ccaad54.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 668
Content-Type

GET
DATA 200
OK truncated
/ Frame 8B9C 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK a87fa8f9-44af-4d8b-ab95-299f4fcb4eda Show response
https://s0.2mdn.net/ Frame A11E 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://s0.2mdn.net/a87fa8f9-44af-4d8b-ab95-299f4fcb4eda
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.80566aad0db45ccaad54.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 668
Content-Type

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 5444 29 KB
29 KB 102ms
42ms Font
font/woff 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F80e96a5f-eddf-4121-a75c-0206e164272c.woff&t=%0A%20%25%2C.56CDFHPabcdefghijklmnoprstuwyz%C3%B3%C4%85%C4%87%C4%99%C5%BC%CC%81%CC%87%CC%A8
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12848455575800905728/CEE-PL_FX_Productrange-Polish-160x600-638181878750177544-2a8953fd-4da6-43f1-a1ab-5e58d59c9f74.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7265799bb043ff0850ec4afbc183bd1b13b74b744f6bd52580cb7706f339c75b

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:57 GMT
cf-cache-status: HIT
last-modified: Sat, 12 Aug 2023 11:40:15 GMT
server: cloudflare
age: 1396122
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=80e96a5f-eddf-4121-a75c-0206e164272c-subset.woff
cf-ray: 7fdd96445a9e0043-WAW
expires: Sun, 11 Aug 2024 11:40:15 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 8B9C 29 KB
29 KB 78ms
43ms Font
font/woff 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F80e96a5f-eddf-4121-a75c-0206e164272c.woff&t=%0A%20%25%2C.56CDFHPabcdefghijklmnoprstuwyz%C3%B3%C4%85%C4%87%C4%99%C5%BC%CC%81%CC%87%CC%A8
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12848455575800905728/CEE-PL_FX_Productrange-Polish-160x600-638181878750177544-2a8953fd-4da6-43f1-a1ab-5e58d59c9f74.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7265799bb043ff0850ec4afbc183bd1b13b74b744f6bd52580cb7706f339c75b

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:57 GMT
cf-cache-status: HIT
last-modified: Sat, 12 Aug 2023 11:40:15 GMT
server: cloudflare
age: 1396122
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=80e96a5f-eddf-4121-a75c-0206e164272c-subset.woff
cf-ray: 7fdd96445a9f0043-WAW
expires: Sun, 11 Aug 2024 11:40:15 GMT

GET
H2 200 / Show response
sh.adingo.jp/ Frame 0524 3 KB
2 KB 834ms
283ms Script
application/x-javascript 54.248.70.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.adingo.jp/?G=1000107338&href=http%3A%2F%2Flanterman.web.fc2.com%2F&serial=37139537830905&guid=ON

Requested by

Host: cdn-fluct.sh.adingo.jp
URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000107338

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.248.70.17 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-248-70-17.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d364379e39bd73243c92d582a229f2058c1b375fb4845fa826b51606fa579ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 15:28:57 GMT
server: nginx
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
cache-control: no-cache, must-revalidate
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
sh.adingo.jp/ Frame F1CD 3 KB
2 KB 833ms
284ms Script
application/x-javascript 54.248.70.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.adingo.jp/?G=1000107337&href=http%3A%2F%2Flanterman.web.fc2.com%2F&serial=16418832148953&guid=ON

Requested by

Host: cdn-fluct.sh.adingo.jp
URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000107337

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.248.70.17 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-248-70-17.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

35da628c4c3380e6bef9589cc49222b098d76d7678f6a1b1b6a9e2bab5d72a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 15:28:57 GMT
server: nginx
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
cache-control: no-cache, must-revalidate
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 5444 6 KB
6 KB 36ms
36ms Font
font/woff 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c.woff&t=%20CFSXacdefijlmoprstwy
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12848455575800905728/CEE-PL_FX_Productrange-Polish-160x600-638181878750177544-2a8953fd-4da6-43f1-a1ab-5e58d59c9f74.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2c245946327808ec3736d7908377405c5b02820a976c3dd83d49cd0769a7cd8

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:57 GMT
cf-cache-status: HIT
last-modified: Wed, 03 May 2023 12:03:54 GMT
server: cloudflare
age: 10121103
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c-subset.woff
cf-ray: 7fdd96449ae50043-WAW
expires: Thu, 02 May 2024 12:03:54 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 8B9C 6 KB
6 KB 35ms
35ms Font
font/woff 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c.woff&t=%20CFSXacdefijlmoprstwy
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12848455575800905728/CEE-PL_FX_Productrange-Polish-160x600-638181878750177544-2a8953fd-4da6-43f1-a1ab-5e58d59c9f74.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2c245946327808ec3736d7908377405c5b02820a976c3dd83d49cd0769a7cd8

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:57 GMT
cf-cache-status: HIT
last-modified: Wed, 03 May 2023 12:03:54 GMT
server: cloudflare
age: 10121103
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c-subset.woff
cf-ray: 7fdd96449ae60043-WAW
expires: Thu, 02 May 2024 12:03:54 GMT

GET
H2 200 021777fe-341b-416a-97a2-eb2576dc6474.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame CD30 205 B
332 B 51ms
50ms Image
image/svg+xml 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/021777fe-341b-416a-97a2-eb2576dc6474.svg
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb10b5a2cb6055872cb8130282367a591dd1dc5ed296d69398582d6034870a95

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 15:28:57 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: zS+vYkrSP7hxgCQn7kIbEQ==
age: 216
x-ms-lease-status: unlocked
last-modified: Tue, 13 Dec 2022 10:04:50 GMT
server: cloudflare
etag: W/"0x8DADCF178F32AE4"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: cf37b113-a01e-00a0-1f55-b46987000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7fdd9644e9fffbc2-WAW

GET
H2 200 9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame CD30 217 B
312 B 40ms
39ms Image
image/svg+xml 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58550bfbd57abaa8f64bf8a14889e10a3726eaea36bf0c08a9f613fc29916c17

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 15:28:57 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: jWK2YKDGtOC5ylmcMWhtkw==
age: 216
x-ms-lease-status: unlocked
last-modified: Thu, 22 Sep 2022 09:21:09 GMT
server: cloudflare
etag: W/"0x8DA9C7BC8F9699C"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: fb560b74-a01e-0026-54e6-31a53e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7fdd9644ea02fbc2-WAW

GET
H2 200 56b6779b-5131-4891-a2ff-8ab4f55dc4c4.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame CD30 6 KB
3 KB 44ms
43ms Image
image/svg+xml 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/56b6779b-5131-4891-a2ff-8ab4f55dc4c4.svg
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8e197368871cd4061fa33bf5b1aef8a02b73575144963e6e930d35b7186190d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 15:28:57 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 4OwxmLD3WpKVbCNL8a+B+w==
age: 216
x-ms-lease-status: unlocked
last-modified: Tue, 13 Dec 2022 10:19:31 GMT
server: cloudflare
etag: W/"0x8DADCF38623156A"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 117abbd7-e01e-0018-67c6-963241000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7fdd9644ea03fbc2-WAW

GET
H2 200 7d56cabf-5616-4f5c-98e3-0898795d6f2c.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame CD30 361 B
507 B 36ms
36ms Image
image/svg+xml 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/7d56cabf-5616-4f5c-98e3-0898795d6f2c.svg
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 148786284342af63df57c33534fa5940616d81a9d181b789016dfdc2c26f1da5

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 15:28:57 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: RUbP+sQxMgp/o5unKdEvSg==
age: 3251
x-ms-lease-status: unlocked
last-modified: Tue, 13 Dec 2022 12:36:07 GMT
server: cloudflare
etag: W/"0x8DADD069B8C58B6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 4798c11a-401e-005c-32fc-2fb87e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7fdd9644ea04fbc2-WAW

GET
H2 200 021777fe-341b-416a-97a2-eb2576dc6474.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame D0FA 205 B
217 B 36ms
35ms Image
image/svg+xml 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/021777fe-341b-416a-97a2-eb2576dc6474.svg
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.80566aad0db45ccaad54.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb10b5a2cb6055872cb8130282367a591dd1dc5ed296d69398582d6034870a95

