www.boxofficeindia.com Open in urlscan Pro
2606:4700:3034::6815:8ef Public Scan

URL: https://twitter.com/Box_Off_India
Title: Follow Us

URL: https://boxofficeindia.com/report-details.php?articleid=6186
Title: 2.75 Cr (First Day)

URL: https://boxofficeindia.com/report-details.php?articleid=6141
Title: 4 Cr (10 Weeks)

URL: https://boxofficeindia.com/report-details.php?articleid=6034
Title: Top Overseas Grossers 2020

URL: https://cookieinfoscript.com/
Title: Cookie Info Script

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.boxofficeindia.com/ HTTP 301
https://www.boxofficeindia.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://go.automatad.com/geo/DMC6nI/afihbs.js HTTP 301
https://b2cdn.automatad.com/geo/DMC6nI/all-geo-W/afihbs.js

Request Chain 122

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_rbd HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_rbd&dcc=t

Request Chain 153

https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Request Chain 154

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECwqaac7uq68SR8g6jVWbrM&google_cver=1

Request Chain 155

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwWgkRkfV1XxQV2lcYMt3AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECwqaac7uq68SR8g6jVWbrM&google_cver=1

Request Chain 162

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJEgA8DU-3sRjyW5xxs8SNM&google_cver=1&google_push=AehlK4BlKmFl7odawmqzRdGaNAJKUdi0J1q6KMePI2KU4rkz_l0HGHQIGNPfo1fWak5eAOUm25eVIcjyKm8zvAqu6K5JHIKxTg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4BlKmFl7odawmqzRdGaNAJKUdi0J1q6KMePI2KU4rkz_l0HGHQIGNPfo1fWak5eAOUm25eVIcjyKm8zvAqu6K5JHIKxTg

Request Chain 163

https://s.uuidksinc.net/match/47/?remote_uid=CAESELOVgYOXSVaqmZhCyaHW-Z4&c_param1=AehlK4ARMtM04-YpFycCXcSW5bnVcGhlnGDR1koTItN20tCifFkaxtx6bRngMkwURb9ABLn2YyWhi2O0g3-0Zjj0TuWUAkDpVJ0&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4ARMtM04-YpFycCXcSW5bnVcGhlnGDR1koTItN20tCifFkaxtx6bRngMkwURb9ABLn2YyWhi2O0g3-0Zjj0TuWUAkDpVJ0

Request Chain 165

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENftmP6k-B0ETkIP8jF6s4M&google_cver=1&google_push=AehlK4C9irCkSbna966oZveyxASP987OIwO4QY7sqk3ywQJGJduZMF87pjlpAcBazyV1A0FLDb5As4hdZuK9DvtbK1UmbF-dwbw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc3MllUUFctMUotMTQ3Sg==&google_push=AehlK4C9irCkSbna966oZveyxASP987OIwO4QY7sqk3ywQJGJduZMF87pjlpAcBazyV1A0FLDb5As4hdZuK9DvtbK1UmbF-dwbw

Request Chain 167

https://sync.inmobi.com/gob?google_gid=CAESEGYCsNHy99E4Ei5qEvq9CZU&google_cver=1&google_push=AehlK4DXgFw_0RrVU0PkAmKuTlt-SlKUhdVLDu34noLjuSoV9AzVEfU4ouXx2EWK9lM4m-6_w66rEgTr-wO4xAO-I9gZK0jsZqeI HTTP 302
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAehlK4DXgFw_0RrVU0PkAmKuTlt-SlKUhdVLDu34noLjuSoV9AzVEfU4ouXx2EWK9lM4m-6_w66rEgTr-wO4xAO-I9gZK0jsZqeI&gdpr_consent=&gdpr= HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOzGHWC-1EhYpFWNNnuC7VPyUS7U8Vuwix6rR3IA&google_push=AehlK4DXgFw_0RrVU0PkAmKuTlt-SlKUhdVLDu34noLjuSoV9AzVEfU4ouXx2EWK9lM4m-6_w66rEgTr-wO4xAO-I9gZK0jsZqeI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=E69pZGV5TDS2-eXPDmVJ&google_push=AehlK4DXgFw_0RrVU0PkAmKuTlt-SlKUhdVLDu34noLjuSoV9AzVEfU4ouXx2EWK9lM4m-6_w66rEgTr-wO4xAO-I9gZK0jsZqeI

Request Chain 168

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOFlQ_mDUqgpSj_MwlCQKWQ&google_cver=1&google_push=AehlK4B3dLL1ySUUIsvSxd0HiLrIY6t3nbIe7tW9yqxQ5P0KIqbK2pcuWwMTh9x766rrDwAaVCaSWqLWEGdKD51w3ZZsmp_q5yKw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4B3dLL1ySUUIsvSxd0HiLrIY6t3nbIe7tW9yqxQ5P0KIqbK2pcuWwMTh9x766rrDwAaVCaSWqLWEGdKD51w3ZZsmp_q5yKw HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 230

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHPCuJ_AJFpW1MUzbcCeGzw&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHPCuJ_AJFpW1MUzbcCeGzw%26google_cver%3D1

Request Chain 231

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ3MzI2MTc2MTUzNDY2MDUwNw%3D%3D

Request Chain 232

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC0DXS00iu585nebeDO37cU&google_cver=1

Request Chain 233

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjBjNWY0NjQtODlmZS02ZTIzLTcxNTAtZWI1OTkyNjQxMWI1

Request Chain 234

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHPCuJ_AJFpW1MUzbcCeGzw&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHPCuJ_AJFpW1MUzbcCeGzw%26google_cver%3D1

Request Chain 235

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ3MzI2MTc2MTUzNDY2MDUwNw%3D%3D

Request Chain 236

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC0DXS00iu585nebeDO37cU&google_cver=1

Request Chain 237

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjBjNWY0NjQtODlmZS02ZTIzLTcxNTAtZWI1OTkyNjQxMWI1

Request Chain 238

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEIR47Xtt9thbQN2KuV39tKQ&google_cver=1

Request Chain 239

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZmUzY2MzMGUtZWRjMS00ZDBhLTgxY2UtM2UxZDJiNzQ0OTg1

Request Chain 240

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
https://partners.tremorhub.com/sync?UIGL=CAESEIaJmIEVEyPG7piL99hjPrc&google_cver=1

Request Chain 241

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEIR47Xtt9thbQN2KuV39tKQ&google_cver=1

Request Chain 242

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=Y2RjMzJmYTMtMzdmNS00NjhmLTg0NzItZDIwNDQxMmUxMTU4

Request Chain 243

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
https://partners.tremorhub.com/sync?UIGL=CAESEIaJmIEVEyPG7piL99hjPrc&google_cver=1

Request Chain 251

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 278

https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=d0c18034

Request Chain 340

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4CVCdxNuRfv60ldkwFxN0Ul2Ns2pJTLlwiW-XbBmHHzUMJq8s132EIEGxBdS4DXac98kqqk8c0663Zq8lxXE4W9ORNxkw HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4CVCdxNuRfv60ldkwFxN0Ul2Ns2pJTLlwiW-XbBmHHzUMJq8s132EIEGxBdS4DXac98kqqk8c0663Zq8lxXE4W9ORNxkw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NjhVRU0xRE0xT3FIckk1&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4CVCdxNuRfv60ldkwFxN0Ul2Ns2pJTLlwiW-XbBmHHzUMJq8s132EIEGxBdS4DXac98kqqk8c0663Zq8lxXE4W9ORNxkw

Request Chain 341

https://um.simpli.fi/gp_match?google_gid=CAESEMYP7uAgJeAGjBVFcd-MwzI&google_cver=1&google_push=AehlK4Aq0V7QVtbaCZrlYvbiTpdWk6v2NpwvqTSYmIpR5Rm6yY768BInBkAzis8NkPo864ERP-eaKn_STgerK0VNBHRddxdKOWQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0A9BFB2969004015BB9A451BDA1C2578&google_push=AehlK4Aq0V7QVtbaCZrlYvbiTpdWk6v2NpwvqTSYmIpR5Rm6yY768BInBkAzis8NkPo864ERP-eaKn_STgerK0VNBHRddxdKOWQ

Request Chain 342

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKb-KHc-lMdzUmdD5o9q3Ac&google_cver=1&google_push=AehlK4B-NE9s1srT4JPTZxj-QVkiwrMrXNB-kgltmDbpTmQgiDFkbztXPvjqqqE446sHkjDtKc1CnVYS1flIKmc9ksHqDALlrQ HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEKb-KHc-lMdzUmdD5o9q3Ac&google_cver=1&google_push=AehlK4B-NE9s1srT4JPTZxj-QVkiwrMrXNB-kgltmDbpTmQgiDFkbztXPvjqqqE446sHkjDtKc1CnVYS1flIKmc9ksHqDALlrQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTI0NWFiMjktNTgxMC00YzVhLTk0OGItY2FjNGVkODI5NDhj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1245ab29-5810-4c5a-948b-cac4ed82948c

Request Chain 343

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESECpORWJhJ9UR_ueTKEP2VXY&google_cver=1&google_push=AehlK4Bh2IPQMOX0_8vZzVtFCZ671amiH7HB733GFOO8Vm2DvxYqwDbJhwb4oM7VOJHOVj3oUB0GAnyyz1Qwi7lhDvpFid25lPA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4Bh2IPQMOX0_8vZzVtFCZ671amiH7HB733GFOO8Vm2DvxYqwDbJhwb4oM7VOJHOVj3oUB0GAnyyz1Qwi7lhDvpFid25lPA&google_hm=NTA4M3FvMDBGQkRBWTAwOHRCazc

Request Chain 344

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEMm8dKzz_v66r5xCz1VGVik&google_cver=1&google_push=AehlK4BNr9Gt6XIJVIqvp5yAruK8YWKpndtmlWK9r_903J55RNDMIqUEaccgN78N236H-iwPl3mr7CuXZb277IrKO6P5s3VVEZgz HTTP 302
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEMm8dKzz_v66r5xCz1VGVik%26google_cver%3D1%26google_push%3DAehlK4BNr9Gt6XIJVIqvp5yAruK8YWKpndtmlWK9r_903J55RNDMIqUEaccgN78N236H-iwPl3mr7CuXZb277IrKO6P5s3VVEZgz HTTP 302
https://rtb2-useast.e-volution.ai/sync?adkuid=A502076053627345627&exchange=193&google_gid=CAESEMm8dKzz_v66r5xCz1VGVik&google_cver=1&google_push=AehlK4BNr9Gt6XIJVIqvp5yAruK8YWKpndtmlWK9r_903J55RNDMIqUEaccgN78N236H-iwPl3mr7CuXZb277IrKO6P5s3VVEZgz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTUwMjA3NjA1MzYyNzM0NTYyNw&google_push=AehlK4BNr9Gt6XIJVIqvp5yAruK8YWKpndtmlWK9r_903J55RNDMIqUEaccgN78N236H-iwPl3mr7CuXZb277IrKO6P5s3VVEZgz

Request Chain 346

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4BaiBU-fldYMdr4-iJcVx8kYilTq0GGfHwSByp2mLvC-75vQNRILefmHJPLKES4esLGvEWwAQkOuNu_dSUcpaFQfLnvNN0 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4BaiBU-fldYMdr4-iJcVx8kYilTq0GGfHwSByp2mLvC-75vQNRILefmHJPLKES4esLGvEWwAQkOuNu_dSUcpaFQfLnvNN0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NjhVRU0xRE0xT3FIckk1&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4BaiBU-fldYMdr4-iJcVx8kYilTq0GGfHwSByp2mLvC-75vQNRILefmHJPLKES4esLGvEWwAQkOuNu_dSUcpaFQfLnvNN0

Request Chain 347

https://um.simpli.fi/gp_match?google_gid=CAESEMYP7uAgJeAGjBVFcd-MwzI&google_cver=1&google_push=AehlK4CYsFXn2kWWHoiUEPSB01HAaRGj-INtrbRSx4o-w44QHZwXQFM5dJ0ArxijGkHiie0lHp985CMOJ1bgqx7ObWan16wwN66l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2CF04B9E0A0C4AEA833D7AC70E9E9ED7&google_push=AehlK4CYsFXn2kWWHoiUEPSB01HAaRGj-INtrbRSx4o-w44QHZwXQFM5dJ0ArxijGkHiie0lHp985CMOJ1bgqx7ObWan16wwN66l

Request Chain 348

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKb-KHc-lMdzUmdD5o9q3Ac&google_cver=1&google_push=AehlK4AlBDltCxFJesxBnCse4BJdeyHtt4sLGxbzYo7Iq8OketK506yG11B_XSRGUnPIICpAVqZhYHgq6ab_PYLXSNnjgGLO-HhE HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEKb-KHc-lMdzUmdD5o9q3Ac&google_cver=1&google_push=AehlK4AlBDltCxFJesxBnCse4BJdeyHtt4sLGxbzYo7Iq8OketK506yG11B_XSRGUnPIICpAVqZhYHgq6ab_PYLXSNnjgGLO-HhE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTI0NWFiMjktNTgxMC00YzVhLTk0OGItY2FjNGVkODI5NDhj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1245ab29-5810-4c5a-948b-cac4ed82948c

Request Chain 349

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESECpORWJhJ9UR_ueTKEP2VXY&google_cver=1&google_push=AehlK4CT3nKhgZlpAn9RtiCOG9d9z72UzW5ikKliyW_q_HNfbTpjungld0f4bKZel-7FpN8qhcyXUdR4LAIB02qkWsVMLdzwDfRV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4CT3nKhgZlpAn9RtiCOG9d9z72UzW5ikKliyW_q_HNfbTpjungld0f4bKZel-7FpN8qhcyXUdR4LAIB02qkWsVMLdzwDfRV&google_hm=NTA4M3FvMDBMQkRHYTAwN2VXV0M

Request Chain 350

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEMm8dKzz_v66r5xCz1VGVik&google_cver=1&google_push=AehlK4Apb2QTD3szL3y77bGHYlJ87OBsek5QAs-mplRoLqj_50CbSZlhzImDM6BrjzcvWbj1IFD_GF9fUoCs4hz9cD0KJ9zOv2Hhjw HTTP 302
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEMm8dKzz_v66r5xCz1VGVik%26google_cver%3D1%26google_push%3DAehlK4Apb2QTD3szL3y77bGHYlJ87OBsek5QAs-mplRoLqj_50CbSZlhzImDM6BrjzcvWbj1IFD_GF9fUoCs4hz9cD0KJ9zOv2Hhjw HTTP 302
https://rtb2-useast.e-volution.ai/sync?adkuid=A1255264988171560387&exchange=193&google_gid=CAESEMm8dKzz_v66r5xCz1VGVik&google_cver=1&google_push=AehlK4Apb2QTD3szL3y77bGHYlJ87OBsek5QAs-mplRoLqj_50CbSZlhzImDM6BrjzcvWbj1IFD_GF9fUoCs4hz9cD0KJ9zOv2Hhjw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTEyNTUyNjQ5ODgxNzE1NjAzODc&google_push=AehlK4Apb2QTD3szL3y77bGHYlJ87OBsek5QAs-mplRoLqj_50CbSZlhzImDM6BrjzcvWbj1IFD_GF9fUoCs4hz9cD0KJ9zOv2Hhjw