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 15:28:57 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: zS+vYkrSP7hxgCQn7kIbEQ==
age: 216
x-ms-lease-status: unlocked
last-modified: Tue, 13 Dec 2022 10:04:50 GMT
server: cloudflare
etag: W/"0x8DADCF178F32AE4"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: cf37b113-a01e-00a0-1f55-b46987000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7fdd96453a75fbc2-WAW

GET
H2 200 9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame D0FA 217 B
218 B 41ms
41ms Image
image/svg+xml 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.80566aad0db45ccaad54.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58550bfbd57abaa8f64bf8a14889e10a3726eaea36bf0c08a9f613fc29916c17

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 15:28:57 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: jWK2YKDGtOC5ylmcMWhtkw==
age: 216
x-ms-lease-status: unlocked
last-modified: Thu, 22 Sep 2022 09:21:09 GMT
server: cloudflare
etag: W/"0x8DA9C7BC8F9699C"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: fb560b74-a01e-0026-54e6-31a53e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7fdd96453a77fbc2-WAW

GET
H2 200 56b6779b-5131-4891-a2ff-8ab4f55dc4c4.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame D0FA 6 KB
3 KB 35ms
34ms Image
image/svg+xml 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/56b6779b-5131-4891-a2ff-8ab4f55dc4c4.svg
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.80566aad0db45ccaad54.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8e197368871cd4061fa33bf5b1aef8a02b73575144963e6e930d35b7186190d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 15:28:57 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 4OwxmLD3WpKVbCNL8a+B+w==
age: 216
x-ms-lease-status: unlocked
last-modified: Tue, 13 Dec 2022 10:19:31 GMT
server: cloudflare
etag: W/"0x8DADCF38623156A"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 117abbd7-e01e-0018-67c6-963241000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7fdd96453a7bfbc2-WAW

GET
H2 200 7d56cabf-5616-4f5c-98e3-0898795d6f2c.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame D0FA 361 B
254 B 42ms
35ms Image
image/svg+xml 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/7d56cabf-5616-4f5c-98e3-0898795d6f2c.svg
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.80566aad0db45ccaad54.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 148786284342af63df57c33534fa5940616d81a9d181b789016dfdc2c26f1da5

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 15:28:57 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: RUbP+sQxMgp/o5unKdEvSg==
age: 3251
x-ms-lease-status: unlocked
last-modified: Tue, 13 Dec 2022 12:36:07 GMT
server: cloudflare
etag: W/"0x8DADD069B8C58B6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 4798c11a-401e-005c-32fc-2fb87e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7fdd96454a9efbc2-WAW

GET
H2 206 Saxo_AO_FX_Mobile_6Screens_2-84d8088b35094022aaf0c5f07eb84dc8.webm
c.bannerflow.net/bf-videos/5a0d39df4b0d911948f0e725/ Frame 6EF8 158 KB
0 40ms
39ms Media
video/webm 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/bf-videos/5a0d39df4b0d911948f0e725/Saxo_AO_FX_Mobile_6Screens_2-84d8088b35094022aaf0c5f07eb84dc8.webm
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Range: bytes=0-

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 15:28:57 GMT
cf-cache-status: HIT
content-md5: OFYc5X7YcCZ2E/yzoqjyag==
age: 2752
x-ms-server-encrypted: true
Content-Range: bytes 0-434886/434887
Content-Length: 434887
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Fri, 28 Apr 2023 09:11:40 GMT
last-modified: Fri, 28 Apr 2023 09:11:40 GMT
server: cloudflare
etag: "0x8DB47C89439F0EB"
vary: Accept-Encoding
content-type: video/webm
access-control-allow-origin: *
x-ms-request-id: 8468cecc-601e-0056-24ed-b3b0b8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-creation-time,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2020-06-12
cf-ray: 7fdd96456ad1fbc2-WAW

GET
H2 206 Saxo_AO_FX_Mobile_6Screens_2-84d8088b35094022aaf0c5f07eb84dc8.webm
c.bannerflow.net/bf-videos/5a0d39df4b0d911948f0e725/ Frame BEE1 207 KB
0 40ms
39ms Media
video/webm 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/bf-videos/5a0d39df4b0d911948f0e725/Saxo_AO_FX_Mobile_6Screens_2-84d8088b35094022aaf0c5f07eb84dc8.webm
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Range: bytes=0-

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 15:28:57 GMT
cf-cache-status: HIT
content-md5: OFYc5X7YcCZ2E/yzoqjyag==
age: 2752
x-ms-server-encrypted: true
Content-Range: bytes 0-434886/434887
Content-Length: 434887
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Fri, 28 Apr 2023 09:11:40 GMT
last-modified: Fri, 28 Apr 2023 09:11:40 GMT
server: cloudflare
etag: "0x8DB47C89439F0EB"
vary: Accept-Encoding
content-type: video/webm
access-control-allow-origin: *
x-ms-request-id: 8468cecc-601e-0056-24ed-b3b0b8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-creation-time,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2020-06-12
cf-ray: 7fdd9645ab17fbc2-WAW

GET
H2 206 Saxo_AO_FX_Mobile_6Screens_2-84d8088b35094022aaf0c5f07eb84dc8.webm
c.bannerflow.net/bf-videos/5a0d39df4b0d911948f0e725/ Frame 6EF8 9 KB
9 KB 40ms
39ms Media
video/webm 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/bf-videos/5a0d39df4b0d911948f0e725/Saxo_AO_FX_Mobile_6Screens_2-84d8088b35094022aaf0c5f07eb84dc8.webm
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b38e80da7031f17f6ef63675bf24cf989edead68b6c2331028da2a253ee32c01

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Range: bytes=425984-

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 15:28:57 GMT
cf-cache-status: HIT
content-md5: OFYc5X7YcCZ2E/yzoqjyag==
age: 2752
x-ms-server-encrypted: true
Content-Range: bytes 425984-434886/434887
Content-Length: 8903
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Fri, 28 Apr 2023 09:11:40 GMT
last-modified: Fri, 28 Apr 2023 09:11:40 GMT
server: cloudflare
etag: "0x8DB47C89439F0EB"
vary: Accept-Encoding
content-type: video/webm
access-control-allow-origin: *
x-ms-request-id: 8468cecc-601e-0056-24ed-b3b0b8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-creation-time,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2020-06-12
cf-ray: 7fdd9645bb2bfbc2-WAW

GET
H2 206 Saxo_AO_FX_Mobile_6Screens_2-84d8088b35094022aaf0c5f07eb84dc8.webm
c.bannerflow.net/bf-videos/5a0d39df4b0d911948f0e725/ Frame BEE1 9 KB
9 KB 35ms
34ms Media
video/webm 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/bf-videos/5a0d39df4b0d911948f0e725/Saxo_AO_FX_Mobile_6Screens_2-84d8088b35094022aaf0c5f07eb84dc8.webm
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b38e80da7031f17f6ef63675bf24cf989edead68b6c2331028da2a253ee32c01

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Range: bytes=425984-

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 15:28:57 GMT
cf-cache-status: HIT
content-md5: OFYc5X7YcCZ2E/yzoqjyag==
age: 2752
x-ms-server-encrypted: true
Content-Range: bytes 425984-434886/434887
Content-Length: 8903
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Fri, 28 Apr 2023 09:11:40 GMT
last-modified: Fri, 28 Apr 2023 09:11:40 GMT
server: cloudflare
etag: "0x8DB47C89439F0EB"
vary: Accept-Encoding
content-type: video/webm
access-control-allow-origin: *
x-ms-request-id: 8468cecc-601e-0056-24ed-b3b0b8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-creation-time,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2020-06-12
cf-ray: 7fdd9645fb67fbc2-WAW

POST
H2 200 /
c.bannerflow.net/tr/v2/pixel/ Frame 5444 0
92 B 61ms
60ms Ping
text/plain 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel/
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/644a4d4989644c37b4d2581f?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstmuIZiVC_vnKZggVuay4m7EW0UOT17RGSzd-_XZicEu-4KhjyaJ7OmAGPBjUIyWOFySWpfscSykXsNoa3JvTOfA71vYs58cVHS9yg_Iw0hbWk-Mxfcni1kxgQNk5oLUGVR5dyFY8z7ulyku9EVmGzOLGbk95YUm3iXlHufk8pGuysmW4daXoXr3GoS72yWNZdpnBtwUUeNbFQ4QmkJMvFnYRxM8T1hK_iKTIQm0Ye0L0rQbGByOHQJc3JxAA_IOj9wf3Hv7Zyaf2rIEUFZc8-niJNpnO-NghMidXfbEXoJXXoDt_b_fm7dZtlXkCHl0cr98ylSoqLz31GXKaLvBr2FF70T32GO1WEKlCjX1AX8qA_hUu4tqQ6ytc0FGDFhFx6rscu43bk-yQL_fZeljXL28zHPD4Zl35XEioKbWf5jxH1XrC0WdcFsatZE2zotuw0d5HTfCnrohT77eMJ6D9yYSxDuo-_gZxw64w0v75pG7YIj4TByl_t73SBBI_vZZwKDJCbSry4xhrlNq3Y6OYCrEOz795bGLUqQbXjXwqQrwfecU4ZzzX2a0mCvL_FQ1oj3pUyw-ZzVzA_TNJGXpn890-QXZ8TdHJZf5fkxreQQ5Dt4KqIzsXQS6CvNrCF5oTmKEsfUqp-4XgQkWPTPn8sZHdvW-JHAchABOdZ-_SkXscBzkU5rUgtsHzz5AbqID2UDhOTLdSFVjy7KBUltFXJjjaPrUuQmgrdZYR7sMpgLd_WNgoKAcEhmbRiveVscAAPd0olwvCnx1Sj6heti7hahUL4MP7gL3791IElJcV_UysVz9evDa0hDw0odZ9QU-IbnZ9CssgDVZqSBzzd3kbOeRnAJxux1t-4yDgwGTt3PmUataRaQg0aCPqcd953h2pdteI-V7R0xk6ZLPaT-0L0TGi-fsNgqRiQOlyoFs-1alU8B-oTy04ZCdjtZXWQ6zqoBKCIr6MSoNXMo2ZWlhi3hDE_S8DoCZFyR4QULnVnaPohLNzHM_9vXwk0iwGJGLXIFRz-Mx3SY9DEgQQP9zi_7MtfDcc2zQ0eLkO8LL1VwJSGz6Dgfu3y7qTy6bqz7OBYjpabRKJhW4jSUdauqrHnpfVf60a2i3A8NmDsudiKuwwmqDQut81s7tJ70bMkZtFbOryMoVD8dkujoKnJ_E1XA4X3iPqjCxXxn-nYjEQrpeB1OINPsnO1vCZl7-duykkLIcfFDIA%26sai%3DAMfl-YSVS_2kv2kArP4_syzBMqB6FBxdCjF7IBtlfWjj62-hwwcMd9Kic32qX2d5jOjKxEcdobntkwcxMJ819UZaK_OPa7KhTyH7V6fhcrgWs3zb9S5yHD-2JzzOpjslAz-1YAbLewpJcLKoZaW81FX9pfkqTpL7iyU78cJiYolvMTIEF5T6UeAqSdM6KiHOG2-CbvIZeY0X6oCxN7fAj-jDRBvoI1KEQ4idKjybyQb9TFyxcxIpDWS8ibvbiWYjoVmN5w-sFNrwONrHaPuXA8eDOR_faQyp0KTeONZYygImU-4ZLo3hHXflBYZtte7s7Bx6cs_6VZ9aDcorh4P2qSJKxNmbfk5mGxx0C4sr7QI%26sig%3DCg0ArKJSzFWnr9l9VGdyEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fpl-pl%252Fproducts%252Fforex%253Fcmpid%253Ddisp_google_18021031909_145673789025_656617296655%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s0.2mdn.net/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 28 Aug 2023 15:28:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7fdd96460b8bfbc2-WAW
content-length: 0
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

GET
H2 206 Saxo_AO_FX_Mobile_6Screens_2-84d8088b35094022aaf0c5f07eb84dc8.webm
c.bannerflow.net/bf-videos/5a0d39df4b0d911948f0e725/ Frame 6EF8 297 KB
297 KB 36ms
36ms Media
video/webm 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/bf-videos/5a0d39df4b0d911948f0e725/Saxo_AO_FX_Mobile_6Screens_2-84d8088b35094022aaf0c5f07eb84dc8.webm
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ad4d896fad373f96bd4c21212202ecfca0b8946328a696590439b35ea6afc32

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Range: bytes=131072-

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 15:28:57 GMT
cf-cache-status: HIT
content-md5: OFYc5X7YcCZ2E/yzoqjyag==
age: 2752
x-ms-server-encrypted: true
Content-Range: bytes 131072-434886/434887
Content-Length: 303815
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Fri, 28 Apr 2023 09:11:40 GMT
last-modified: Fri, 28 Apr 2023 09:11:40 GMT
server: cloudflare
etag: "0x8DB47C89439F0EB"
vary: Accept-Encoding
content-type: video/webm
access-control-allow-origin: *
x-ms-request-id: 8468cecc-601e-0056-24ed-b3b0b8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-creation-time,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2020-06-12
cf-ray: 7fdd96462bcafbc2-WAW

POST
H2 200 /
c.bannerflow.net/tr/v2/pixel/ Frame 8B9C 0
56 B 59ms
59ms Ping
text/plain 104.17.201.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel/
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/644a4d4989644c37b4d2581f?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssSDSAxPKANI2UVXtRiIVCY5RK-DGpa0C6-EhdQbiOkza2EPA9e-rfK4lABj1orCzQBFm7CEZ6w0FzpZKCC91QxM_I-UTA-qje40qYonHg8C9V1kOP6QFj6r0UbUQUDIixuNcdzvZwNIW7WoKDXcJPHC-jqlXPfN93yUGKBdyceZsiBrbiPDoaFmgE40Wn8a4QHD9od63xXUlHZWOO6ho3dngBA0epxFB2d8tCozehmi14Cqp-4Hkxl3DQ5vHoOAOmonofkbir53KfT_4ujqciDza2XA3WkB9BM1ER8-gS1mKFwCvsZibLd6WqdLJy7uEfpXdInrmT1dV4Ujq0qf7RvqWcLELAF9xpK6CD2-0H0f2FKb4RhZg0DSZomglP9FBJGymVU-jXFkrLVncwdF2h9dAFDkU73zTSbpC7HN0JRzqotMQOKCCfjDEurKirAuU9H0s4KuE10iLuMyeAHceg-IrQaWJaJPj7kXXxRXHufM9sF24TqVimgLFuZh46ss_jab_Tdlw2QsTO2KKXCYSgmF6zHmdN46Zc5HsXJ01AFxYuXKAHXGJlrCLPXv0hI8iRDtS8K0Fl8bP0J7kRVXq_w-Yvspm7zdV03y88XvbzOi4fqnEYJ9wf2Iyt-Lgzxwc5PHo_GSlNEc70lBJJEHAJmG4P8xChw8df4dFxQO_FYYfo-Kc-e20lYoTRyAXAnbAOr6agrIqvsDiIZZLmTxqJfoHhSoYoIK-pvmdQfhQdztm5sa3mAQdgO2w_-rlDUxUUOZWwQurxR7jdX4s2dJsvAZLs8A1Msk6Y6w6i59xqU4YJTuFpBQrQcKq-1M7g0fi_zPF8V4-r4AyH7nvWEuhoE9TItqwE3lK5hMKgoVZ_87LC16NDYMR91CvxZb9UPMjaXcTSVjfFnqJs-Cl7Fzv0B1usMsXPLrsQ7MEOXEIe6vC0E8D33oZQ1G5iG0Cf-6TsNeQ1PJ_IGG1xL9lN0ibjH269byZ-tBlOsG_H3lGlwNeOgWti7dxn8v13f7YlnKn6UhJu5qvt1xFdIXaSyPH9UYyEG6cdkmDGRvTD0MF1xzD9M_p_2jYQ7PzFLlybKf-FTt0yM6d9Fp5IFNcEMzdiNj3A4Z-hf3TY-WmsA2EKCJ3GawXT14mdPX30r2fWmxejl1Qqp_lxYAz3DNB7sIoac-P45sFEV7gyQL_sAWOs2U4BZ_5lXGK9KCmBjFSYnecmzFJMKTLM_%26sai%3DAMfl-YRyfmt5tzcI4Ox-Y9nJ8Q4S4-hM_FhVWWDm7wimDgScvTbzv4juZNnjb44AbPw1fmR_-j4Prj4sHkLEdCRdq8-7V2laMXUQMtIJldsH564d1eQxL3z9HThFp4l0d7qFCOiN1Xq35tmbCAEB-dIqqbsUTxHpEDMeTJ5r2IRHIGoz2c4vqix9mIwgF11zN_k3HzLQlhlLm0FHEtg20SIZB2YOXijGDEw_at6IpihePrvz7BmAFYsTYwZkp3ncuVr6E4WsUuXhy-52h8ztDATQb-AUzdxQbcKDbTuWXq86oIJydDF7qT0Xr_MnF56Z1eivOe3FI9ONUg2dV0mlvAtt0qBvkT3AX1f07153tNg%26sig%3DCg0ArKJSzEfDb9rMemImEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fpl-pl%252Fproducts%252Fforex%253Fcmpid%253Ddisp_google_18021031909_145673789025_656617296655%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s0.2mdn.net/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 28 Aug 2023 15:28:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7fdd96463be2fbc2-WAW
content-length: 0
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