Request Chain 355

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4C4ONIjtOnLRoHI5d25FUC9KQhmB3wx6GXPTEHTaMzT5_0teLsVj7QUeZt-iH7O4DW_uzhhnQqSLBfvhs8MN35fcb7iuMUPtw HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4C4ONIjtOnLRoHI5d25FUC9KQhmB3wx6GXPTEHTaMzT5_0teLsVj7QUeZt-iH7O4DW_uzhhnQqSLBfvhs8MN35fcb7iuMUPtw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eDFsUkZVQzExT3FIckk1&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4C4ONIjtOnLRoHI5d25FUC9KQhmB3wx6GXPTEHTaMzT5_0teLsVj7QUeZt-iH7O4DW_uzhhnQqSLBfvhs8MN35fcb7iuMUPtw

Request Chain 356

https://um.simpli.fi/gp_match?google_gid=CAESEMYP7uAgJeAGjBVFcd-MwzI&google_cver=1&google_push=AehlK4DzaWgZYsA7bNMzbIMXRsdhk8c_ehN-qe6V-o6u7sZv2fLV3uv7zJdewz4ddbCLq70z7GWwFdkUBzz8QqL7nWqyv3MDVPae3g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B60E422D7329441D89F5C7753CAD453A&google_push=AehlK4DzaWgZYsA7bNMzbIMXRsdhk8c_ehN-qe6V-o6u7sZv2fLV3uv7zJdewz4ddbCLq70z7GWwFdkUBzz8QqL7nWqyv3MDVPae3g

Request Chain 357

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKb-KHc-lMdzUmdD5o9q3Ac&google_cver=1&google_push=AehlK4Bvpsg1bzm7H8vZUhlxeV9x6kZRe6IoAsm9pM8OAegY8AboRat4Dw5D0fOkBj8ampVVFGiCW-EKIo0JgvcqpGbh_HSPboL82w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTI0NWFiMjktNTgxMC00YzVhLTk0OGItY2FjNGVkODI5NDhj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1245ab29-5810-4c5a-948b-cac4ed82948c

Request Chain 358

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESECpORWJhJ9UR_ueTKEP2VXY&google_cver=1&google_push=AehlK4DiJ_NrQVk9kxcwkQTUuDYIwIe7wm7ToDuECpnZMRH2J5DxqN3rukpcqrWxE3UC4enmAz8_yhKdJb6DtcWf8JmYvzeQR2HSUg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4DiJ_NrQVk9kxcwkQTUuDYIwIe7wm7ToDuECpnZMRH2J5DxqN3rukpcqrWxE3UC4enmAz8_yhKdJb6DtcWf8JmYvzeQR2HSUg&google_hm=NTA4M3FvMDBMQkRHYTAwN2VXV0M

Request Chain 359

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEMm8dKzz_v66r5xCz1VGVik&google_cver=1&google_push=AehlK4BSADINm9cqDilu2Nan92RpNdXeq95QVrQBtAxVpM1etI25Zmqel_zHKlxoHsTDAwir_JnThvWuz_ghilTU5lFZE6EC3-MeW7o HTTP 302
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEMm8dKzz_v66r5xCz1VGVik%26google_cver%3D1%26google_push%3DAehlK4BSADINm9cqDilu2Nan92RpNdXeq95QVrQBtAxVpM1etI25Zmqel_zHKlxoHsTDAwir_JnThvWuz_ghilTU5lFZE6EC3-MeW7o HTTP 302
https://rtb2-useast.e-volution.ai/sync?adkuid=A2508200535676035210&exchange=193&google_gid=CAESEMm8dKzz_v66r5xCz1VGVik&google_cver=1&google_push=AehlK4BSADINm9cqDilu2Nan92RpNdXeq95QVrQBtAxVpM1etI25Zmqel_zHKlxoHsTDAwir_JnThvWuz_ghilTU5lFZE6EC3-MeW7o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTI1MDgyMDA1MzU2NzYwMzUyMTA&google_push=AehlK4BSADINm9cqDilu2Nan92RpNdXeq95QVrQBtAxVpM1etI25Zmqel_zHKlxoHsTDAwir_JnThvWuz_ghilTU5lFZE6EC3-MeW7o

Request Chain 362

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4DwWxt7e-QiqeFttahqQN95YmQRBILgegpWsQyL-OrR8N_OB2HphdzgA2HNXtrVdmJ0CBlEw8HeSkIeTblyMAe9WeJafUE HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4DwWxt7e-QiqeFttahqQN95YmQRBILgegpWsQyL-OrR8N_OB2HphdzgA2HNXtrVdmJ0CBlEw8HeSkIeTblyMAe9WeJafUE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eDFsUkZVQzExT3FIckk1&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4DwWxt7e-QiqeFttahqQN95YmQRBILgegpWsQyL-OrR8N_OB2HphdzgA2HNXtrVdmJ0CBlEw8HeSkIeTblyMAe9WeJafUE

Request Chain 363

https://um.simpli.fi/gp_match?google_gid=CAESEMYP7uAgJeAGjBVFcd-MwzI&google_cver=1&google_push=AehlK4DInCcs0XeM23WCL6cZBLw_c_mEEn_uDxxuZb-RjH053ivnKRewph2EJROFKjIiELPQdBKn8sooWJihNXRi1Ij3-CmiqNx0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4DCE09A94AB64A12951ACB38E9CA7A3E&google_push=AehlK4DInCcs0XeM23WCL6cZBLw_c_mEEn_uDxxuZb-RjH053ivnKRewph2EJROFKjIiELPQdBKn8sooWJihNXRi1Ij3-CmiqNx0

Request Chain 364

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKb-KHc-lMdzUmdD5o9q3Ac&google_cver=1&google_push=AehlK4BAu-Hfdbk1rp07yQ_y6i-kvpDFJjhHK7C2RnuY17NQuOyvgHSd4znKEGoERI3ofwoIbz1SZ-WZ4daXbFotMoJw9euvANoh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTI0NWFiMjktNTgxMC00YzVhLTk0OGItY2FjNGVkODI5NDhj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1245ab29-5810-4c5a-948b-cac4ed82948c

Request Chain 365

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESECpORWJhJ9UR_ueTKEP2VXY&google_cver=1&google_push=AehlK4CpecfkozldDqfAmzUs-jDAUoSUhK-FyySfbXceX48jrVqQgJDa1_BZt_AYKJeDsD-cQs_QYYf8mPwah3I5Mre9QflXyALc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4CpecfkozldDqfAmzUs-jDAUoSUhK-FyySfbXceX48jrVqQgJDa1_BZt_AYKJeDsD-cQs_QYYf8mPwah3I5Mre9QflXyALc&google_hm=NTA4M3FvMDBMQkRHYTAwN2VXV0M

Request Chain 366

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEMm8dKzz_v66r5xCz1VGVik&google_cver=1&google_push=AehlK4CIQA6BWTZ921sJY1GW2ebPh78srg3Iy6z_owzaI6LNwbOUsiXDh3y8xXAHxxfRSK556ZDC-3dqUSwpyPYiO2e3rF7IGJYSYQ HTTP 302
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEMm8dKzz_v66r5xCz1VGVik%26google_cver%3D1%26google_push%3DAehlK4CIQA6BWTZ921sJY1GW2ebPh78srg3Iy6z_owzaI6LNwbOUsiXDh3y8xXAHxxfRSK556ZDC-3dqUSwpyPYiO2e3rF7IGJYSYQ HTTP 302
https://rtb2-useast.e-volution.ai/sync?adkuid=A9125204465794923084&exchange=193&google_gid=CAESEMm8dKzz_v66r5xCz1VGVik&google_cver=1&google_push=AehlK4CIQA6BWTZ921sJY1GW2ebPh78srg3Iy6z_owzaI6LNwbOUsiXDh3y8xXAHxxfRSK556ZDC-3dqUSwpyPYiO2e3rF7IGJYSYQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTkxMjUyMDQ0NjU3OTQ5MjMwODQ&google_push=AehlK4CIQA6BWTZ921sJY1GW2ebPh78srg3Iy6z_owzaI6LNwbOUsiXDh3y8xXAHxxfRSK556ZDC-3dqUSwpyPYiO2e3rF7IGJYSYQ

Request Chain 370

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1245ab29-5810-4c5a-948b-cac4ed82948c&expiration=1663905170&gdpr=0&gdpr_consent=

Request Chain 371

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwWgkRkfV1XxQV2lcYMt3AAAA4UAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECrJA18fFhlMvq7b_m-AYKE&google_cver=1

Request Chain 372

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=946538179684156045

Request Chain 373

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=080d220402681dc489069399&expiration=[EXPIRATION]

Request Chain 375

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YwWgkRkfV1XxQV2lcYMt3AAAA4UAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/YwWgkRkfV1XxQV2lcYMt3AAAA4UAAAAB

Request Chain 576

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=Ghh1wcsVdh9rrn1XCQj8&pi=gumgum&tc=1

Request Chain 584

https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8707339851561806265&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 585

https://match.adsrvr.org/track/cmf/openx?oxid=dcaa27ae-4089-3087-64b0-b1e05886dfd5&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=1245ab29-5810-4c5a-948b-cac4ed82948c&ttd_puid=dcaa27ae-4089-3087-64b0-b1e05886dfd5&gdpr=0&gdpr_consent=

Request Chain 586

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YwWglMCo5tIAAFOKJYAAAAAA

Request Chain 587

https://cr-p3.ladsp.jp/cookiesender/3 HTTP 302
https://cr-pall.ladsp.com/cookiesender/3 HTTP 302
https://cr-pall.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AW4q-BjEsFNsks8ADsaW3yXg_88AAAGCzftCpA

Request Chain 589

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC0DXS00iu585nebeDO37cU&google_cver=1

Request Chain 590

https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=3db529f75a14226d&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAMOwe98iOBlwN1nV-RAAAAAAA&expiration=1661399572&nuid=&is_secure=true

Request Chain 591

https://px.owneriq.net/eucm/p/cwc HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q7145995721007602681&ref=%2Feucm%2Fp%2Fcwc HTTP 302
https://px.owneriq.net/fr/epx.gif

Request Chain 592

https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=QlhxSlNGOEs2ajVlcW56ZVh5WnNXUQ&gdpr=0&gdpr_consent= HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEGIRiMzizdx7jljH_UZ2dBk&google_cver=1

Request Chain 593

https://x.bidswitch.net/sync?ssp=pulsepoint HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pulsepoint HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpulsepoint%26bsw_param%3Ddd5ee5f5-8a47-45bd-b4bc-be5be747ea6d%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=354&user_id=692c187ba4c240b6906068095f79f699&ssp=pulsepoint&bsw_param=dd5ee5f5-8a47-45bd-b4bc-be5be747ea6d&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=dd5ee5f5-8a47-45bd-b4bc-be5be747ea6d

Request Chain 595

https://eb2.3lift.com/xuid?mid=2636&xuid=6as43YLsCpxp&dongle=8bee HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2636&xuid=6as43YLsCpxp&dongle=8bee&gdpr=0&cmp_cs=&us_privacy=

Request Chain 598

https://s.ad.smaato.net/c/?dspInit=1001299&dspCookie=6as43YLsCpxp HTTP 302
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=d0c18034

Request Chain 599

https://cm.g.doubleclick.net/pixel?google_nid=pulsepoint_inc_&google_cm&google_hm=6as43YLsCpxp HTTP 302
https://bh.contextweb.com/bh/rtset?pid=559960&ev=1&google_gid=CAESEI1CeZKnd0BkR-auo6ZUvsI&google_cver=1

Request Chain 608

https://sync.colossusssp.com/pp.gif?puid=6as43YLsCpxp HTTP 302
https://exchange.mediavine.com/usersync/redirect?partner=huddled_masses&uuid=[MediavineId]&partnerId=f175d852-426a-4654-8f25-20cb4344f0c3

Request Chain 610

https://i.liadm.com/s/55660?bidder_id=98251&bidder_uuid=6as43YLsCpxp HTTP 303
https://i.liadm.com/s/55660?bidder_id=98251&bidder_uuid=6as43YLsCpxp&_li_chk=true&previous_uuid=af988b8e3e554962b3a39919f5949c20 HTTP 303
https://i6.liadm.com/s/55660?bidder_id=98251&bidder_uuid=6as43YLsCpxp

Request Chain 611

https://x.bidswitch.net/sync?dsp_id=400&user_id=6as43YLsCpxp&expires=30&user_group=[NUMERICAL_VALUE] HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=dd5ee5f5-8a47-45bd-b4bc-be5be747ea6d&gdpr=&consentData=&uspString= HTTP 307
https://cm.mgid.com/m?c=dd5ee5f5-8a47-45bd-b4bc-be5be747ea6d&cdsp=433145&consentData=&gdpr=&uspString=&sct=1

Request Chain 618

https://web.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df52f4391c12fd4%26domain%3Dwww.boxofficeindia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.boxofficeindia.com%252Ff1dc83673a5259c%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.boxofficeindia.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90 HTTP 302
https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df52f4391c12fd4%26domain%3Dwww.boxofficeindia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.boxofficeindia.com%252Ff1dc83673a5259c%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.boxofficeindia.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90&_rdc=1&_rdr

Request Chain 619

https://web.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df122bb73614c694%26domain%3Dwww.boxofficeindia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.boxofficeindia.com%252Ff1dc83673a5259c%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.boxofficeindia.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90 HTTP 302
https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df122bb73614c694%26domain%3Dwww.boxofficeindia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.boxofficeindia.com%252Ff1dc83673a5259c%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.boxofficeindia.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90&_rdc=1&_rdr

Request Chain 625

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 626

https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L772YV4V-W-23GL&gdpr=0&us_privacy=1YN-

Request Chain 627

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=946538179684156045

Request Chain 628

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=FMooDBZHjj-SffxaTfOA-VXs

Request Chain 629

https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
https://ads.servenobid.com/sync?pid=310&uid=FMooDBZHjj-SffxaTfOA-VXs

Request Chain 630

https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiN2VmZTdhNTEtMWE1MC00YWQ2LWE3OTUtOTA0OTk4YmVhNWI5IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yNFQwMzo1Mjo1My4wNDQ0NjJaIn0=

Request Chain 631

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1661313172603 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=194953402 HTTP 302
https://sync.1rx.io/usersync/tradedesk/1245ab29-5810-4c5a-948b-cac4ed82948c HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b63ab76e-7c82-4b1f-8f3f-d6b0cd20892b-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-b63ab76e-7c82-4b1f-8f3f-d6b0cd20892b-004 HTTP 302
https://usersync.gumgum.com/usersync?b=rhy&i=RX-b63ab76e-7c82-4b1f-8f3f-d6b0cd20892b-004

Request Chain 632

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=1975461764906759562

Request Chain 633

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=332&uid=efa47180-8807-4c47-9e7c-a77686bac818

Request Chain 634

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F51%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D92ae906c-01da-48eb-b52d-c9e02ea5b9b6%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID HTTP 302
https://prebid.a-mo.net/cchain/0/51?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=92ae906c-01da-48eb-b52d-c9e02ea5b9b6&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=946538179684156045 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F1%252F51%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253D92ae906c-01da-48eb-b52d-c9e02ea5b9b6%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID

Request Chain 635

https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
https://ads.servenobid.com/sync?pid=337&uid=y-Hmr4NWlE2uFHNZlJipOhT9dUvR2HlPLxOGRp35Q-~A

Request Chain 637

https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
https://ads.servenobid.com/sync?pid=339&uid=y-Hmr4NWlE2uFHNZlJipOhT9dUvR2HlPLxOGRp35Q-~A

Request Chain 638

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=946538179684156045

Request Chain 639

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_eded0877-758f-44f1-a009-c9572ea5e2c5&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=HVoMiEpZBYkGUFmJH1gRhRoMBI4GWQ6KTl2iUIZq HTTP 302
https://usersync.gumgum.com/usersync?b=bsw&i=dd5ee5f5-8a47-45bd-b4bc-be5be747ea6d

Request Chain 640

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28E3Uc1XFfx2tvLplH1IuKNCmupMoSOX9f2Li17nqf33wbdMmfRhpy_lhnQ9Y47Wxi%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28E3Uc1XFfx2tvLplH1IuKNCmupMoSOX9f2Li17nqf33wbdMmfRhpy_lhnQ9Y47Wxi%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_eded0877-758f-44f1-a009-c9572ea5e2c5&obuid=ENC(E3Uc1XFfx2tvLplH1IuKNCmupMoSOX9f2Li17nqf33wbdMmfRhpy_lhnQ9Y47Wxi) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DE3Uc1XFfx2tvLplH1IuKNCmupMoSOX9f2Li17nqf33wbdMmfRhpy_lhnQ9Y47Wxi HTTP 302
https://sync.outbrain.com/cookie-sync?p=smaato&uid=d0c18034&obUid=E3Uc1XFfx2tvLplH1IuKNCmupMoSOX9f2Li17nqf33wbdMmfRhpy_lhnQ9Y47Wxi

Request Chain 641

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=2b9783de-689c-08d1-03cb-a10d90d6de93

Request Chain 642

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-71219d1c-f5e3-4888-6042-2239082a3e5f$ip$217.138.252.170

Request Chain 643

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-1tknwEJE2pe0ALg.Fep5A5i9Z1.P6hzoYVby~A

Request Chain 644

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=108b88de-78de-4544-957a-e4adb3ae4be2

Request Chain 647

https://b1sync.zemanta.com/usersync/gumgum/?puid=a_eded0877-758f-44f1-a009-c9572ea5e2c5&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://stags.bluekai.com/site/23178?id=_kB5siN-kRx1oTajYr3z&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2X3LII2XG2KOFVVVE6BRN5KGC2SZOIZXUJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2X3LII2XG2KOFVVVE6BRN5KGC2SZOIZXUJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=_kB5siN-kRx1oTajYr3z&us_privacy=1---

Request Chain 648

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://usersync.gumgum.com/usersync?b=idi&i=09abe07e-0fc9-413d-bdb8-ece6a460388f

Request Chain 649

https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1661313172603 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4107321429 HTTP 302
https://sync.1rx.io/usersync/tradedesk/1245ab29-5810-4c5a-948b-cac4ed82948c HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b63ab76e-7c82-4b1f-8f3f-d6b0cd20892b-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-b63ab76e-7c82-4b1f-8f3f-d6b0cd20892b-004 HTTP 302
https://usersync.gumgum.com/usersync?b=rhy&i=RX-b63ab76e-7c82-4b1f-8f3f-d6b0cd20892b-004

Request Chain 650

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=6as43YLsCpxp&ev=1&pid=558355

Request Chain 651

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=5902453871690295319

Request Chain 654

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://usersync.gumgum.com/usersync?b=mmh&i=963d6305-a091-4f00-a404-fe3f6aab10e4&gdpr=0&gdpr_consent=

Request Chain 658

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=ttd&i=1245ab29-5810-4c5a-948b-cac4ed82948c

Request Chain 660

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=YwWglMCo5tIAAFOKJcoAAAAA

Request Chain 661

https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=iex&i=YwWgkRkfV1XxQV2lcYMt3AAA%26901

Request Chain 662

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=Ghh1wcsVdh9rrn1XCQj8&pi=gumgum&tc=1

Request Chain 663

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 665

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L772YV4V-W-23GL HTTP 302
https://ads.servenobid.com/sync?pid=323&uid=L772YV4V-W-23GL

Request Chain 667

https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L772YV4V-W-23GL HTTP 302
https://usersync.gumgum.com/usersync?b=mag&i=L772YV4V-W-23GL

Request Chain 669

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YwWglAAIr33XswAK HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YwWglAAIr33XswAK&_test=YwWglAAIr33XswAK

Request Chain 670

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8707339851561806265

Request Chain 671

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=963d6305-a091-4f00-a404-fe3f6aab10e4

Request Chain 673

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://stags.bluekai.com/site/23178?id=LyngVMjr8wl97kuM_Ce3&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2TDZNZTVMTLKOI4HO3BZG5VXKTK7INSTG HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2TDZNZTVMTLKOI4HO3BZG5VXKTK7INSTG HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=LyngVMjr8wl97kuM_Ce3

Request Chain 675

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwWgkRkfV1XxQV2lcYMt3AAAA4UAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECrJA18fFhlMvq7b_m-AYKE&google_cver=1

Request Chain 678

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L772YV4V-W-23GL

Request Chain 679

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK8XN7z01lW1gm8tjGWYtKE&google_cver=1

Request Chain 680

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc3MllWNFYtVy0yM0dM

Request Chain 681

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=mFifrdryRdiAK_v7kzxUlA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=mFifrdryRdiAK_v7kzxUlA

Request Chain 682

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2E0YmRiMDZkYWFmY2FjZDk2NTMwODNhYzhkZWE3NGNlOWYwYjE0Mg

Request Chain 683

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/fGIwId4yEwMRayfIQp-Xyg?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2473978532262687344

Request Chain 685

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L772YV4V-W-23GL&sigv=1&esig=2~3dbc69cf9e4d60ee6e17a44b18ee505231e6166a

Request Chain 703

https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMOzGHWC-1EhYpFWNNnuC7VPyUS7U8Vuwix6rR3IA&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=

Request Chain 704

https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=871XxKS-XsXotwLF8b9KyfTrX8LovlXGoLpu-1G6

Request Chain 705

https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=smartadserver&ssp_user_id=dd5ee5f5-8a47-45bd-b4bc-be5be747ea6d&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=74&&user_id=171250307&expires=5&ssp=smartadserver HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=dd5ee5f5-8a47-45bd-b4bc-be5be747ea6d&gdpr=&gdpr_consent=

Request Chain 706

https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=963d6305-a091-4f00-a404-fe3f6aab10e4&gdpr=0&gdpr_consent=

Request Chain 723

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4CS7ylcQXcrTSusNbcF08q7nFD9S7XFSpqsVhvJc45EsF2iD52OPKsjIwO47Vzbj2ZDTEGBFAKJJdgsuGKUe4cYxMlvlCRf HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eDFsUkZVQzExT3FIckk1&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4CS7ylcQXcrTSusNbcF08q7nFD9S7XFSpqsVhvJc45EsF2iD52OPKsjIwO47Vzbj2ZDTEGBFAKJJdgsuGKUe4cYxMlvlCRf

Request Chain 724

https://um.simpli.fi/gp_match?google_gid=CAESEMYP7uAgJeAGjBVFcd-MwzI&google_cver=1&google_push=AehlK4A3MiDwYZNoujbOHN6RAuIAjt1869-23OOxzFyiEvPCtGMV-C9EGyRROaQ9YFz9v85t7hN9zzEQA4dEl2Sc0Toao921bX7hvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B60E422D7329441D89F5C7753CAD453A&google_push=AehlK4A3MiDwYZNoujbOHN6RAuIAjt1869-23OOxzFyiEvPCtGMV-C9EGyRROaQ9YFz9v85t7hN9zzEQA4dEl2Sc0Toao921bX7hvw

Request Chain 725

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKb-KHc-lMdzUmdD5o9q3Ac&google_cver=1&google_push=AehlK4BOlYfqXnzzBNPwWdEs1KbwvBOgH14E6jIOlcANnSsLGZ8wg1GNuyQ_YjW83n8Rt3IQgy8NA_rj2uL2QNsBBuDb27CiPf6OSg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTI0NWFiMjktNTgxMC00YzVhLTk0OGItY2FjNGVkODI5NDhj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1245ab29-5810-4c5a-948b-cac4ed82948c

Request Chain 726

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESECpORWJhJ9UR_ueTKEP2VXY&google_cver=1&google_push=AehlK4Dt_aGWmpbQAArkG5tO6r2QvQ7e1n1vLyi2lUW9B9FcNEoKcF6cd9JrXvBJ0AeEczLb03idhEOAXwUefFKTSP0oDF_cYav1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4Dt_aGWmpbQAArkG5tO6r2QvQ7e1n1vLyi2lUW9B9FcNEoKcF6cd9JrXvBJ0AeEczLb03idhEOAXwUefFKTSP0oDF_cYav1&google_hm=NTA4M3FvMDBMQkRHYTAwN2VXV0M

Request Chain 727

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEMm8dKzz_v66r5xCz1VGVik&google_cver=1&google_push=AehlK4CWJUB7I6FB2bkfgcAYGcmQ6jcXqlIQAIJvZXy1jmhiVg39QIQjGRgjxsNiHHwXCTOsyGSNWBFJiZcc4LN5rmbEs6YZOL0MOoI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTI1MDgyMDA1MzU2NzYwMzUyMTA&google_push=AehlK4CWJUB7I6FB2bkfgcAYGcmQ6jcXqlIQAIJvZXy1jmhiVg39QIQjGRgjxsNiHHwXCTOsyGSNWBFJiZcc4LN5rmbEs6YZOL0MOoI

Request Chain 729

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMimT_HnQAc8WHLjGTAOQiQ&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMimT_HnQAc8WHLjGTAOQiQ&google_cver=1&__user_check__=1&sync_id=3b55bb9e-2360-11ed-9658-140b6c3a0507

Request Chain 730

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=3b4cd115-2360-11ed-b6f5-123a28850107 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=M2I0Y2QwZGYtMjM2MC0xMWVkLWI2ZjUtMTIzYTI4ODUwMTA3

Request Chain 731

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1lX3g3bzdwRTJ1RjlsOERmVDdfUEtuRWRJQTFmdC5TcH5B

Request Chain 739

https://jp-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=963d6305-a091-4f00-a404-fe3f6aab10e4

731 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.boxofficeindia.com/
Redirect Chain

http://www.boxofficeindia.com/
https://www.boxofficeindia.com/

97 KB
13 KB

1740ms
1731ms

Document
text/html

2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boxofficeindia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40 PleskLin
Resource Hash: 4768d6c1ee328b715a2bbdbc4f1b9f295f2d09634d423385dd8375c8765a70e1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 73f9231499d1807d-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 24 Aug 2022 03:52:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GeIdx%2FkbDMNr8qMtsuu1MN55JZWhku8G1dPAL8qAMpXCJhkjvCRMimcTQyM9nLH97DkEtdXbsYUS4Y459AhsnONu68FvqRRKmtvnqw7T5JCjZUNJWZVok%2BIi92XdkkUB4VoE23mcfsRC5HjJt5hvYc33QDx%2F"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/5.6.40 PleskLin

Redirect headers

CF-RAY: 73f923147f610aec-NRT
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 24 Aug 2022 03:52:45 GMT
Expires: Wed, 24 Aug 2022 04:52:45 GMT
Location: https://www.boxofficeindia.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOUo0PafkARepP7qVr93%2F%2FUPw7hisg%2Fehw2u8u1JXWoyrkJIvJW69My3MTodz2hFmbVHU90dyJPHXBIMpxFWgWctslmiVmzqV4VeOGRnUYcCF1pTFzZhSs3OsO4J5%2BDvZfS5A5hOi9nBHW%2BrQck%2FdYL8q6y6"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 main2.css
www.boxofficeindia.com/css/ 23 KB
5 KB 17ms
15ms Stylesheet
text/css 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boxofficeindia.com/css/main2.css
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 095e90b7471dfea069449d16ef2ca344f72888a990242bf71ac4bd9dc255bedc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6640
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 13 Oct 2019 18:52:01 GMT
server: cloudflare
etag: W/"5da37251-6d80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8RBGrfjzDGFwbM6NZkBcwiraVTbG70o49HYRY7GjFY6s31LQFF%2BLxV1l4jlUXqmMcX27FL%2FqBUJ2D2ybwfp0%2BJwoiar5wjqfEc6KJ8d6Pe9gwt39SPzt2NdjbdVmnLfCNOZ2OQM5Bjllqy%2FDPy5bdZS9TByk"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-polished: origSize=28032
cf-ray: 73f92320c89c807d-NRT
cf-bgj: minify

GET
H2

200

afihbs.js Show response
b2cdn.automatad.com/geo/DMC6nI/all-geo-W/
Redirect Chain

https://go.automatad.com/geo/DMC6nI/afihbs.js
https://b2cdn.automatad.com/geo/DMC6nI/all-geo-W/afihbs.js

125 KB
24 KB

252ms
231ms

Script
application/javascript

212.102.50.50
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://b2cdn.automatad.com/geo/DMC6nI/all-geo-W/afihbs.js
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H2
Server: 212.102.50.50 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-575.bunnyinfra.net
Software: BunnyCDN-JP-575 /
Resource Hash: 99679acc7f08b1729bd11392ef596b59a4c04cc7cd5a4375042fa517080b43c1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
content-encoding: br
x-openstack-request-id: tx390d1008de3248468d9a0-0062b73077
cdn-edgestorageid: 575
access-control-allow-origin: *
x-iplb-instance: 28796
cdn-cachedat: 06/25/2022 19:44:16
cdn-pullzone: 87832
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-trans-id: tx390d1008de3248468d9a0-0062b73077
server: BunnyCDN-JP-575
x-timestamp: 1654525015.55528
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Mon, 06 Jun 2022 14:16:56 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-iplb-request-id: B95D01F1:575F_8E2CE366:01BB_62B73077_C333A9:0D63
vary: Accept-Encoding
x-object-meta-mtime: 1654524960.620657509
cdn-cache: REVALIDATED
cdn-uid: 02ba462e-865f-4abf-a9cd-22f9021b3a43
cache-control: public, max-age=120
cdn-requestid: ad83b0ab1c878961e8264a48caa57275
content-type: application/javascript
cdn-requestcountrycode: JP
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

date: Wed, 24 Aug 2022 03:52:47 GMT
server: nginx/1.17.8
content-type: text/html; charset=utf-8
location: https://b2cdn.automatad.com/geo/DMC6nI/all-geo-W/afihbs.js
cache-control: no-cache
x-automatad-country: JP
content-length: 93
expires: Wed, 24 Aug 2022 03:52:46 GMT