GET
H2

200

compass.js Show response
jgl.microad.net/js/ Frame 0524
Redirect Chain

https://j.microad.net/js/compass.js
https://jgl.microad.net/js/compass.js

128 KB
30 KB

316ms
316ms

Script
application/javascript

14.0.41.202
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://jgl.microad.net/js/compass.js
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1188/
Protocol: H2
Server: 14.0.41.202 Osaka, Japan, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 8d9792d8f1aa3e047b2fdc98300461ca65071e041bec1fb89e16669329c8c01c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:58 GMT
content-encoding: gzip
via: 1.1 PSrbJP1ww66:0 (W), 1.1 PSrbdbOSA1gs91:8 (W)
last-modified: Thu, 24 Aug 2023 08:56:05 GMT
server: PWS/8.3.1.0.8
etag: "1fe2d-gzip"
x-ws-request-id: 64ecbd3a_PSrbdbOSA1gs91_23521-57549
content-type: application/javascript
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
cache-control: max-age=86400
x-px: ht PSrbdbOSA1gs91KIX
accept-ranges: bytes
content-length: 29887
expires: Tue, 29 Aug 2023 08:26:21 GMT

Redirect headers

date: Mon, 28 Aug 2023 15:28:57 GMT
via: 1.0 PSrbdbOSA1ap90:2 (W)
server: PWS/8.3.1.0.8
x-ws-request-id: 64ecbd39_PSrbdbOSA1gs91_23521-57523
location: https://jgl.microad.net/js/compass.js
access-control-allow-origin: *
cache-control: no-cache
x-px: -
content-length: 0

GET
H2 200 /
i.adingo.jp/ Frame 0524 43 B
409 B 845ms
276ms Image
image/gif 18.178.179.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.adingo.jp/?p=H-Vunr96kW1HLaAh0HVuks9GgIpUtJTWEAVo9RXBQIlrudQUdLjjv0SEKHFh4KSwWFPgqGOCXx-SM8-CyOTECzqWaAp52mY92ZMIHaYQeRnzC1KJavfnds4WRKe3DtaodYTQk_JXgy8-ewuG-qhkDK3XMhD39a0IqjZI25Z1UFamPLin1Iq0LvQL4JoqTCsAKQaBIc5C61p8284GqZjQByL0UJUflTVokK6eCKMCWH6ibODcej7YXK0KFHncJPJRG-XEmOqP1X8f33V2RtdFsd-HZOSfKVsj-vj0&k=3&v=4IPLdwvLOCXXvHKB
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1188/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.178.179.45 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-178-179-45.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:58 GMT
server: openresty
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 43
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2

200

compass.js Show response
jgl.microad.net/js/ Frame F1CD
Redirect Chain

https://j.microad.net/js/compass.js
https://jgl.microad.net/js/compass.js

128 KB
30 KB

362ms
361ms

Script
application/javascript

14.0.41.202
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://jgl.microad.net/js/compass.js
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1187/
Protocol: H2
Server: 14.0.41.202 Osaka, Japan, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 8d9792d8f1aa3e047b2fdc98300461ca65071e041bec1fb89e16669329c8c01c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:58 GMT
content-encoding: gzip
via: 1.1 PSrbJP1ww66:0 (W), 1.1 PSrbdbOSA1gs91:1 (W)
last-modified: Thu, 24 Aug 2023 08:56:05 GMT
server: PWS/8.3.1.0.8
etag: "1fe2d-gzip"
x-ws-request-id: 64ecbd3a_PSrbdbOSA1gs91_23521-57550
content-type: application/javascript
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
cache-control: max-age=86400
x-px: ht PSrbdbOSA1gs91KIX
accept-ranges: bytes
content-length: 29887
expires: Tue, 29 Aug 2023 10:18:59 GMT

Redirect headers

date: Mon, 28 Aug 2023 15:28:57 GMT
via: 1.0 PSrbdbOSA1gs91:4 (W)
server: PWS/8.3.1.0.8
x-ws-request-id: 64ecbd39_PSrbdbOSA1gs91_23521-57524
location: https://jgl.microad.net/js/compass.js
access-control-allow-origin: *
cache-control: no-cache
x-px: -
content-length: 0

GET
H2 200 /
i.adingo.jp/ Frame F1CD 43 B
407 B 843ms
276ms Image
image/gif 18.178.179.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.adingo.jp/?p=GoT5sXYBj1Q40Iase7qWGcUQGfgZ_F1uggqmstuyzIFSGqqFCtRBZt6y3fAu54PHUGduMYiGnjigMINJrp_jy10N9FZA0mF4U3CpBSMZTO71eL4bQxBv1a2d79DapqIvzdLLbqsxxRFR_aoq5lfa1NP1wwcQvBVPxBnK1H4i_r2T4dLuTIhn-I54zfBPymFusvvHQCmwJgeThcecPeghCK-rlXWxPKaFkcQ_ApK75ilvYYovYk3h_hq2GIwLTnUCZmZddF_Nr5eyskzyN_kl26vV2gfeep5UKQPb&k=3&v=nazH9zvoh22p_YTr
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1187/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.178.179.45 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-178-179-45.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:28:58 GMT
server: openresty
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 43
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cookie_loader.html Show response
cache.send.microadinc.com/js/ Frame 4038 2 KB
2 KB 48ms
47ms Document
text/html 99.86.4.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microadinc.com/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-114.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: https://media5.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 54944
content-length: 1909
content-type: text/html
date: Mon, 28 Aug 2023 00:13:15 GMT
etag: "10cf9c751f3fdad8c8784c6bf8cee57a"
last-modified: Thu, 28 Oct 2021 12:57:38 GMT
server: AmazonS3
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-id: mvwTkkNnl90unaRVpu168rQhRIOVqdicIUGDXbsf9B4fJoP-AoK3Gg==
x-amz-cf-pop: FRA6-C1
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7
x-cache: Hit from cloudfront

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ Frame 0524 6 KB
3 KB 51ms
50ms Script
application/javascript 23.36.162.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-72.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Mon, 28 Aug 2023 15:28:58 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H/1.1 200
200 ad Show response
s-rtb.send.microadinc.com/ Frame 0524 2 KB
2 KB 310ms
310ms Script
text/javascript 202.233.84.9
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microadinc.com/ad?spot=46349e541abeeb49be17afde2dcbebe1&cb=microadCompass.AdRequestor.callback&url=https%3A%2F%2Fmedia5.fc2.com%2F1188%2F&referrer=https%3A%2F%2Fmedia5.fc2.com%2F1188%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=c5ef86525948c8018a3cc32c69

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.9 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

3481b672060250709489cf5fae4f0945f9e9b834a4d4a80298a8ab1a0b3eccec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:58 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: text/javascript;charset=UTF-8
Connection: close
Content-Length: 2181
X-XSS-Protection: 1; mode=block

GET
H2 200 cookie_loader.html Show response
cache.send.microadinc.com/js/ Frame 6A32 2 KB
2 KB 48ms
47ms Document
text/html 99.86.4.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microadinc.com/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-114.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: https://media5.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 54944
content-length: 1909
content-type: text/html
date: Mon, 28 Aug 2023 00:13:15 GMT
etag: "10cf9c751f3fdad8c8784c6bf8cee57a"
last-modified: Thu, 28 Oct 2021 12:57:38 GMT
server: AmazonS3
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-id: 8CxT-gpRLKZT0-iNLEJaSZodb5CBSZlXGxsgktVlKOkYFyM4gh8XOQ==
x-amz-cf-pop: FRA6-C1
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7
x-cache: Hit from cloudfront

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ Frame F1CD 6 KB
3 KB 52ms
51ms Script
application/javascript 23.36.162.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-72.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Mon, 28 Aug 2023 15:28:58 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H/1.1 200
200 ad Show response
s-rtb.send.microadinc.com/ Frame F1CD 2 KB
3 KB 884ms
295ms Script
text/javascript 202.233.84.9
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microadinc.com/ad?spot=e758bea8b3b21580d0e3c10a2259b09c&cb=microadCompass.AdRequestor.callback&url=https%3A%2F%2Fmedia5.fc2.com%2F1187%2F&referrer=https%3A%2F%2Fmedia5.fc2.com%2F1187%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=7f51ba3f773a4c018a3cc32c99

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.9 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

d712c1c806a98ceb4105c7be38517796569b678695f6778c664c6ba88b2543f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:59 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: text/javascript;charset=UTF-8
Connection: close
Content-Length: 2281
X-XSS-Protection: 1; mode=block

GET
H2 200 n Show response
j.zucks.net.zimg.jp/ Frame 7EDE 8 KB
3 KB 827ms
719ms Script
text/javascript 18.66.147.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://j.zucks.net.zimg.jp/n?f=_57ad65eb99

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-108.fra60.r.cloudfront.net

Software

Resource Hash

7a393ff225601342fc418ce3457ecd9acfcdef604d9d6fff1f1cc793dc158237

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 15:28:02 GMT
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
p3p: CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
x-amz-cf-id: GASU1u0Kikgiu_hgW1mjswl4f4resA91m1BDwknNTH6otlZ3nN3d1g==
expires: Mon, 28 Aug 2023 15:33:59 GMT

GET
H/1.1 200
200 ic
ssp.send.microadinc.com/ Frame 0524 43 B
340 B 288ms
288ms Image
image/gif 202.233.84.10
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microadinc.com/ic?ep=5ZOy9Oiau9EBlufLy0MfzGVAAZubOt3-H-0KQww2_6mHus9QgZRst_ik99_IDhXwtvE5UqaDvO-FVLhnOHj3zwzC3TySSfVyXldw841EbJM4FDcP3BINwIIlNbaOhz024RS-_sOEnTxyB
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1188/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.10 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:28:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: image/gif
Connection: close
Content-Length: 57

GET
H2 200 loader.js Show response
cdn.gmossp-sp.jp/ads/ Frame 6A08 39 KB
12 KB 164ms
56ms Script
application/javascript 23.214.228.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gmossp-sp.jp/ads/loader.js?space_id=g914507
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.214.228.171 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-214-228-171.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: c64a92a83d9b722768e291283350a6133f8cc452da5efff98a6ab6d839ef738d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:59 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 01:50:45 GMT
server: UploadServer
etag: "09a35d88e58e0a7143fc2e4020e94d33"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: no-cache, no-transform
accept-ranges: bytes
content-length: 11616
expires: Mon, 28 Aug 2023 15:28:59 GMT

GET
H/1.1 200
200 ic
ssp.send.microadinc.com/ Frame F1CD 43 B
340 B 934ms
316ms Image
image/gif 202.233.84.10
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microadinc.com/ic?ep=5ZOy9Ow-8UgCrO4fmNg0jPrQ2GYmVyO5krOwic9Xa_wXUDggMlBn9xWSeqxdsbHLy0fwwY2Nm8uekKcjwX56qJl9eQfv_zzhaVFP25aIZ9PVIrp8UaWx8-eb_CWhiEqIQ4pMRQa1gTsjL
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1187/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.10 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:29:00 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: image/gif
Connection: close
Content-Length: 57

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 6A08 128 KB
41 KB 189ms
93ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.gmossp-sp.jp
URL: https://cdn.gmossp-sp.jp/ads/loader.js?space_id=g914507

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:28:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 29 Aug 2023 15:28:59 GMT

GET
H/1.1 200 v3 Show response
sh.zucks.net/opt/native/api/ Frame 7EDE 503 B
1 KB 1153ms
279ms XHR
application/json 52.194.4.143

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.zucks.net/opt/native/api/v3?frameid=327337&sw=1600&sh=1200&touch=0&_rand=0.5111634495991111

Requested by

Host: j.zucks.net.zimg.jp
URL: https://j.zucks.net.zimg.jp/n?f=_57ad65eb99

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.194.4.143 -, , ASN (),

Reverse DNS

Software

Resource Hash

b6cbd06e8256c4e09b870ad4b7eaec7de5065592d2018bc8af54b7782d2a9e7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 28 Aug 2023 15:29:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Aug 2023 15:29:00 GMT
vary: accept-encoding
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://media5.fc2.com
P3P: CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
Cache-Control: no-cache, must-revalidate, no-cache="set-cookie"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 440
Expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
Ok / Show response
media5.fc2.com/ Frame 8230 70 B
388 B 193ms
193ms XHR
application/x-javascript 104.244.99.100
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://media5.fc2.com/
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/js/ajax.module.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.100 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ae47036a6832bce0841a6e4e6e801a00f27f8a5e4eec02baa6ab9ffffaf75e9

Request headers

Referer: https://media5.fc2.com/1188/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 15:28:59 GMT
Server: nginx
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 70
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 403 ssp.ad
sp.gmossp-sp.jp/ads/ Frame 6A08 0
0 369ms
287ms Script
text/html 35.201.98.24
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.gmossp-sp.jp/ads/ssp.ad?r=0.8602534763878269&space_id=g914507&callback=gmossp_forsp.view&tw=0&req=load&ref=https%3A%2F%2Fmedia5.fc2.com%2F1187%2F&sc=1600x1200&1h=&1d=&10m=&lv=&la=&xid=zuYJCLJJSD5ZFifq&gmom_ak_fq=&ao=lanterman.web.fc2.com&np=Win32&aid=&plt=Win32&async=0&sop=0&sf=0&acmp=0&hf=0
Requested by: Host: cdn.gmossp-sp.jp
URL: https://cdn.gmossp-sp.jp/ads/loader.js?space_id=g914507
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.98.24 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 24.98.201.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 im-uid-hook.js Show response
dmp.im-apps.net/scripts/ Frame 6A08 636 B
570 B 64ms
63ms Script
text/javascript 23.36.162.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=1000283
Requested by: Host: cdn.gmossp-sp.jp
URL: https://cdn.gmossp-sp.jp/ads/loader.js?space_id=g914507
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-72.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1b6c8f5fce9bf4ab6ba5e8c24fcc8205515bad3b2da9f86f9360eb9adacf7741

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: text/javascript
date: Mon, 28 Aug 2023 15:28:59 GMT
content-encoding: gzip
cache-control: private, no-store
content-length: 447
vary: Accept-Encoding
p3p: CP="NOI PSD OTR"