GET
H3 200 jquery-1.9.1.min.js Show response
www.boxofficeindia.com/js/ 91 KB
33 KB 42ms
33ms Script
application/javascript 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boxofficeindia.com/js/jquery-1.9.1.min.js
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ace650c118f14ec13b3b12f22b832f58433b10cc5b8bb04093fb8a5fa46aabb2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4232
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 19 Feb 2018 01:49:48 GMT
server: cloudflare
etag: W/"5a8a2d3c-16bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jDYexReL%2BW5WW3UpxCKwRQA7yWNjRjmrtwRnXI5PkiYuOvUz86qDA8mBziSJC1SW0Dfv4NxTtUSU%2ByCNEgnQAidWCw7U0Zte3Gq1hhSgVzfO0q4AQYbtU3kH5YZOGvi5yNBH5Qu%2ByERli55nN9WXjfGCyVrg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 73f923214cafaf5e-NRT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 54ms
5ms Script
text/javascript 2404:6800:4004:826::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 17:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Aug 2023 17:26:20 GMT

GET
H2 200 cookieinfo.min.js Show response
www.boxofficeindia.com/js/ 7 KB
3 KB 17ms
17ms Script
application/javascript 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boxofficeindia.com/js/cookieinfo.min.js
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d3de7488ac6723f0788c9a774701fa787e513a6b03ea875b6ea5c3ae5e2b426b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6640
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 May 2018 12:45:27 GMT
server: cloudflare
etag: W/"5b0aa867-1de8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SEEEW2WpwRUU2k2JqjWQsRJiNwRyBwBhwu%2FlkPc8vquLoiMFOQC1EgOR1RExjoe6eH3iajct9W2DXdixlMTMRnTiA4XP5rOQ6ZKgLac3L20ZV7z1vcssFbCfKTeNHOcrZSFLnhvbz79FAoi9XAdf3nlJ4IYu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 73f92320c89e807d-NRT

GET
H2 200 nonmainv9.css
www.boxofficeindia.com/css/ 2 KB
1 KB 17ms
16ms Stylesheet
text/css 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boxofficeindia.com/css/nonmainv9.css
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2c709c99b96e4ecb81493a0041e026a3cc6acee144b7833eb6940845dc451527

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6640
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Feb 2021 00:18:26 GMT
server: cloudflare
etag: W/"60232652-c4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AuxR5FXRCHzk0VB7Wy6WE3sVsvqZTuuprWg2flJAtY6O0VPVt9OsADWpnutczN7QbKoE2FCSf7VJ9zoe5r6gupkY8J7bQf5VQL6NMbMERKUUcH%2FPQ71PfR8ZIxibQ2mrZtBevuzIlqWO4z9lw6f2o96jG5C4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-polished: origSize=3150
cf-ray: 73f92320c89d807d-NRT
cf-bgj: minify

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 189ms
48ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc6be4e0446cd24ad821174f17712c4656266770325e9f8036343befd4968721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28511
x-xss-protection: 0
server: sffe
etag: "1312 / 389 of 1000 / last-modified: 1661293254"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 24 Aug 2022 03:52:47 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
56 KB 166ms
79ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86638d29910ee927acb9ac424fbf35346f822fb9154e96d149ba69ef28ac0fcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57161
x-xss-protection: 0
server: cafe
etag: 8954910028092487161
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 24 Aug 2022 03:52:47 GMT

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
33 KB 50ms
3ms Script
text/javascript 2404:6800:4004:826::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 01:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 01:42:18 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 31ms
6ms Script
application/javascript 23.45.60.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.60.123 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Wed, 24 Aug 2022 03:52:47 GMT
x-host: s7.addthis.com
content-length: 116423

GET
H2 200 searchtoday.js Show response
www.boxofficeindia.com/js/ 742 B
570 B 741ms
741ms Script
application/javascript 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boxofficeindia.com/js/searchtoday.js
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 29bdb3358664e9c6e64a09c5351cc9bdd77477c3e80f06c6aedc0b1afb60b1ef

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Feb 2018 01:49:48 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"5a8a2d3c-2e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Yn8GQOc1bLFnIAqhc5TrC%2BEujXzsNvVHv%2FqSKeSOaXY4rBH0Su4DFKXfJ41J%2FwPP1V6RyK1W2xJaVnn9RZxTKJfL8umjMLkLvljwX41tGSiYUe7nYXHczxR6BKmsFsi8D1wAL0476bb%2FD4Ll3aJHpxtvylr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73f92320c89f807d-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 logo.gif
res.cloudinary.com/digitalorbit/image/upload/f_auto/v1496908452/images/ 3 KB
4 KB 48ms
14ms Image
image/webp 2600:140b:2:995::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/digitalorbit/image/upload/f_auto/v1496908452/images/logo.gif

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:140b:2:995::523 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

099ac46c3ed43ef118ef9e4f77c550212cf529c96cb193f1adf0ad2e0396956a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="logo.webp"
server-timing: akam;dur=13;start=2022-08-24T03:52:47.593Z;desc=hit,rtt;dur=0
vary: Accept,User-Agent
content-length: 3268
last-modified: Thu, 12 Oct 2017 09:32:17 GMT
server: Cloudinary
etag: "f6c85877ab574c848a0ff7a24fd4c036"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 searchicon_white.png
boxofficeindia.com/images/ 3 KB
3 KB 81ms
11ms Image
image/png 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://boxofficeindia.com/images/searchicon_white.png
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b17391e7b6a14292cfc3fb1fa6de5cb222006960628fbba14e189203e96528c8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
age: 4333
x-powered-by: PleskLin
etag: W/"5f4763c0-c65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKZegGexQHe%2F7Qpks9F7pQkxRQb%2FF%2FOhva3dR658W1%2BhnPJrDYfYq1hNUiGzvwKgNQPvqFp%2F1SRvG1YhRPmp7KYxtdD134c4XQYgdFC%2FZ26BEPbStSrMFAhClvGUTsiudBtWejlzH7fEipEBwVW46J4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73f92321a9d2807d-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 twitter.png
res.cloudinary.com/digitalorbit/image/upload/f_auto/v1507769816/images/site/ 4 KB
4 KB 47ms
14ms Image
image/webp 2600:140b:2:995::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/digitalorbit/image/upload/f_auto/v1507769816/images/site/twitter.png

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:140b:2:995::523 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

f1c0d485992e67935a69a2bc86c64e8b8218a82734299e114c5e861fe80070a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="twitter.webp"
server-timing: akam;dur=11;start=2022-08-24T03:52:47.595Z;desc=hit,rtt;dur=0
vary: Accept,User-Agent
content-length: 3678
last-modified: Thu, 12 Oct 2017 00:57:27 GMT
server: Cloudinary
etag: "9e0e91597a4e396e53d1bf3932462ec0"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 menu.css
www.boxofficeindia.com/css/ 2 KB
1 KB 13ms
12ms Stylesheet
text/css 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boxofficeindia.com/css/menu.css
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 1b7f68da1697f3fbedd9b00bce11ab23db418223a5e8ea6e67c1c588e990f989

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6669
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 19 Feb 2018 01:49:41 GMT
server: cloudflare
etag: W/"5a8a2d35-7f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zVNWy6Thx%2Bgr74MXbQEB6nF1kLZvTnHSY%2BY8hjKz0XQ0ftZXOxbnHw%2B3q%2BiQVyuo%2BgZL5ShgBEyNXit1S4F6q7AenesGBT4DzQR8vdRdFJtcuDBMUeBdy0UNWYbn2zgFtpH5zSOcJq1KhCm25gv42%2Fm8FsRl"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-polished: origSize=2039
cf-ray: 73f923213c93af5e-NRT
cf-bgj: minify

GET
H3 200 menu-24-24.png
www.boxofficeindia.com/images/ 3 KB
3 KB 44ms
36ms Image
image/png 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/menu-24-24.png
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2b0fa232767926bc915926a5c6df5c3b7ca44d5b233cce88e54779a09da894b6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
age: 6665
x-powered-by: PleskLin
etag: W/"5f4763c0-b43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FJ205L2cejAEm5JrzqiZT5iUn8WHPd85%2BbOZIJd94z%2F%2B6oQNTGgDQstXhbHFVFRr3mDqWo4W%2FwmQZRAiuU5yWc5y4yFrx5nvpglWiaGzU6SzWcJe589SHOfph%2BwIKYScgG3kPh30hJiy03%2BLYzX%2BVMUJKSw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73f923214cb3af5e-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 closemenu.png
www.boxofficeindia.com/images/ 3 KB
4 KB 44ms
36ms Image
image/png 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/closemenu.png
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 183e8773b69454665713b547b2db9c6d7681421fffd8f083f0ec719c21c172ec

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
age: 6665
x-powered-by: PleskLin
etag: W/"5f4763c0-ccd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xq5A1gyGSeRHJ54yVre7iJKB5gCqsnF9dHVJ5%2BKIArSMgltEY2kODIAZMi8rlnzzUHrH0%2F6SC2ioiWINGkW7M0T%2FXdISGFdfdF534i3xHoyvXvWdr5eadDtuW0xq4gCq3%2Bp98ZknXeNTU9cP3zhUJ9KuCYE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73f923214cb4af5e-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ic_search.png
www.boxofficeindia.com/images/ 1 KB
2 KB 44ms
37ms Image
image/png 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/ic_search.png
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 6ce81f08aecbd0638539271366885fc097d40533721999e05db0f465362cc35f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
age: 4232
x-powered-by: PleskLin
etag: W/"5f4763c0-539"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QT5fUqwZrs8Hwmi%2FoLkR5XVjpppK5SJ2SgF0kOI2ynK5%2FiEp0u5pFY%2F32mhmbH8x8rIpBvOihrF0PBy9mmJqpHOwrWXezjauHJS5UJJ8piavW%2FnibSs601%2FsGV6dLNIz0W5gLJG3Hi1USwjIOc7CQodGlnXz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73f923214cb7af5e-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery-ui-1.10.3.custom.min.js Show response
www.boxofficeindia.com/js/ 148 KB
40 KB 25ms
16ms Script
application/javascript 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boxofficeindia.com/js/jquery-ui-1.10.3.custom.min.js
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 1be0caa46a9e436a2c6e97edccb049a20028c9c4bbb2d89e6f0ac0996f1ef46d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6667
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 19 Feb 2018 01:49:48 GMT
server: cloudflare
etag: W/"5a8a2d3c-24e97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10QnSNa4ktCQhXCQj72d5bjdCaCM42lN9aa%2BIVX5tcBaP9nTrZjVusn6FTs0XmVja%2BMxZJ7O%2FmJ%2BEA7TSUnEJPeyCRd4XSV%2BGwpfspXmwXflTiHdSkwXr%2FlUGiaqKPO%2B4lKekn57IOsL3zw5Fj711%2BLByAHx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 73f923214ca9af5e-NRT

GET
H3 200 jquery.autocomplete.css
www.boxofficeindia.com/assets/css/ 21 KB
5 KB 40ms
31ms Stylesheet
text/css 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boxofficeindia.com/assets/css/jquery.autocomplete.css
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: db3aff06ca04ab63225785780f356fe8f027d48aba9b87693c95da8a08a4b53e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6666
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 19 Feb 2018 01:49:41 GMT
server: cloudflare
etag: W/"5a8a2d35-6ef7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGO%2BebEDnL1WmYh8xsISgGdKAv%2BFXQw3m2gvy6hIeFvJ8oWw6wZ8pDrdgMbnJBjKeS0HaCzzmK5tn2CHRYtvCtucWA2hNmHoFgf7YUMl%2Fg99q6wTk%2BxWVSScXpUAjSwuKUV9igfWGGWm7f%2FKwkbEXBdqaR8x"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-polished: origSize=28407
cf-ray: 73f923214cabaf5e-NRT
cf-bgj: minify

GET
H3 200 img16162407891860655104.jpg
www.boxofficeindia.com/images/banner/ 26 KB
27 KB 44ms
37ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img16162407891860655104.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7cec514472ec113f9ac78f47019d0d1af84e0d6919454c86fb0c05fbb6445011

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4232
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26832
last-modified: Sat, 20 Mar 2021 11:46:29 GMT
server: cloudflare
etag: "6055e095-68d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lheyi2Xzc60uMIeQUjJIcR3U3bwW0hWypBkbzD07Z0kKXPHbD7JowhJDN3KlAYdcakg8vgOzT%2FhYjBOW%2F4qI5AhtE385vcYiL39s2TEfyBRGiesaf3iM55rxGpont11a5772isPA94Q5Z7OhApJYRzCIWMWX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214cb9af5e-NRT

GET
H3 200 img1615551064331462818.jpg
www.boxofficeindia.com/images/banner/ 47 KB
47 KB 31ms
24ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img1615551064331462818.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: cf1a35b3144120adf15f9d6f77b8517db1c3e703cbace87aeaa58e4f6a704d23

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4232
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47798
last-modified: Fri, 12 Mar 2021 12:11:04 GMT
server: cloudflare
etag: "604b5a58-bab6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IjmmcCZH2K50C%2BGxRxzWhGjV6L3%2BZWYZyo5hHGCHVBPEgjzt7exYiuGHwVuEgtMUviJdUOtPFUXMz1Dmrqkf6%2FTlZC8vrn6w7Sh8hANcSRCUDC0PeCYIhPbylGJhkY19LEH1zbov1Fws38xfzhcz4%2BJ24Yk7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214cbaaf5e-NRT

GET
H3 200 img16122949021318668640.jpg
www.boxofficeindia.com/images/banner/ 30 KB
31 KB 32ms
25ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img16122949021318668640.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 14a89855d12154857fd7c363dd34f41c3eb62ad56bd6429eaaf394c0ebcf0d92

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4232
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30665
last-modified: Tue, 02 Feb 2021 22:38:19 GMT
server: cloudflare
etag: "6019d45b-77c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQCyGyEQh72F0FRW18ynHP97QEJZUL7sJnW%2BmjRVEHzAkionKXX5EZChmprHK22vPoXwWIb3Y2t4dnx7%2Bfz%2BhKVgkQJAoKqjgJo3kuR9CyCB55a1P0r7AzlgX8k%2BbTzxagypsx3vBUlSIkYtKfRkTJfAXp51"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214cbbaf5e-NRT

GET
H3 200 img15792577021810216261.jpg
www.boxofficeindia.com/images/banner/ 53 KB
53 KB 46ms
38ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img15792577021810216261.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: eaf53384b599f82c341a8cdbab5394a91871caf0499469c52d8fc2dd599d83b3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4231
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54169
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
etag: "5f4763c0-d399"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJBHdenfkZ82JT1%2Fy6ukE0KcqF1rPJ1zG3X2JYiRK3x%2BO9SakEoXdYghJtLBouYVUmgt8AIiM5BMGuavuqw7j6XVcJVTGj6hvHzbDeeArBUmyLbocIZwaOt2LjgQibSThPA9BBKyTBPgyQi7USY%2FgnFciQq2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214cbcaf5e-NRT

GET
H2 200 twitter.png
res.cloudinary.com/digitalorbit/f_auto,q_auto/images/site/ 4 KB
5 KB 50ms
18ms Image
image/webp 2600:140b:2:995::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/digitalorbit/f_auto,q_auto/images/site/twitter.png

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:140b:2:995::523 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

9720a6a68f5d7ab0a04307b019d60bec90fd5afbbe6dc178dc1bb1f6e249bc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="twitter.webp"
server-timing: akam;dur=8;start=2022-08-24T03:52:47.602Z;desc=hit,rtt;dur=0
vary: Accept,User-Agent,Save-Data
content-length: 4398
last-modified: Mon, 12 Feb 2018 02:07:29 GMT
server: Cloudinary
etag: "a0a9593a2c7756a7416093c0c6585e00"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 img13655940911588294002.jpg
www.boxofficeindia.com/images/banner/ 31 KB
32 KB 25ms
18ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img13655940911588294002.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: df5ad30f6e64c83076c584acc5bc5c6dcc705df703d830af45b56c368a38238f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4232
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32051
last-modified: Thu, 27 Aug 2020 07:41:50 GMT
server: cloudflare
etag: "5f4763be-7d33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZImztS8FG3TTmU2xwx5g45vQptXanYJhkQ%2BJO6lrFNFf3ylSA8g8DdDYIfRg327ZTGJhLCD%2FLxzfp5%2BAfRRINpOHpM%2F0sq8%2FYBiJxxOaZx5YlpvW%2BpnRT28mXNzuvGlvAtqIDfZd5Hz8A0knwz94Zk2178v"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214cbdaf5e-NRT

GET
H3 200 img1535466182780408257.jpg
www.boxofficeindia.com/images/banner/ 25 KB
25 KB 27ms
20ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img1535466182780408257.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 895653a3daa8e57cb5c7ea2269fc46ced02d4a3781adb0f0256b4de736204ea8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6665
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25423
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
etag: "5f4763c0-634f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EBd141n4uLiIL06zQ8Jx9HfTRpbWhDYLSes3lzkmIPGd3feLtqRZJKAdOCx57CI3%2BrhN93TU%2BWO4r%2FaRASguhXGj5FE21N2Geli2ZUEMAL0NhSuRBQKAM6xuDlxOWJD%2BP7w9SitXphhzuQBURoPj6MrsY9c"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214cbeaf5e-NRT

GET
H3 200 img1346556730.jpg
www.boxofficeindia.com/images/banner/ 28 KB
28 KB 50ms
43ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img1346556730.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 46e73d77a9cf5c0cd3dc19d9942ac6d8efbcada226c716c6a9134113f09f84a6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4232
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28258
last-modified: Thu, 27 Aug 2020 07:41:50 GMT
server: cloudflare
etag: "5f4763be-6e62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVhnB5Ycyo6JX9Ko5iF%2BnqvE6wMO42xiozYsUcxMs3Q4Y8sINMO2AIY5dePBjpHCwqbiV%2FJ97jxTfjzwMSrii0Vyx99MP6QwyGFQqc56u51WiHq4ijgONEGRIdg7Of%2F%2BegdnPQEzQg45WAsNKgrBS4q3UmYo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214cc0af5e-NRT

GET
H3 200 img15354661971772316063.jpg
www.boxofficeindia.com/images/banner/ 50 KB
50 KB 51ms
44ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img15354661971772316063.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: eeb1b2b9840c7e9cad04035650630f222413c85af61258555022504eefe5c214

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6665
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50786
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
etag: "5f4763c0-c662"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eB2D4LcgnelE1yE6ro9UOAtxSgXe0%2FStYSJ1u08Szny8i6m3wgZ35U2hqUYCnvJhD3O%2Ffi8dSyYjWdGOYApJqFHdPD0rSIGlYUhW1tY8FZB2uITyxJgJRoD7YateRws6BEiU%2BoNzGXHrTrdDhVigQjErbiwe"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214cc1af5e-NRT

GET
H3 200 img13886724231141021664.jpg
www.boxofficeindia.com/images/banner/ 27 KB
27 KB 56ms
49ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img13886724231141021664.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 3ff72b17b07122566144c2400b6026774d7a4ddc45317102910930014f8eb952

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6665
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27291
last-modified: Thu, 27 Aug 2020 07:41:51 GMT
server: cloudflare
etag: "5f4763bf-6a9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rs0ANKNP0o0MfKeATPfHOjDF%2BwKDPQIH3N0q2gB%2BcN52VkiN0hOpSFwHgQngpP9RNd1vA88zzzYYDlC%2B5yQbNiTmWaf%2FZJR9ccTHoAm0nd0DSbmEnn2HPV4ziu8YOU%2FzrSwqBD9NK%2Fh6bF7rSVa7LOxnThUR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214cc2af5e-NRT

GET
H3 200 img13886722831599608406.jpg
www.boxofficeindia.com/images/banner/ 31 KB
31 KB 51ms
44ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img13886722831599608406.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 12c37417a9559a400fc1b04154da6cb726fc763f24e02d204bd7cdbdf8b175b7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4232
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31486
last-modified: Thu, 27 Aug 2020 07:41:51 GMT
server: cloudflare
etag: "5f4763bf-7afe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eP7e%2FhoTD7PPagyfPP53DbLdgOZ1eMTGV%2FWo9DYU2cAn6gEq0sqZZSdQK5OF2kPAQx1%2B6u2TwHPK3rD2px01dmywEoPy2NR4dmDFESEgSmI84Xl0GKldv%2FeyAy7HWgkCPaPpDhM2sWdt2dFVk4I6TR4xKi2p"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214cc3af5e-NRT

GET
H3 200 img1381438250780784187.jpg
www.boxofficeindia.com/images/banner/ 31 KB
31 KB 52ms
45ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img1381438250780784187.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d98a6aa44217193899ce95ec6790a174707054cfbd00e7e01ad770e1fc2d6265

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6665
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31450
last-modified: Thu, 27 Aug 2020 07:41:51 GMT
server: cloudflare
etag: "5f4763bf-7ada"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FpHyCS8YsDAiaWFkaDfz3ijMF9ljucUXYmGrRAFMUJvjfLofOlT1KQdhA3TM91J9068FtzqrAABAzjLbodL1SuZNw2Fi83qzrX3YRD%2B98NRLqSQhqaYu5LL%2FQ0SlNsCBnM1E3zgIVdeKqn%2BN02tCwx1%2FwmtE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214cc4af5e-NRT

GET
H3 200 img1352098486.jpg
www.boxofficeindia.com/images/banner/ 22 KB
23 KB 53ms
46ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img1352098486.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c11dd82c00444386868979f280f0e0e78e332f77b3d10087f76789c07ae7ee0a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6665
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22765
last-modified: Thu, 27 Aug 2020 07:41:50 GMT
server: cloudflare
etag: "5f4763be-58ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0q%2FVFkF8eIG5Wrvd9sF7LABfSzgD8z%2BFUlCxk9ulOB3dnIElAtkPv8QikGHh9zsgdGBF7fhQFYdSHJAHfckniHPcmxcsIEALIgAYTZiv8mRN6MpHYSKyG4%2FlwdwDPudyGDAZzZcJ9F5uTiESHaKv4PzD8hK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214cc7af5e-NRT

GET
H3 200 img1535714296427883822.jpg
www.boxofficeindia.com/images/banner/ 25 KB
25 KB 53ms
47ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img1535714296427883822.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 88478a16242dc2c267ae33998cae387347259f0285bd7abcf7200f20059fd6ba

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4232
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25474
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
etag: "5f4763c0-6382"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYUw%2F%2B10J6m71o9NwErBBpgKCM9zcnZViooibkwY99o4lnzaJYN2U5ioC9ctkazQiCjRjkge%2BIyXlIq87%2B8dqqSk5KuQEeULXC42LQhCzmEsOCxObZY0OXhO4i4eX2FC7cWhNSVMqxD7jvpn%2FJ1kz5ag5lI%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214cc8af5e-NRT

GET
H3 200 img15357143261263175041.jpg
www.boxofficeindia.com/images/banner/ 24 KB
24 KB 53ms
47ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img15357143261263175041.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ea5f392fb98aa9bba82f496c74ba2db83ebe569b7c674706755d0a02e0714851

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6665
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24417
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
etag: "5f4763c0-5f61"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwkDWjKjb105ok0kvcswx01C8MxQQ1SCsnw5PnGA5mFDYzyyZxIU97wuiNOwtCg4D00KSGLOnSHI0739cXdSy7Y%2BeAA2TnNdJlqdEjguuHGEtzp8iX5OaygHC3h1eBWHFVktsDh16ewczrABK8fDSPNtcc%2Fn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214ccaaf5e-NRT

GET
H3 200 img1535714341638775301.jpg
www.boxofficeindia.com/images/banner/ 56 KB
57 KB 54ms
48ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img1535714341638775301.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9524ee51f84f8f02878b16ba6d477709b7e5323d5614a1c5fecb30d1eee54cf3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4232
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57761
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
etag: "5f4763c0-e1a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9mDCOxUuwYcRvdBoNFrpxJcLBp6dg9DBn6bE1OS6waVm4pBxNIBfk9jTJcidIKHQlZO8bkZhCNqX1AjLhNl0iaTJ7rV3u7VAQ8X22YYZ7lx1%2FT0vDpXv0jHiBRBS%2FJ5X2Znl%2F147hmLiXS6%2BcqYtVmMfUjJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214cccaf5e-NRT

GET
H3 200 img1535726819405047960.jpg
www.boxofficeindia.com/images/banner/ 46 KB
47 KB 56ms
50ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img1535726819405047960.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b92633cd841a64b02c6ebfc17b6f2d0e1824fd38ffab2408b4bbc154c048f74a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4232
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47220
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
etag: "5f4763c0-b874"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTcJqlmdSyN%2By%2BCcCHcVspgUBNwMJuzbXAkoPrkI0Gt0ArUAo3qEXfdAguMoYudYy6tCoFe9JJrnIgwOWkNGzCea386Ud%2FJ6EOWhdZUb0c%2FgrRpiCWFOK8dZ8FV6O91yZlsstPl5e7rSdsRhQSE305%2FbMjrb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214ccdaf5e-NRT

GET
H3 200 img1535726835888221023.jpg
www.boxofficeindia.com/images/banner/ 106 KB
107 KB 57ms
51ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img1535726835888221023.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0eb7dd280ac7d2ac5b931ff77451b75f16051337b46c779ab46d28940406e2de

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5505
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 108742
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
etag: "5f4763c0-1a8c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5IslO98jNXuqm5yQiEOk5D44ShpoVnD2%2BxsXFkJOv6Ub86YE30qf%2FUliwuDKh50vZ3mx01Fe0ukw2uceNqfqQVrwRySP8Ghu9FhufFV%2B62Gv7d9utJknCtn5oq%2FFd6XHpBxmWtHty3Ffb%2BxvpugYONrFfKOG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214cceaf5e-NRT

GET
H3 200 img15714109401215953194.jpg
www.boxofficeindia.com/images/banner/ 35 KB
35 KB 59ms
53ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img15714109401215953194.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8dc19a243138f9753b0c404d3b7865e8f6b5359c4d4ee2c873ee33055bf126cf

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4232
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35518
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
etag: "5f4763c0-8abe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7kRzpoYY%2FXTxWupzS1roNLXH7ifRNCE%2FbpKw6rcIZjfxb6keunGpJdCBURA6r6BxdpYAPYro9qvyYLvAWUv%2BJpDhI8lTH%2Bueme2VpQqieeEHU56nhXFFx3xeTMWNz6CrSP3cdE1c3nJCSjpkQH3S5VBwu4U"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214ccfaf5e-NRT

GET
H3 200 jquery.bxslider.css
www.boxofficeindia.com/css/ 4 KB
2 KB 41ms
32ms Stylesheet
text/css 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boxofficeindia.com/css/jquery.bxslider.css
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2774de1e90bbe1d5cdd7524a2cbb0fe62ecb174698c30ad23f8c6b8381b21703

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4232
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 19 Feb 2018 01:49:41 GMT
server: cloudflare
etag: W/"5a8a2d35-eaf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgmZHPqLF0UM6o4TSiL5YFQrCU1TU3Zeta%2F0igOR0O8cTqJ%2B%2FXxAQmhH1201qvfpIVyTjxhgApcNNc243PDB2kPQiFBd0%2Bpm3tXIdrebFVijzE6n2SvMF2MQuzL0CoBq%2Blwym4m26VpEiWZV3HJPukiERdNx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 73f923214cacaf5e-NRT
cf-bgj: minify

GET
H3 200 img1546008729546709218.jpg
www.boxofficeindia.com/images/banner/ 52 KB
53 KB 60ms
54ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img1546008729546709218.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7886430c2a932a60b30b5c1c9a03aa7e969963a64ad68140d7e2c4d8b1e9bf85

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4232
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53274
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
etag: "5f4763c0-d01a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qS%2BzivgH1tDCHPXdNqwXkCu8%2BDt1Ch5vHea5u21QlM1o8jen2K8FcH5UZIZ2SwgS5obBsN1NsfslNflu7dimv0bhahR7TQw5Y5mTDlRQKPq5vF4ec6bKlB36Y%2F92eX%2FVcP4Z8QoEU3E1cMcFJGZMcp4aJajp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214cd1af5e-NRT

GET
H3 200 img1545575054387047998.jpg
www.boxofficeindia.com/images/banner/ 24 KB
24 KB 61ms
55ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img1545575054387047998.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: cd2ae92ac120239d5a81cde6fc6518a5afe3e1814b2a946542c898ceb6d1adf4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4232
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24251
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
etag: "5f4763c0-5ebb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G7S5x5T3widHP4zvoU5syRBC7FaogcSBnkwW5%2BpJNE93nS2Lb5Paf0hhEa121huXSPPlka7u0UmK3%2FQ94yylWZIZ2FqOB0nLrq%2FGY3vfloLamiuAMTW2X8il%2BNyZOhlk0g4GR42TJtwNZ9CWgosreI6ad9g5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214cd2af5e-NRT

GET
H3 200 img15442931471124229784.jpg
www.boxofficeindia.com/images/banner/ 50 KB
50 KB 61ms
55ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img15442931471124229784.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7a582bd1a187c1433c4779598eb31ac5601710fca5676c34b3667dbb5928d70f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4232
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50987
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
etag: "5f4763c0-c72b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfQ2PdomDTB2ErsHOPBHJBdygoXR7U2rusnwv%2BWTlYSwvmfPvqTy9KOjbPtamrob%2BOBkKjZgd37YFKxf1nSvqn1HJ07cOHROz3QJufks5QpnoBdAJAwzQ0SoRLNjx9MNmgDJvbhRFY%2FobsoUZgC6Js6V%2BSd2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214cd3af5e-NRT

GET
H3 200 img15438627811363944682.0
www.boxofficeindia.com/images/banner/ 27 KB
28 KB 765ms
759ms Image
application/octet-stream 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img15438627811363944682.0
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ea0efb4d31ddc11bb91d6810bd7a036554e3ac87c1c4778954b6c10937a5ef23

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
x-powered-by: PleskLin
etag: "5f4763c0-6d7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SuAJgVeX61EVk8n6oE42pgNrRYouy9Ex6FbehBAiTN76FmkmLWOwh6%2BfJoWFcPC180uknBj4e%2BhLMODiobjHs2cmqIBDM8BNmSvwRWbYQVWmSLcC3ArPjE7X4SEhorBP8qcsB1%2BjvhjXpRyZpBwq679Y36NN"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 73f923214cd5af5e-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28027