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ Frame 6A08 6 KB
3 KB 86ms
86ms Script
application/javascript 23.36.162.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=1000283
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-72.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Mon, 28 Aug 2023 15:29:00 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ Frame 6A08 10 B
69 B 282ms
282ms XHR
application/json 34.120.96.193
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=1000283&vid=01H8YC6CVHMQS6RDTRRK29FXK9
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.96.193 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 193.96.120.34.bc.googleusercontent.com
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: https://media5.fc2.com
date: Mon, 28 Aug 2023 15:29:00 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 48E0 15 KB
6 KB 64ms
64ms Document
text/html 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=lanterman.web.fc2.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://media5.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 15:29:00 GMT
server: Kestrel
server-processing-duration-in-ticks: 324204
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 48E0 441 B
562 B 58ms
58ms Fetch
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=media5.fc2.com&sn=ChromeSyncframe&so=0&topUrl=lanterman.web.fc2.com&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=lanterman.web.fc2.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a30131b0516bb3e4752f924132e3148ae1c842c438fd4d9f90f8e98a4aea91dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=lanterman.web.fc2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 15:29:00 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1270191
expires: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 97ms
96ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230823&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

07db3359ad05e7b4c0864cbe8b76f3e773658bef3b3195ca65b467ebd3fb903a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:29:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11647
x-xss-protection: 0

POST
H/1.1 200
Ok / Show response
media5.fc2.com/ Frame 637D 70 B
388 B 193ms
193ms XHR
application/x-javascript 104.244.99.100
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://media5.fc2.com/
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/js/ajax.module.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.100 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: 39fd8ef8f3d06859bf78bd71e48bc3f31fbfc98ef206e1b42ade98a06851f3be

Request headers

Referer: https://media5.fc2.com/1187/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 15:29:00 GMT
Server: nginx
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 70
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 131ms
131ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Aug 2023 15:29:00 GMT

GET /
k.zucks.net/i/ Frame 7EDE 0
0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3D90 13 KB
5 KB 50ms
48ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 7635
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 13:21:45 GMT
expires: Tue, 27 Aug 2024 13:21:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BBDD 829 B
558 B 63ms
62ms Document
text/html 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f4.1e100.net

Software

GSE /

Resource Hash

90d0735558967cb83409722687ec1f9e939e1f6c482ffe1fba3f710922aa2c3d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tmfmHqfW_AW-UkscVgolRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-tmfmHqfW_AW-UkscVgolRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 15:29:00 GMT
expires: Mon, 28 Aug 2023 15:29:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D90 37 KB
14 KB 44ms
43ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:34:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14626
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Aug 2024 11:34:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BBDD 0
0 142ms
141ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230823&jk=815033577226452&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3D90 0
12 B 44ms
44ms Image
text/plain 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?juNnIA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:29:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 149ms
149ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230823&jk=815033577226452&bg=!zM-lz4DNAAYkVgHwBFY7ADQBe5WfOEdC7O8Qly3AjW4ietxuHQqLjY5qswlJjqF5blNKmGc6x9WfAn78M60qoO4YsbV2AgAAAF9SAAAACGgBB5kCxb3dpg7ypudThCgaZMeo9g0a7w3xQcHdm-aZcVrhdpbQy0I-nTZD2oSBxIcekVtnqGecxUTJK8FFqieUGBT3qUgZcfa3KJD-Ej92odEj4_S6KDJibbjcQcZRGnAQ_Xwd__S68oYfcGdmwF7TkSH5pQij8zbgXcn5dTxFhfvX8j6HMZUOgFNec2MWXBhN0cxqIz65Uk_wh2mhikSSHghtZliuTjrXaip0Oj_RvYQv3ZqzHiSrFEE8CAWebDrKesLJXNQVqc0vLSw_lDJMkaqwMny0_3CFWOZkRVDHzyr6A8DYqf_4FlJxNcB1spP4BzCtQLn7jK1xamMBopDasFRBjmhVgZj2u3RyZEF3xbWDeY7oolczwXF0fnCxZPJXG511ATTwixyjynlpOg9CQI_KVScGi_rpRzOhktOItatlFsN7inoAGOenXWiXIU2RMtQmry04_ay4WbNGBpgu7DtHFegMtygBel6B4sNpv4HGmqXpLGA-JdeVnJ2GqzwVj2HpGgz1sadxVPo2t1Zs3KzsHHIGbprmNEklgT4YK5hFEHuYjaE8txLbVyEmQ01I3arAawk6E4tow8F19LujofzOkuPG9mJn4jm0vR2WSKp4wnzlpeGW-j6pG5KLOoVu_y0ACUxrE1_AL7yiGoJblVC8ehSZ7wIITAKlDHzySTsjh0MxTyt3NUDlt5Twh0VYqggYN1K2xdD38VKPi4LNYaz7Ml-byF6qw11GYAH0DXPkA7BG3oocdLVda3QHiXJ2787HNawV9UO2RAmFd9zvzCArSsGsTaXkMRiQErtk6k_tqrep437uIfrOZZJFYlgFE2pBEbk82_WtOI-14BNt9bYp7YuoawujvMs8Xw0d5rsVjqR55I3A-0PB-UorbtArXShkCIhFumGiJNGQVZf6QY0sptclnM0pY5vVk6lvL8dzctBVD_Ni4ck
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mcnair.indiana.edu
URL: http://mcnair.indiana.edu/img/current-students/chavez-ian.jpg

Domain: image.cdnllnwnl.xosnetwork.com
URL: http://image.cdnllnwnl.xosnetwork.com/pics33/800/VS/VSIZAIANZRGNVOO.20151009142942.jpg

Domain: k.zucks.net
URL: https://k.zucks.net/i/?k=ZGOK&p=lo2ZOQUba7q5yrd83Kq26CHESW-gL7kM3yBY-F-vn_Zjq1adnphv-gpJpMtjWXv3m8jsTkp-hHWPVO398uTmIlZUW8f6yU2_1uut7VypSRNt_hx-hxKKxubXMLPpiwOrXvD6FKIe-omDolJHFtUi1f6JAmfI8lU9KpWx0Gf4H02wFvbFizQXvbjwbmc5K46VEpFpL_R81n2S7ieb0UFGVX7daAKfTHqF0dVKKQop_wMBTiu8jFb7toeIK_iclbWrE7xL2VEiTCDrztQWTHk7YILChm08PSnSVL8t9vqRfUwjqvQvf4F32viurHpBtIlDLzudtoy1Kfg78CuKLM83xlZNO0j7q94-XjhL-lRdKJuzdyaozcKXROgHzdGtKRKzX-ovk8OX6SMMzKxohg_t7g&v=WOcm_F5Qc4s&i=1