GET
H3 200 img15416730982022711619.jpg
www.boxofficeindia.com/images/banner/ 28 KB
28 KB 62ms
56ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img15416730982022711619.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c135599cca997ccfbf1610b109635d870446b8688753a9653bf36cd4888d917a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4232
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28190
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
etag: "5f4763c0-6e1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3ClzlhGVN5SyPa%2FIVdbrt6DwNGLhLfo8X95u0LctUYD60JqjHRnwmquXUXPT3xk3iugNFKMzYUjrApdxiTKcYGVXPey2wFMKEL%2BkjCcyyGwSk%2BggqOkOguZG0V%2FofgnC7kVVvFccSvHOjyRuxP5uLSMceaX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214cd6af5e-NRT

GET
H3 200 img154083069053124640.jpg
www.boxofficeindia.com/images/banner/ 33 KB
34 KB 62ms
56ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img154083069053124640.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 85ad668b5ed7d320ccf17ef31af972fbcf59643a86bed87b6ac93347ea617170

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4232
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33926
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
etag: "5f4763c0-8486"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOfloe2GUZI08vmFKb8kvGYA6YEwMJKmuC%2FjnmeZLQ7Tltt6PnOuSBvo6%2F%2FBXH3%2FjwwOhegrTk2VuwcKCpGwmgdCZ9N0XcZTGyfRgM%2F6YujU%2FEKn8jeCFAzhlFGS50S%2BIv%2BNcPWtU%2BqHTEB0VkK4cu%2BDSr06"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214cd8af5e-NRT

GET
H3 200 img15402157002077977547.jpg
www.boxofficeindia.com/images/banner/ 31 KB
32 KB 63ms
57ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img15402157002077977547.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 64b2f0acce259e131bb74d23f055f981418a10f7c254798c1c973a2ac89bc770

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4232
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31904
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
etag: "5f4763c0-7ca0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJda7v84aeL%2FOUeLtZ6rVV88wa3WpHgu6VOu%2Bs1fcQeTxHyNpEOYSBxHeb7fzHaEDaj%2FFmbp8efCmjZxzGeKVNrlXtNnAShoZ8%2BhDyvnlYBDytjZuQBkdYVW%2FMi4PYgV8PV8aMHy0VZzfZ87zRzTWQ7409K6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214cd9af5e-NRT

GET
H3 200 img1539096615482511740.jpg
www.boxofficeindia.com/images/banner/ 27 KB
28 KB 64ms
58ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img1539096615482511740.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4e280a6f91ac4adf890345877da182c039065b379a85c0892579fb20b5c9916d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4232
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28105
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
etag: "5f4763c0-6dc9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iukd3Ex%2FcwUtgkzAF%2B6pkoQoyAZ26BVUv5%2FO90OkbvZ6s7ubi7i3KC70%2Fq68EgLOQRmtT9ahOifTttd6mdH2v9GtMTQWE8SMtppvgGHzfiW65Yf%2FIxdsGvqDbBssI7g3B4ysVuedmS542hsxIBpavNE6OtAf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214cdbaf5e-NRT

GET
H3 200 img15383166932021441975.jpg
www.boxofficeindia.com/images/banner/ 51 KB
52 KB 64ms
58ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img15383166932021441975.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0e2691b13b7f8b7f6dbbd8ca66b8bf318aded250d40a9ed581026609ca2a8aef

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4232
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52291
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
etag: "5f4763c0-cc43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZ3s2AcMiUzUyL6YIS5BAw5exWGsUE1uIQSWh%2FTvFGxm2YylaWII2QwOxo91fobAGiB2e0fg0SoTCo82NRBqhO2i6f2csDAqHoAZqoVRYeJQhQnEORL5jJr%2BBXGBRE7dFVvk4bJtNeLfQrPoTcmmeO8A5d5q"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214cdeaf5e-NRT

GET
H3 200 img1536684315211550934.jpg
www.boxofficeindia.com/images/banner/ 47 KB
47 KB 65ms
59ms Image
image/jpeg 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/banner/img1536684315211550934.jpg
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: aa218364b4558f9bd5867e541c2fccceed55ea6a4c7c57708bfdd183dcd0acef

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4232
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47846
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
etag: "5f4763c0-bae6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dz%2FJHwQljM3%2BMS4zVmMjZ4dZwNiwKfAf2Ri341Ckk2FHHVSPkyj7TqTWunKT%2B6%2F1K7jsZK6B6E%2BzhopQKA5beacSXLnZNkiSwLtYwt0PwJjyU4DGfd97lzFzP14SkxRu1tH0ckrNKYEAkF6fWcbiusi%2F9dux"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923214cdfaf5e-NRT

GET
H3 200 modernizr.js Show response
www.boxofficeindia.com/js/ 10 KB
5 KB 66ms
60ms Script
application/javascript 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boxofficeindia.com/js/modernizr.js
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 675ca3697d9188b08e1abf3a3654c6a39a179c65821594bc4dddc5bdf1171808

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6663
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 19 Feb 2018 01:49:48 GMT
server: cloudflare
etag: W/"5a8a2d3c-2697"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBSs6ZAGPe1jSOLxXl%2FWNV1Wv%2BWSpsgkrNa7VN%2B%2BsImoxEyvPcCO0x0KT7%2B2e44CMdKQe8qOSvlwDuTMt2KQft6aGqTqnoovI0qU3td9U2ihRT4T68E%2BenlfhPM1DH5X5FH0%2F77X8wcOC2kAHR1EGoRPA%2F6P"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 73f923214ce0af5e-NRT

GET
H3 200 common.js Show response
www.boxofficeindia.com/js/ 515 B
812 B 66ms
60ms Script
application/javascript 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boxofficeindia.com/js/common.js
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 643fdda09f979c961afe462b89fd2d2806e7eb216133c50e19e4a51d6a356de0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6664
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 19 Feb 2018 01:49:48 GMT
server: cloudflare
etag: W/"5a8a2d3c-203"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWYtT2AmBi35vnps494eeK%2FxWbIf1UFCnPXZCiN4IJoJMOkdgrMtC1XrUkf%2B02Tt2e2iFwDMcz9rnw2OthCwDRvCc4KG%2BnI3NbDdMZUTChP69sMf7Mue8JGBqJyaAQYnAnvYwJLmBmTFaTBUcgUrfs8FQlFS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 73f923214ce1af5e-NRT

GET
H3 200 jquery.flexslider.js Show response
www.boxofficeindia.com/js/ 21 KB
7 KB 66ms
61ms Script
application/javascript 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boxofficeindia.com/js/jquery.flexslider.js
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 98e6ba29154b122864fc6b771bb66568733e544622dfb77721ad30275341c375

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6664
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 19 Feb 2018 01:49:48 GMT
server: cloudflare
etag: W/"5a8a2d3c-55f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SaWk6HH5hb7zsHBHopm077IpPR6nq%2B%2F1NjyN%2B4DbgLU4qbouUNBCapoWa6XGb%2FKBXZAmA%2BBowl0o7hXHojjm7VytngF0SamcQBDe%2FQafh6vg5PMZeeD%2B5fCAz3d3Wh25t59ibvMx2wL8MYG6plJCKWaGPKFg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 73f923214ce4af5e-NRT

GET
H3 200 jquery.bxslider.js Show response
www.boxofficeindia.com/js/ 19 KB
6 KB 42ms
33ms Script
application/javascript 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boxofficeindia.com/js/jquery.bxslider.js
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 1112a173634f2508aa07d70a2cfe0751eb64c2153418c329eeca540241d44716

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4232
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 19 Feb 2018 01:49:48 GMT
server: cloudflare
etag: W/"5a8a2d3c-4cda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWTfw8vmfxjMzPd3HEsWM9WvigjCErDiiFE3gq7nrhiqRTIlx1%2BbPg3%2BCUtvUJXB6FlKBnz1Env%2BUT6gXS2NJVqHJqXPnyk%2BLcUPngL62SmzNXsWk6nZXUlHZKnj2lsN%2Bt%2FiOGnxH65naMQ5VMrH8NpSpl91"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 73f923214cadaf5e-NRT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 55ms
42ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.boxofficeindia.com/
Origin: https://www.boxofficeindia.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:47 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 73f923215a88af82-NRT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 26ms
3ms Script
application/x-javascript 23.44.53.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-53-234.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 24 Aug 2022 03:52:47 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 1B84A45482DD6A2C
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=50068
accept-ranges: bytes
content-length: 948
x-amz-id-2: APp8RPk3VQL4poY6SbECmJnvVEBMc8a2hilkF9qPMyTJpjeNIPXZMDbHPZZhD7eLbl+7YMLs9M8=

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/ Frame B28B 10 KB
5 KB 3ms
2ms Document
text/html 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 7597
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 01:46:10 GMT
etag: 8616628553774171045
expires: Wed, 07 Sep 2022 01:46:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_2022081701.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 40ms
4ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 14:28:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48244
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133512
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 08:37:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 23 Aug 2023 14:28:43 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 428 B
214 B 83ms
44ms XHR
application/json 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.boxofficeindia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7c9cf5109e2da45f2b85173716454fe04d05d8cc1eb0c01bba0893907ca7307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 03:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0
expires: Wed, 24 Aug 2022 03:52:47 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 119ms
40ms Script
text/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: go.automatad.com
URL: https://go.automatad.com/geo/DMC6nI/afihbs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc6be4e0446cd24ad821174f17712c4656266770325e9f8036343befd4968721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28511
x-xss-protection: 0
server: sffe
etag: "1312 / 619 of 1000 / last-modified: 1661293254"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 24 Aug 2022 03:52:48 GMT

GET
H2 200 prebid_DMC6nI.js Show response
b2cdn.automatad.com/js/ 240 KB
77 KB 149ms
149ms Script
application/javascript 212.102.50.50
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Requested by: Host: go.automatad.com
URL: https://go.automatad.com/geo/DMC6nI/afihbs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.50.50 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-575.bunnyinfra.net
Software: BunnyCDN-JP-575 /
Resource Hash: 0ec9ffd9eafec8894e2bb2e71456944299bd01cef1eaba16e9f54318b039ab18

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: br
x-openstack-request-id: txd2a71c9e1b2f46dfa50b7-006304f9c1
cdn-edgestorageid: 575
access-control-allow-origin: *
x-iplb-instance: 45515
cdn-cachedat: 08/23/2022 17:48:22
cdn-pullzone: 87832
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-trans-id: txd2a71c9e1b2f46dfa50b7-006304f9c1
server: BunnyCDN-JP-575
x-timestamp: 1661270413.91855
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Tue, 23 Aug 2022 16:00:14 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-iplb-request-id: B95D01F4:BADD_8E2CE366:01BB_6304F9C1_FB6EC10:1E31D
vary: Accept-Encoding
x-object-meta-mtime: 1661270383.237054
cdn-cache: REVALIDATED
cdn-uid: 02ba462e-865f-4abf-a9cd-22f9021b3a43
cache-control: public, max-age=120
cdn-requestid: a3e4f5e0627f24a6c1415a453ec5a4c7
content-type: application/javascript
cdn-requestcountrycode: JP
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 currency.json Show response
b2cdn.automatad.com/json/ 2 KB
2 KB 6ms
1ms XHR
application/json 212.102.50.50
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://b2cdn.automatad.com/json/currency.json
Requested by: Host: go.automatad.com
URL: https://go.automatad.com/geo/DMC6nI/afihbs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.50.50 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-575.bunnyinfra.net
Software: BunnyCDN-JP-575 /
Resource Hash: 6cb31466abd327f67436b68da439bae3aa414bdc41872972fdd8f90dba365c87

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: br
x-openstack-request-id: tx910b43a389ce43149e318-0063050181
cdn-edgestorageid: 575
access-control-allow-origin: *
x-iplb-instance: 28796
cdn-cachedat: 08/23/2022 17:45:10
cdn-pullzone: 87832
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-trans-id: tx910b43a389ce43149e318-0063050181
server: BunnyCDN-JP-575
x-timestamp: 1661272240.54124
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Tue, 23 Aug 2022 16:30:41 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-iplb-request-id: B95D01F6:A065_8E2CE366:01BB_63050181_EC37C30:0D6A
vary: Accept-Encoding
x-object-meta-mtime: 1661272201.852058085
cdn-cache: HIT
cdn-uid: 02ba462e-865f-4abf-a9cd-22f9021b3a43
cache-control: public, max-age=10800
cdn-requestid: da8b3a904178cb45133278c8956dac13
content-type: application/json
cdn-requestcountrycode: JP
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 sizzle.min.js Show response
cdnjs.cloudflare.com/ajax/libs/sizzle/2.3.3/ 19 KB
7 KB 15ms
9ms XHR
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sizzle/2.3.3/sizzle.min.js

Requested by

Host: go.automatad.com
URL: https://go.automatad.com/geo/DMC6nI/afihbs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf56b9ab02e71124134fe967a552b3df1363722d7b0bee524abda31e403dd397

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6568961
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6679
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd4-4dc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91nv%2BrVAOH30KxWnGlw6vg%2BybviSqxxaHeTROUlSFXqpqdOYdKySnIyUgRXy0hJmdPn5Y6WRc%2B3OPFH48dYLC3MxuNASjkH30K7mNzEn60OHUb95weKfZVd8Dl0LN7bNzlB8G825Sp8%2BKWfwTjeURxqa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73f9232439173405-NRT
expires: Mon, 14 Aug 2023 03:52:48 GMT

GET
H3 200 dd_arrow.png
www.boxofficeindia.com/images/ 3 KB
3 KB 15ms
15ms Image
image/png 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/dd_arrow.png
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/css/main2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0105f7fecf9dd97701a480ee9d995bd944d831e052827e5f020c110d680395b5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/css/main2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
age: 6665
x-powered-by: PleskLin
etag: W/"5f4763c0-b5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqO6TD%2Bl5Iu00zkYzO8NtGaS93X7TOjCfbkHzsFy9zgiASRO2Z2LlCh2MLzrctTBi7Hj6qvQFTLLbURglQf1GPwxHYUZJsb%2FeaENzr8Q5dkvPdkOrclSDxs3uqEf16WnfN1J5bjT3wiy5TLl%2FybVffaGNAy8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73f923257ac9af5e-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 RobotoCondensed-Regular.ttf
www.boxofficeindia.com/fonts/ 137 KB
138 KB 14ms
13ms Font
application/octet-stream 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boxofficeindia.com/fonts/RobotoCondensed-Regular.ttf
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/css/main2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4a7c36df4318fee50a8159c3a0ebde4572abab65447ae4a651c2fe87212302b5

Request headers

Referer: https://www.boxofficeindia.com/css/main2.css
Origin: https://www.boxofficeindia.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6665
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 140396
last-modified: Mon, 19 Feb 2018 01:49:43 GMT
server: cloudflare
etag: "5a8a2d37-2246c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wy25aLnXQrZRtZlb%2BGF%2FDk6a5G5sIvSfUCQh5Vm2UHzIv%2BeQ%2BVDE6ulmVzA6fUunbT9AGGhrnKJ1eDwdlv6Vsu9fvNaOPZVdI7jw4WkGBbpADo9rBoiPrnFsAtc2Qjg07DqKsc7eWZASH6urmVyPkRYorlyP"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f923257acaaf5e-NRT