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cache.send.microadinc.com/js	1970-01-20 14:20:40	Name: RTUS_STATUS Value: Unknown
.fc2.com/	1970-01-20 23:42:12	Name: __gads Value: ID=98aa37815e78d97f-226094385fde007e:T=1693236529:RT=1693236529:S=ALNI_MYS07xBOu7MWu-fxDuXMXba1vF9Iw
.fc2.com/	1970-01-20 23:42:12	Name: __gpi Value: UID=00000d8e4b362f28:T=1693236529:RT=1693236529:S=ALNI_MbKfFRux5vW5K9ZI3ZjoGlmcJkMfw
.doubleclick.net/	1970-01-20 23:42:12	Name: IDE Value: AHWqTUmy5z9XJYzAK0BrPPL3fXqCrxyTpPcpLli009vmBoA6I5KkvdQwwTmTQCwXsWc
.googleadservices.com/	1970-01-20 16:30:12	Name: ar_debug Value: 1
.travelaudience.com/	1970-01-20 23:52:17	Name: _tracker Value: %7B%22UUID%22%3A%2241E75BA6-B239-4340-B1E6-3A0A0523DCA0%22%7D
.quantserve.com/	1970-01-20 16:30:12	Name: d Value: EFkBCQHoKYEA
.mathtag.com/	1970-01-20 15:03:48	Name: mt_mop Value: 4:1693236536
.quantserve.com/	1970-01-20 23:50:50	Name: mc Value: 64ecbd37-e2758-b9ea9-9dae0
.ctnsnet.com/	1970-01-20 23:06:12	Name: cid_743c793bea654ea18c4698f2045b256c Value: 1
.ctnsnet.com/	1970-01-20 23:06:12	Name: gid_CAESEIElVBQRS1lKXaFbvcGu3r4 Value: 1
.turn.com/	1970-01-20 18:39:48	Name: uid Value: 2362124237623411291
.adform.net/	1970-01-20 15:05:14	Name: C Value: 1
.simpli.fi/	1970-01-20 23:07:38	Name: suid Value: 48BE217A83004CEF900F0FC7AD86AB4E
.w55c.net/	1970-01-20 23:52:17	Name: wfivefivec Value: V3zy4EM11QAEaH5
.w55c.net/	1970-01-20 15:03:48	Name: matchgoogle Value: 5
.doubleclick.net/	1970-01-20 14:20:40	Name: DSID Value: NO_DATA
.yahoo.com/	1970-01-20 23:06:34	Name: A3 Value: d=AQABBDi97GQCEDyqnqwrgEiPpfEMBZDjQDIFEgEBAQEO7mT2ZAAAAAAA_eMAAA&S=AQAAAivE4Hkrg3mfLzLFLmeAdHw
.adform.net/	1970-01-20 15:47:00	Name: uid Value: 733141476117299809
.innovid.com/	1970-01-20 16:30:12	Name: uuid Value: d061d6e0-437b-4967-bcde-cc938822583a-20230828 11:28:56
.tribalfusion.com/	1970-01-20 16:30:12	Name: ANON_ID Value: aantuJx2eNlSE0U7atv61Wivn9KSvcFx8XqcvU5mJZd5qfAg8ErQUvGRRpw8DZdWqv0GL2FNZavQmVa5ZdxTSe6gKZceF
.adingo.jp/	1970-01-20 23:06:12	Name: ID Value: d127ca68f5e746b22adfb23ce705c347
.criteo.com/	1970-01-20 23:42:12	Name: uid Value: 61430252-5b5a-4caf-aa7d-51de3f350682