GET
H3 200 menudroparowred.png
www.boxofficeindia.com/images/ 3 KB
3 KB 11ms
10ms Image
image/png 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/menudroparowred.png
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0491ef791235c27cc4ef48c8acb08f004f9142d0cdfac3daf2302fd0d0305a73

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
age: 6666
x-powered-by: PleskLin
etag: W/"5f4763c0-b55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JXy7Wm%2BUUpq25ionMu3968mDy0W1XdPsMj%2BCVyBBsCh3Pc87fDYyx41b6y0%2BmyKwIfu5QTCStv1AsDaWahxMxs21gN29meporHv8lYeWlOMgpiurcGW051ydHElPfffTQWLcugVntJbRW0nxtF201diEtASu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73f923257aceaf5e-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 193ms
37ms Script
application/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=www.boxofficeindia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 78ms
38ms Script
application/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.boxofficeindia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
494 B 83ms
83ms XHR
text/plain 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1295402583167039&correlator=1814651312339320&eid=31068830%2C31068367&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fifs&iu_parts=229445249%2CDWTag-DFPNew_RS75_Boxofficeindia_Banner_728x90_200919%2CBoxofficeindia_RS75_DWV_092019%2CDFPNew_RS75_BoxOfficeIndia_Banner_300x600_021219_Desktop%2CBoxofficeindia_DWV_061119&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%2C300x250%2C300x600%2C300x250&ifi=1&adks=1279179817%2C1790810919%2C927884958%2C3055373699&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1661313168252&lmt=1661313168&dlt=1661313167482&idt=364&adxs=436%2C-9%2C-9%2C-9&adys=126%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.boxofficeindia.com%2F&frm=20&vis=1&psz=1015x100%7C0x-1%7C0x-1%7C0x-1&msz=728x-1%7C0x-1%7C0x-1%7C0x-1&fws=0%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0&ga_vid=449757693.1661313168&ga_sid=1661313168&ga_hid=1160630961&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffbc42a50d629dbcaabb3953afad47e6e6952efcaa32bb6edc4581790cae8ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 464
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.boxofficeindia.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3293 6 KB
4 KB 151ms
38ms Document
text/html 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 03:52:48 GMT
expires: Thu, 24 Aug 2023 03:52:48 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 droparowred.gif
www.boxofficeindia.com/images/ 178 B
746 B 14ms
14ms Image
image/gif 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/droparowred.gif
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/css/main2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2f32695565911e84d871e43409a7788f3105a8261ff4cde0334c167cb646cde7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/css/main2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4233
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 178
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
etag: "5f4763c0-b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3CmuSBU6nhBtfu5twhRTZIpP6YjZF8YbIwHY04YWFBRm0m9Oja%2FJ1n7q7wV5oipB671CVdz7LecALVLIV0hUDbZdsrXWgF4r%2FDUjb5uJhHCprL5YIToEKu81Soz4gt701itpm6qh8SOewV0wRH2EtlSsFtpo"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f92325bb29af5e-NRT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
15 KB 99ms
98ms XHR
text/plain 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1295402583167039&correlator=1814651312339320&eid=31068830%2C31068367&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fifs&iu_parts=36888185%2CDWTag-DFPOld_RS00_Boxofficeindia_DWV_300x250_180321&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=5&adks=3949431089&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1661313168281&lmt=1661313168&dlt=1661313167482&idt=364&adxs=955&adys=253&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.boxofficeindia.com%2F&frm=20&vis=1&psz=350x-1&msz=350x-1&fws=4&ohw=1010&ga_vid=449757693.1661313168&ga_sid=1661313168&ga_hid=1160630961&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5222d9572a3df1125ff60f5e236c5d4358b3494f71f61f9ea71d73e2b1f0e654

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
google-lineitem-id: 5646871195
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138343507157
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.boxofficeindia.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 44ms
2ms Script
text/javascript 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 820
date: Wed, 24 Aug 2022 03:39:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 24 Aug 2022 05:39:08 GMT

GET
H3 200 bullet.png
www.boxofficeindia.com/images/ 953 B
1 KB 10ms
10ms Image
image/png 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/images/bullet.png
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/css/jquery.bxslider.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 3f0822a6ebb896f42c98e5a6d5f57bee1461801a5a5932a8eca551da581226b0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/css/jquery.bxslider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Aug 2020 07:41:52 GMT
server: cloudflare
age: 4231
x-powered-by: PleskLin
etag: W/"5f4763c0-3b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqzxCKOmdmTmtsN6I9KjXdurXj7DGZ%2FfjpK9G%2FwD0B1gHFhVjHzKF3ANKZI%2Fhodq92ijUm0dDFAsR6DpqKVNb4HGpFH0RXLeEKRIExOXvFv2Y%2FGl9aVS%2BaFSN6p2SrQ%2BM9VTdN%2FZOyhkBIQ1Py68936z1c1f"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73f92325db5eaf5e-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ITF-Rupee.ttf
www.boxofficeindia.com/fonts/ 8 KB
8 KB 8ms
8ms Font
application/octet-stream 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boxofficeindia.com/fonts/ITF-Rupee.ttf
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/css/main2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: feead93a25873b34673cb620a0715114fc4ea6348cfc7f61bbad589ccc87dfdf

Request headers

Referer: https://www.boxofficeindia.com/css/main2.css
Origin: https://www.boxofficeindia.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6665
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7832
last-modified: Mon, 19 Feb 2018 01:49:43 GMT
server: cloudflare
etag: "5a8a2d37-1e98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9A2l8gX5WonioyFUb8AKwUDQBc%2BzLFMcXAIfsehWYO8II8zokpNn91reUjLhROkTGpLu3dEFI3HW1OetinQetNM%2F4CBlYXIf1IwsZUYDVHJaNw7Pg8BITtS%2F8WY9vidH3VhgVHOCJv1S8hU%2B6NxuJlGjtBu"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 73f92325db60af5e-NRT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-56da88d5c2d289cd/ 2 KB
851 B 501ms
496ms Script
application/javascript 23.45.60.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-56da88d5c2d289cd/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.60.123 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-45-60-123.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9914688e80d75886ca0d4079bb5c3fe52cae6f9861205b24e801d1bab1dd4c29

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: gzip
etag: 360597051--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=28, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 676

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 101 B
950 B 196ms
190ms Script
application/javascript 23.45.60.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=6305a08f60a40c6d&bkl=0&bl=1&pdt=1977&sid=6305a08f60a40c6d&pub=ra-56da88d5c2d289cd&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.boxofficeindia.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1661313168310&jsl=1&uvs=6305a08f005442fc000&skipb=1&callback=addthis.cbs.jsonp__28141760689854170
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.60.123 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-45-60-123.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4e23a814b5aa95db551c0ea5f58951fb0a14e96abb5f6f85e742f284adefea34

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:48 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
p3p: policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
content-length: 101
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 0572 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 1480 71 KB
26 KB 13ms
13ms Document
text/html 23.45.60.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.60.123 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Wed, 24 Aug 2022 03:52:48 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H3 404 bx_loader.gif
www.boxofficeindia.com/ 660 B
660 B 768ms
767ms Image
text/html 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/bx_loader.gif
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/css/jquery.bxslider.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bb58da0d2c90f8905e4043a200d94cc7de99e20ce70101bbd3455d44fab3c08

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/css/jquery.bxslider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:49 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fn%2Bi0%2F4yJw6ZFu4BSpGjIkpkoxPIqWrgmYQyk4VlT3KzZfTJTAyYBTU9O1Qob1N40cV%2FkaR0SSnkv8TQWFbVgWbWsHjzTBMq6%2B%2FBPzPVjGovvAyRqNAnoL0p9D6nZBAXrbT2bZrNYy%2BTNXigSxQP2lDTptk7"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=86400
cf-ray: 73f923260ba5af5e-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 controls.png
www.boxofficeindia.com/ 642 B
1 KB 10ms
10ms Image
image/png 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boxofficeindia.com/controls.png
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/css/jquery.bxslider.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7b9742bd6b4b79ea9e63f59bbccf152ec90abcf0da228cd944ae04dc02407d8e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/css/jquery.bxslider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Feb 2018 01:49:41 GMT
server: cloudflare
age: 4230
x-powered-by: PleskLin
etag: W/"5a8a2d35-282"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2F1RiztNZh2NJkoRp7MFg3DaUIUFJbeezD5p7uqFiZZ5JKYWS2IZyUH7zp460iKtPbheyoU%2FQv8vMa1yTHJxtuErIpH3SjGGLXcZZx8AKhQKOvtBf088fIIn7OMYNOqoWuVgsUipcOU1Pzr%2Bi4TQoi3N5yM5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73f923261bb1af5e-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 159 KB
41 KB 29ms
6ms Script
application/javascript 143.204.77.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: go.automatad.com
URL: https://go.automatad.com/geo/DMC6nI/afihbs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.77.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-77-5.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15db152f386fbb66b5610a32b7b5d8662aeab674ce38a2c446cd73d2a250a92f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 24 Aug 2022 03:43:10 GMT
via: 1.1 dc0a1069b208b388553d3dc359c4e480.cloudfront.net (CloudFront), 1.1 2884f0fcb5b8a2bdfa5376dd5f29da92.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 17:59:10 GMT
server: AmazonS3
age: 579
etag: W/"364e5d6f95bbab2e2e1b3226cf815641"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: NRT12-C3, NRT12-C2
content-encoding: gzip
x-amz-cf-id: fwCDmyH1CS_YVAKnrmaqpl0gxqGIohYtE6wdB2J_nCrQCla3ktPIjg==

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
262 B 345ms
133ms XHR
application/json 13.250.192.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969517017575f4f0e2f58449a80071&pos=8a9699fd017777f83855f88fae31003e&cmd=bid&secure=1
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 7b39f16b87925c5398b8eec0eb4b5b1dce828a608d73b8033f70310ea242bbc5

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.boxofficeindia.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
262 B 464ms
252ms XHR
application/json 13.250.192.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969517017575f4f0e2f58449a80071&pos=8a9694f6017877fec50101483dad00b7&cmd=bid&secure=1
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e80ee368a5f5508bc9e80c393c03096e18845e684d9954bb54ffd47d5e6383e5

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.boxofficeindia.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
262 B 375ms
164ms XHR
application/json 13.250.192.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969517017575f4f0e2f58449a80071&pos=8a9694ed017777f840a4f88f8eb40035&cmd=bid&secure=1
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 63246b912189a482e38698381c6c869f9e0390cd0cb512b97b5240a3fdd96878

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.boxofficeindia.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
261 B 352ms
141ms XHR
application/json 13.250.192.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969517017575f4f0e2f58449a80071&pos=8a9694ed017777f840a4f88f8eb40035&cmd=bid&secure=1
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: dc363b258b60bba98027199085afdb3b2e5e593d1aede67e8cdbd40a3424da3a

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.boxofficeindia.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
467 B 340ms
129ms XHR
application/json 13.250.192.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969517017575f4f0e2f58449a80071&pos=8a9691b8017777f83c23f88f8a54003c&cmd=bid&secure=1
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 637ef7d2b74d2b609cff246f3dd7097a962b2e9eb46d36f53429ce9ddc24a693

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.boxofficeindia.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
261 B 341ms
131ms XHR
application/json 13.250.192.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969517017575f4f0e2f58449a80071&pos=8a9691b8017777f83c23f88f8a54003c&cmd=bid&secure=1
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: d54cd97b5373faae30ee2c61543d4a910860044c01767351d73adea0b57c2fa1

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.boxofficeindia.com
access-control-allow-credentials: true
content-length: 62

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 50 B
751 B 323ms
114ms XHR
application/json 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:48 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7b17c2bd-bac6-4e94-948e-7c85d20dd05f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.boxofficeindia.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 KB
2 KB 124ms
110ms XHR
application/json 54.64.204.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1661313168366&to=0&aun=fi-ash-1553234251-9421&maxw=728&maxh=90&si=15910&pi=3&bf=728x90&schain=1.0%2C1!automatad.com%2C2311913246141861%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.boxofficeindia.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.28.0%22%7D&ogu=null&ns=9933
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.204.44 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-204-44.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5060867bce49699df94f8b6270e93073a98387250638cca38e774b4cb04a7074

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.boxofficeindia.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 KB
1 KB 107ms
94ms XHR
application/json 54.64.204.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1661313168366&to=0&aun=fi-ash-1563362958-6851_45339_53506&maxw=320&maxh=50&si=15913&pi=3&bf=320x50&schain=1.0%2C1!automatad.com%2C2311913246141861%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.boxofficeindia.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.28.0%22%7D&ogu=null&ns=9933
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.204.44 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-204-44.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 377be4e6d09f7f0ced9b92f09c91dcc84a09b14f9fdfc167e13dec0fd02dc277

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.boxofficeindia.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 KB
2 KB 106ms
93ms XHR
application/json 54.64.204.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1661313168367&to=0&aun=fi-ash-1535521359-1881&maxw=160&maxh=600&si=15914&pi=3&bf=160x600&schain=1.0%2C1!automatad.com%2C2311913246141861%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.boxofficeindia.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.28.0%22%7D&ogu=null&ns=9933
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.204.44 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-204-44.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 850b3c0265f148c7cd30f974bc19631ffcdec324c4470bca9c6672cacd6081bc

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.boxofficeindia.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 KB
2 KB 109ms
97ms XHR
application/json 54.64.204.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1661313168367&to=0&aun=fi-ash-1535521173-3091&maxw=160&maxh=600&si=15914&pi=3&bf=160x600&schain=1.0%2C1!automatad.com%2C2311913246141861%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.boxofficeindia.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.28.0%22%7D&ogu=null&ns=9933
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.204.44 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-204-44.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dd6d265217b62da0f6cb3b2418992171a10f34d0381820c731f583399c413e75

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.boxofficeindia.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 KB
2 KB 109ms
96ms XHR
application/json 54.64.204.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1661313168367&to=0&aun=ATD_BOI-D-hp-300x250-btf&maxw=300&maxh=250&si=15911&pi=3&bf=300x250&schain=1.0%2C1!automatad.com%2C2311913246141861%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.boxofficeindia.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.28.0%22%7D&ogu=null&ns=9933
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.204.44 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-204-44.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5d9d24bcfcb9aea40e199918200888eae2637cc01db03d0569e0c76721f79153

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.boxofficeindia.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 KB
2 KB 111ms
99ms XHR
application/json 54.64.204.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1661313168367&to=0&aun=ATD_BOI-D-hp-300x250-INR&maxw=300&maxh=250&si=15911&pi=3&bf=300x250&schain=1.0%2C1!automatad.com%2C2311913246141861%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.boxofficeindia.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.28.0%22%7D&ogu=null&ns=9933
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.204.44 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-204-44.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b32d9584cac74ea267f705869e426944454a99b58275fd8c92297ae0ee592a6f