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://secularcoalition.info/KmVMGc?default_keyword=cost+of+attendance+university+of+michigan+law+faculty, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://secularcoalition.info/KmVMGc?default_keyword=cost+of+attendance+university+of+michigan+law+faculty, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://localtvwqad.files.wordpress.com/2017/04/promo316932033.jpg?quality=85&strip=all&w=1200 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: http://mcnair.indiana.edu/img/current-students/chavez-ian.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.google.com/sorry/index?continue=https://cse.google.com/cse.js%3Fcx%3D008587068278864670770:l6eqms_gbn0&q=EgSwQ1a5GLH6sqcGIjBNLAAYXx7ff2rsJf3tg4g9AgJbxj8C3ajgwA2MpiOdeIgaUFhfN1_h4mgE1wb6iFUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://www.woodlandsnaturalhealthcentre.co.uk/wp-content/uploads/2011/10/NicholaSaundersLeaflet_inside.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.heraldpalladium.com/southhaventribune/yahoo_site_admin/assets/images/Miller_WEB.10080613_std.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: http://image.cdnllnwnl.xosnetwork.com/pics33/800/VS/VSIZAIANZRGNVOO.20151009142942.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271802&client=ca-pub-6890287250975679&fa=2&ifi=8&uci=a!8&btvi=4&xpc=P37JkdqJP8&p=http%3A//lanterman.web.fc2.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network	error	URL: https://sp.gmossp-sp.jp/ads/ssp.ad?r=0.8602534763878269&space_id=g914507&callback=gmossp_forsp.view&tw=0&req=load&ref=https%3A%2F%2Fmedia5.fc2.com%2F1187%2F&sc=1600x1200&1h=&1d=&10m=&lv=&la=&xid=zuYJCLJJSD5ZFifq&gmom_ak_fq=&ao=lanterman.web.fc2.com&np=Win32&aid=&plt=Win32&async=0&sop=0&sf=0&acmp=0&hf=0 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ads.travelaudience.com
ag.innovid.com
audiencedata.im-apps.net
c.bannerflow.net
c1.adform.net
cache.send.microadinc.com
cdn-fluct.sh.adingo.jp
cdn.gmossp-sp.jp
cdn.shopify.com
cm.g.doubleclick.net
cms.quantserve.com
cse.google.com
dclk-match.dotomi.com
dis.criteo.com
dmp.im-apps.net
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.adingo.jp
image.cdnllnwnl.xosnetwork.com
ius.ctnsnet.com
j.microad.net
j.zucks.net.zimg.jp
jgl.microad.net
k.zucks.net
lanterman.web.fc2.com
localtvwqad.files.wordpress.com
match.adsrvr.org
mcnair.indiana.edu
media.fc2.com
media5.fc2.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
s-rtb.send.microadinc.com
s.tribalfusion.com
s0.2mdn.net
s3.india.com
secularcoalition.info
sh.adingo.jp
sh.zucks.net
sp.gmossp-sp.jp
ssp.send.microadinc.com
static.criteo.net
static.fc2.com
storage1000-textad.fc2.com
sync.mathtag.com
sync.teads.tv
syndication.twitter.com
textad.fc2.com
tpc.googlesyndication.com
um.simpli.fi
vip.chps-api.fc2.com
www.cusys.edu
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.heraldpalladium.com
www.southhaventribune.net
www.woodlandsnaturalhealthcentre.co.uk
x.bidswitch.net
image.cdnllnwnl.xosnetwork.com
k.zucks.net
mcnair.indiana.edu
104.17.201.110
104.18.25.173
104.244.42.8
104.244.99.100
104.244.99.106
104.244.99.169
104.244.99.54
104.244.99.68
130.211.14.194
14.0.41.202
142.250.181.230
142.250.184.226
142.250.185.161
142.250.185.227
142.250.185.68
142.250.185.98
142.250.186.110
142.250.186.66
142.250.186.78
142.250.186.98
146.75.116.157
172.217.16.130
172.217.16.138
172.217.16.206
172.217.18.3
178.250.1.3
178.250.1.9
178.250.7.13
178.79.242.41
18.178.179.45
18.196.138.245
18.66.147.108
185.29.132.241
192.0.72.21
192.104.182.109
199.48.209.214
202.233.84.10
202.233.84.9
204.228.68.58
23.214.228.171
23.227.60.200
23.35.237.56
23.36.162.71
23.36.162.72
23.36.162.78
3.122.33.96
3.33.220.150
3.9.242.113
34.120.96.193
34.91.62.186
35.186.193.173
35.190.0.66
35.201.98.24
37.157.6.243
46.228.164.11
51.75.86.98
52.194.4.143
54.194.117.149
54.248.70.17
63.215.202.137
91.228.74.159
92.205.2.206
94.229.72.117
99.86.4.114
07db3359ad05e7b4c0864cbe8b76f3e773658bef3b3195ca65b467ebd3fb903a
08594aa8f6b8760ac36e53b99ddd70973dfc79447a1fc993a746ac975bd64565
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
0a87ba00eee82758c065fb6b0a604e671c9b39f6ea918bdc0a31dc44fb8ad9ad
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c331c5c02bbe478df92f2bb37b67dfa4febfe6be572b5baf2b79ab5eff6c8b6
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
148786284342af63df57c33534fa5940616d81a9d181b789016dfdc2c26f1da5
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1756bbeee8faff5bacefdd3c6f19718f2bac8ddd8c14ad3a2e73f03ae01e6ace
17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ad4d896fad373f96bd4c21212202ecfca0b8946328a696590439b35ea6afc32
1b6c8f5fce9bf4ab6ba5e8c24fcc8205515bad3b2da9f86f9360eb9adacf7741
1cb7cab5eb7626900d579c45c233bfb4e09b2e262f0c9bc31c90641dd5e6c714
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
1e560ff025fb7a37f6ef93d80f90f336741b83316fc4a2c5fdeec023c8ddb7a0
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734
26959420ff63fa61ceda84d3a420d0fb456221556aafd0ee0a7bcbdd9d1745a9
2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f1062b5e1af2cc8a151377ca403596d9c62d3a11512d8d7cc821945c5329929
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328cb29271341963f1503c02d0d00d7d67f60396961e4fdac73b74ebbe16d803
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3481b672060250709489cf5fae4f0945f9e9b834a4d4a80298a8ab1a0b3eccec
35da628c4c3380e6bef9589cc49222b098d76d7678f6a1b1b6a9e2bab5d72a39
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
39fd8ef8f3d06859bf78bd71e48bc3f31fbfc98ef206e1b42ade98a06851f3be
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ae47036a6832bce0841a6e4e6e801a00f27f8a5e4eec02baa6ab9ffffaf75e9
3afca5001b290bb09b9b371385e12e24044a65eb613cb2928394a2ad0ea760d2
3fb3bbc71bd622d899aab19130d210aa0029b9b2d00a2b88c083ac0c0c98aef0
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
404b9260afb4ca4d67d51bc3ab9c58e6d139d47f9c1218a78ecac1492e0e3002
4092593a3414cd0072062bb68bef96e56e3df8bb150afe086861fe40cc41979e
44447bab034a384b6b29062baf94039cf0aefab72474acef47beccd2097aef3d
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
477c5c8eb6d0ed12f38a8d5dd5fd5ff86f638cfea3ebfd8f2839bc674f68857d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e8ca0ba6f2b4993330dcbdbc467562185a94c5fb0bdee9ebe97f4e7df468375
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
57238c70b77dbdb969993cb440f82321c765542ac7a16d3d03eaee7e033f3ccf
58550bfbd57abaa8f64bf8a14889e10a3726eaea36bf0c08a9f613fc29916c17
5a0df713b4660ba39052ceadce6b19b9945dcc2b8aecea57d84816524eb38b14
5b207e7767f10ca66eaedbaee7e5023f9c55176e70d64fcaabf58656622d5513
5b20a3e55eda8ed582681eb9a05069aaaf5da9c12d9b9d6769cfc05ebb539993
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
7265799bb043ff0850ec4afbc183bd1b13b74b744f6bd52580cb7706f339c75b
7320a35f8f5fbfd28be89b5588d9cee9dbdbd09151d4ce002da3fce47140e163
74ebe3d23a48509b84adfc7b4abb0b329cbcc70b60972fc1303cfba52c65e5e7
767f76af092a9b0b3f4f7c664df1e556adc17cc7e9e3dd528eeeaac48e798a14
7a393ff225601342fc418ce3457ecd9acfcdef604d9d6fff1f1cc793dc158237
7cccd8f78bd73c79f1281052eb4c9bdf6f38386fca206da9954fdf24ab0784af
82fc3c66501ae8d7102071d175705977441f89011029ffbddfd26c7415ca4ece
863395d0e38e9c9c42ff78d3c7ecaf11f3423b5734ccf09cf08e0331f444fbbe
890acea775fde76af6cccba5856d54b19f811d9dac12835e21b6c55f298c4284
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9792d8f1aa3e047b2fdc98300461ca65071e041bec1fb89e16669329c8c01c
8dfbc5e7eed6f6b353572fec951b69de8052ae0e73ab81841ab47570a480822e
90d0735558967cb83409722687ec1f9e939e1f6c482ffe1fba3f710922aa2c3d
94f36b60ffa01cf673284849dc3558bc77f69ade38897f6b9d88d831e803bf7e
9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cf26fb9689fd8a0cca272392d51ec09f0bb015df6ca4301834f56336cdfbbb5
9efed56a9838d11eea9f613a22134eecef4dde68dd298eee453687801f3d2a4e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1d4f177b052b64ccecc89b5a1890ba0b04ad7fd9b18fb7759650601b97c136f
a30131b0516bb3e4752f924132e3148ae1c842c438fd4d9f90f8e98a4aea91dc
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab159c21ad387307cfb74673bf95dca3ce81acae6029a84fb4a475c788e50ea8
ab54017c0444167aa0373b35754d99768c225d38796dd834057dcd0341f42a00
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b38e80da7031f17f6ef63675bf24cf989edead68b6c2331028da2a253ee32c01
b6cbd06e8256c4e09b870ad4b7eaec7de5065592d2018bc8af54b7782d2a9e7f
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b7dad492260920af7d4a7996d2d662cca8f0d8aebef97c420eb89e5b4fc2cc9b
b7f62f924ea7b82ad409df09417c32e7ace002d292675841dcfeeecc28a25925
ba79f10e2c0d5c4549f9414fea4f08bccdc1d40e917c91f9a4753b5f1989676a
bac62b9a825a47764961c656e99d737ad97e9dfe8f1480607c652b284a1131c5
bb10b5a2cb6055872cb8130282367a591dd1dc5ed296d69398582d6034870a95
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
be00c6b021883cb1684551714783bace4a657281ebdf833b2a5ff8a56e206bd0
be721fab17ac58de873aa54537193d60b334335491a6a1faa222f2f57be1fd87
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c64a92a83d9b722768e291283350a6133f8cc452da5efff98a6ab6d839ef738d
c6c572a51db4b19008dfcde69a5aab55e9cdbce88c99c7ad02f4d44eb939c681
c8e197368871cd4061fa33bf5b1aef8a02b73575144963e6e930d35b7186190d
cb8aa63b3f73eb99a9f475b1bd8235a6ece0c5051a1cbef6fa5f9df8a208f48a
ccb63c70bb5c508db03e5a2a533e015573c19531a1ae7c3eb5841c29a483e173
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
d1b526c5b87c80b5d6b9ec64df85a97e40578e2cd3c91f2f039a0709b1eb02ac
d1d9bcc868a5af3451dfc14345a5d8fe527a97528118c4d0c6a432de14763c8b
d364379e39bd73243c92d582a229f2058c1b375fb4845fa826b51606fa579ede
d36da76a74f6417213513db20dda3f81d6e86bd61b735d764ef83546d10bcdc3
d4e38a51951999e9847ee305ad2eb73ca98f4d367fa5f92351e6c67312738b76
d5280d87baee55df453debab6d2cf4079a730388c6773369fffa6c44ce9f159c
d712c1c806a98ceb4105c7be38517796569b678695f6778c664c6ba88b2543f1
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
e06a517c8ef78e142c00c1217c5a3e48c1c31dd55813530c225763ecf688b92f
e2602b9992ac7cd541ea994b6c15b23fef7ae4fd3601cb45e32ee03e2fc03a49
e2c245946327808ec3736d7908377405c5b02820a976c3dd83d49cd0769a7cd8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4
e6d10e033b6c11514dcc70b6eca95b3ba2c34ed4dcad56b15b1c44233260d2e6
e955fa868571747fcd5631bd4bc84d6f5de400b44e8e84277268b959f3086b67
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f82333103a1080f1da5da0c384159e0f10307305ea2b611289285f3da136c0f2
f82eeb7d741fcdd22be2f05939c7196ba620b539243541c6a56ab6cd62462613
fdbffb7249f43d502d7814cac018ca6409d2eaa89ff5cf65cf3068b5f5a7aaee

lanterman.web.fc2.com Open in urlscan Pro 104.244.99.169 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

262 Requests

78 %HTTPS

0 %IPv6

46 Domains

71 Subdomains

55 IPs

10 Countries

3189 kBTransfer

7782 kBSize

23 Cookies

13 Outgoing links

Redirected requests

262 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lanterman.web.fc2.com Open in urlscan Pro
104.244.99.169 Public Scan

Screenshot
Live screenshot

Full Image

262
Requests

78 %
HTTPS

0 %
IPv6

46
Domains

71
Subdomains

55
IPs

10
Countries

3189 kB
Transfer

7782 kB
Size

23
Cookies

262 HTTP transactions
6 data transactions