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.boxofficeindia.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 arj Show response
automatad-d.openx.net/w/1.0/ 174 B
596 B 249ms
236ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://automatad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.boxofficeindia.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=30e2fb9e-f6bb-4614-9286-a9595412bb20%2Ce61bd278-da1e-40ef-ace2-50c7edef6291%2C7b3941b5-c364-4ec4-a20e-6865a8e6e0a1%2Cd0d3508c-fdad-4bfe-a2d2-6ddef059e937%2C6e7b505d-5ac6-4580-9c59-a4b01417d9c3%2Cc59658d7-0c4b-492f-8813-0fefe87f756d&nocache=1661313168370&schain=1.0%2C1!automatad.com%2C2311913246141861%2C1%2C%2C%2C&aus=728x90%7C320x50%7C160x600%7C160x600%7C300x250%7C300x250&divids=fi-ash-1553234251-9421%2Cfi-ash-1563362958-6851_45339_53506%2Cfi-ash-1535521359-1881%2Cfi-ash-1535521173-3091%2CATD_BOI-D-hp-300x250-btf%2CATD_BOI-D-hp-300x250-INR&aucs=%2C%2C%2C%2C%2C&auid=540244493%2C540244493%2C540244493%2C540244493%2C540244493%2C540244493
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: b92c9c0ce187b257536b5a22f485594ea34daad0bd6f5eba1027ed6abc20e23b

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.boxofficeindia.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
651 B 369ms
127ms XHR
application/json 209.191.163.209
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.28.0
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: 0e947638160ca7610e7e7ce9311ae8f4d6d06c35a65669c02aa14cfb801efd83

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 24 Aug 2022 03:52:48 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.boxofficeindia.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 200 adreq Show response
ads.servenobid.com/ 996 B
721 B 505ms
228ms XHR
application/json 44.236.161.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=4269
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.161.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-161-59.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 04fa78abd7141e7e387e6a81744a0538d55eb2100a514472d73f0c06aca05da5

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.boxofficeindia.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST v1
dmx.districtm.io/b/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
720 B 356ms
125ms XHR
application/json 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:48 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7de2dbb4-ad9a-4b00-bf47-385d8650b3ca
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.boxofficeindia.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 ortb Show response
bid.contextweb.com/header/ 0
677 B 463ms
230ms XHR
text/plain 74.214.196.131
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.contextweb.com/header/ortb?src=prebid

Requested by

Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.214.196.131 Sunnyvale, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.boxofficeindia.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
server: Jetty(9.4.14.v20181114)
cw-server: bid-deployment-787c6bdc9-v4ll8
strict-transport-security: max-age=15768000
cwdl: 22/120,22/120,22/120,22/120,22/120,22/120

GET
H3 200 invisible.js Show response
www.boxofficeindia.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame DB98 37 KB
14 KB 15ms
14ms Script
application/javascript 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boxofficeindia.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1661299200
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1d0ede7a9af67afb5d66f2feeec7e8a4d6559df41dc7003b95c0737bb42a8a3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TdUbOlWmBFv4dmYOWDmz5iNkg5VydngyDSpDxQHJMEqfsTOtOaMdOilDtvB%2F1KjHp8eOhXIsAzXw7vqZxWCZwW5lsrW%2B2LVGoy9ZMUd6mNa%2B%2B8OsMHaZWObjky5EzAH6aTn1SZvP29swRkE0e%2Fb7ew86DhQi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 73f923265c24af5e-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 / Show response
www.boxofficeindia.com/ 95 KB
12 KB 989ms
988ms XHR
text/html 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boxofficeindia.com/
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40, PleskLin
Resource Hash: b63a80767c13fedf9ac6ad55f26d2de38709c4c3eb67cb8c5833c29b12b7e98f

Request headers

Accept: */*
Referer: https://www.boxofficeindia.com/
X-Requested-With: XMLHttpRequest
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40, PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCUkp9XCZSvGxWBWv6XKyV0MRZsytgC%2FqxbU6laBahWTfmqQJsTkBxTA%2BGJhm48p0oKT5i4tg7RG2fVt1aLfoRuB9gRsx9nnHqBmPGp7D%2BaigYBIL7ZLL0jTOq3qMXRIkVjRRKjg7KKZaJx0pVGWQKFrEHMx"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 73f923266c34af5e-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
15 KB 366ms
366ms XHR
text/plain 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1295402583167039&correlator=868285290096825&eid=31068830%2C31068367&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fifs&iu_parts=1067277%2CATD_BoxofficeIndia%2CATD_336x280_INTERSTITIAL&enc_prev_ius=0%2F1%2F2&prev_iu_szs=1x1&ifi=6&adks=3651124414&sfv=1-0-38&ists=1&fas=8&fsapi=false&eri=1&cust_params=NativeFloor%3Dyes&sc=1&cookie=ID%3D3ba93a805832ff3e%3AT%3D1661313168%3AS%3DALNI_MZ4Fth4l6VIco5sHoV-p29VtTat5Q&gpic=UID%3D000008f897cc1ff2%3AT%3D1661313168%3ART%3D1661313168%3AS%3DALNI_MYXw9IAJx9HvH1u4HeT7M42esPOjQ&abxe=1&dt=1661313168405&lmt=1661313168&dlt=1661313167482&idt=364&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.boxofficeindia.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=449757693.1661313168&ga_sid=1661313168&ga_hid=1160630961&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8dd314f3d1c7d498b692bdd8fac3ad249ef58464a9a5f5a427297f9d14fa1d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15040
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.boxofficeindia.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads_2022081701.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 2ms
2ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022081701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fdb83d6869eacbde33652b1f2eab38cc4e532f648b5ff57267829bda145e793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 10:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 579413
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13584
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 08:37:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 17 Aug 2023 10:55:55 GMT

GET
H3 200 flexslider.css
www.boxofficeindia.com/css/ 3 KB
2 KB 9ms
8ms Stylesheet
text/css 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boxofficeindia.com/css/flexslider.css
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 015fd2917f3c7b9588af89f7d4465a3017a87633ac3df99649bb7900666538d1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4230
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 19 Feb 2018 01:49:41 GMT
server: cloudflare
etag: W/"5a8a2d35-cae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22OWoCIBRO2q0DHNBgkT1yAMg%2FQaezPRPOoLD0oIYE2Bz%2FdOm%2FGhIlW%2BaW8MqkrfbPufb3aasgo1nGyXxOs4arAz2Hwlhonsk5GH%2BrTdY6R5rKDIJZAvKVsHExFgtd3tbz%2BsMaPMCHH8wzvk6FnGjT52MZgk"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 73f923268c5faf5e-NRT
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 82ms
42ms Stylesheet
text/css 2404:6800:4004:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f1afbf02ff203dd3afa888e73449b44a0ce303f21ece8ee6e8277ec354cc1d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 02:15:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 24 Aug 2022 03:52:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Aug 2022 03:52:48 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5C84 0
0 42ms
41ms Fetch
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstT642tWsSszSg8fZxTmnZ85zTP5FeejC0pMmWReycsT8KoJvfNy58NwEx3ADP3bfZU173OUZOosLyA448LVKrsx1P3q-MVGZYjtp-WFCOl2WFIGgDyMeSD93HeqmGKkqDKB_0lYjJzp4E_BdbafI_GXyVX3h2FJ29iTLruDoHMW0unxRw8emcz-HzzIq_0ydwrlwCkdz5jEM238wTkhEbkjkgRpsV5n7I0xq89PGQW-VNhpSYSy2SNroXBhibALq-UBdMIaf07NbD14UKYV3kWOFx9vYOU4olCirR4y6A9JPJOU5lKI6zrm2v8jRaejV7YmdyaGzZyiD56ZTXzWTAvoY4d2pHkD_aHloqAFurq1r0OLcZ11GhWt3-kMdo&sai=AMfl-YQiZY8zLf51c-IKQ4KC3jXn-3_NayQT8FrQcWHtxjbeXY-f6EbAOfRPgiApowAfyreFoq5PSX2mHRL9QemdJPaX6JuIDpgFheUUPWHxTNsFSYHEdCvrE69pVCIIyHKLLg&sig=Cg0ArKJSzEAPbj6bRfwlEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 03:52:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 24 Aug 2022 03:52:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 5C84 106 KB
42 KB 200ms
46ms Script
application/javascript 2404:6800:4004:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-0000-00

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

147725dba8c2caecd3da81ef2dffd8a1817599e23d0ee199e613a95fca359d06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42040
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Aug 2022 03:52:48 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 5C84 376 KB
126 KB 229ms
74ms Script
text/javascript 2404:6800:4004:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f61b78524373ae1f4a9aa5e208b47d192c83b2ea393b435f4b42b3aba45d05be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128178
x-xss-protection: 0
expires: Wed, 24 Aug 2022 03:52:48 GMT

GET
H2 200 play.png
contentvideo-zt3fn6v93n.stackpathdns.com/ Frame 5C84 1 KB
1 KB 16ms
2ms Image
image/png 151.139.242.15
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://contentvideo-zt3fn6v93n.stackpathdns.com/play.png
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.15 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: nginx /
Resource Hash: 3867763b33ca98cd3b78e995e0cf0199324da8d4b735c4111a686fe00dcb775a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
last-modified: Tue, 24 Jul 2018 06:48:22 GMT
server: nginx
x-amz-cf-pop: IAD89-C3
etag: "ba2e51ce8017ce23bd88d1805e3390fd"
x-cache: HIT
x-amz-version-id: null
accept-ranges: bytes
content-type: image/png
content-length: 1277
x-amz-cf-id: Wy9Mxs1ZTxvdp7fBQelu-bUNmRO5ZucRIoSFUzwe7gMzVohdtulCjw==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C84 140 KB
43 KB 117ms
82ms Script
text/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44049
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661168302676581"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 03:52:48 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 84ms
40ms XHR
text/plain 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1160630961&t=pageview&_s=1&dl=https%3A%2F%2Fwww.boxofficeindia.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Box%20Office%20India&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=45974398&gjid=551970532&cid=449757693.1661313168&tid=UA-1374856-1&_gid=1377613117.1661313168&_r=1&_slc=1&z=1230144346

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.boxofficeindia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
317 B 10ms
9ms XHR
text/plain 143.204.77.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.boxofficeindia.com&pubid=35d747a1-6323-41da-b924-5619ae9c6503
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.77.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-77-5.nrt12.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 00:16:45 GMT
via: 1.1 2884f0fcb5b8a2bdfa5376dd5f29da92.cloudfront.net (CloudFront)
server: Server
age: 12962
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.boxofficeindia.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: NRT12-C2
x-amz-cf-id: rEb_5bIM3KbWUr5XzSDJcWZFu56Sz3m4lC9_u4J6ZwHsQ-OQ_7v60w==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 122 B
511 B 251ms
251ms XHR
text/javascript 143.204.77.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.boxofficeindia.com%2F&pid=xHl89jyJxTrV4&cb=0&ws=1600x1200&v=22.8.42053&t=2000&slots=%5B%7B%22sd%22%3A%22fi-ash-1553234251-9421%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%221067277%2FATD_BoxofficeIndia%2FATD_728x90_Footer-Desktop-Portfolio%22%7D%2C%7B%22sd%22%3A%22fi-ash-1563362958-6851_45339_53506%22%2C%22s%22%3A%5B%22320x50%22%5D%2C%22sn%22%3A%221067277%2FATD_BoxofficeIndia%2FATD_728x90_Footer-Desktop-Portfolio%22%7D%2C%7B%22sd%22%3A%22fi-ash-1535521359-1881%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%221067277%2FATD_BoxofficeIndia%2FATD_160x600_LHS%22%7D%2C%7B%22sd%22%3A%22fi-ash-1535521173-3091%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%221067277%2FATD_BoxofficeIndia%2FATD_160x600_RHS%22%7D%2C%7B%22sd%22%3A%22ATD_BOI-D-hp-300x250-btf%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%221067277%2FATD_BoxofficeIndia%2FATD_300x250_Desktop_Homepage_BTF%22%7D%2C%7B%22sd%22%3A%22ATD_BOI-D-hp-300x250-INR%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%221067277%2FATD_BoxofficeIndia%2FATD_300x250_Desktop_Homepage_INR%22%7D%5D&schain=1.0%2C1!automatad.com%2C2311913246141861%2C1%2C%2C%2C&pubid=35d747a1-6323-41da-b924-5619ae9c6503&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.77.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-77-5.nrt12.r.cloudfront.net
Software: Server /
Resource Hash: 48f676dd0c163777a8b642e7f57b0d5ede802e3bc76c080fd1ea1d8d928363e6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: NRT12-C2
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.boxofficeindia.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 129
via: 1.1 2884f0fcb5b8a2bdfa5376dd5f29da92.cloudfront.net (CloudFront)
x-amz-cf-id: kmIE82-PcBPkb7ZyO6MB6BqGo1UXRBOrQDwbtltOi469628SAM_oug==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 620ms
601ms XHR
application/javascript 143.204.77.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.77.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-77-5.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: JXufo2ctue2uysHllG2MRpKE8F0E4.a0
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
x-amz-cf-pop: NRT12-C2
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 03 Aug 2022 22:19:11 GMT
server: AmazonS3
date: Wed, 24 Aug 2022 03:52:50 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 4cb3df5349fbb69c930b315b7d0a5272.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-id: OZ0m3TlQOKaSf1u5PxS3nK2dgp2cYCURs3sOM7GrETmJY6_pNWLNbA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
444 B 112ms
36ms XHR
text/plain 2404:6800:4008:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1374856-1&cid=449757693.1661313168&jid=45974398&gjid=551970532&_gid=1377613117.1661313168&_u=IAhAAEAAAAAAAC~&z=1307182047

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c01::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 24 Aug 2022 03:52:48 GMT
content-type: text/plain
access-control-allow-origin: https://www.boxofficeindia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pica.js
www.boxofficeindia.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame DB98 26 KB
9 KB 13ms
11ms Other
application/javascript 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boxofficeindia.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97105bb82a6077df46de01eb354085f0e05c9208a053608b6a546b9b37645e00

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4pMyhpq9qzSP6wnkPrF2PDn2chQwiMXAoVkpjOoSddAYF09UZceZIHSJLmwdN2eZRgGcXZMhXqH6GHPC5d9fqHOAcRjyqGKsLbSLYm9aNBvAz8dgvj77OFRW2NbLdqC4Hfi4MCEM63vw09DwKBrBWKDWpgPd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 73f923279decaf5e-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 5C84 49 KB
20 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-0000-00

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 820
date: Wed, 24 Aug 2022 03:39:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 24 Aug 2022 05:39:08 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 5C84 1 B
21 B 35ms
35ms XHR
text/plain 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=495445636&t=pageview&_s=1&dl=https%3A%2F%2Fwww.boxofficeindia.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x250&je=0&_u=QACAAUABAAAAAC~&jid=756124818&gjid=330725702&cid=449757693.1661313168&tid=UA-0000-00&_gid=1377613117.1661313168&_r=1&gtm=2ou8m0&z=1193884064

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.boxofficeindia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame E631
Redirect Chain

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_rbd
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_rbd&dcc=t

274 B
1 KB

201ms
201ms

Document
text/html

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_rbd&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

3b83ee7a2da00fbf1a6c7db7996ca12c3e1b7718fc4c740d27b0eaeed0592a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 274
Content-Type: text/html;charset=ISO-8859-1
Date: Wed, 24 Aug 2022 03:52:49 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: QQ8M2V1THHACCS77H2C2

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 24 Aug 2022 03:52:49 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_rbd&dcc=t
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 2EMA8VDP5PA8R61N5SMJ

GET
H3 200 collect
www.google-analytics.com/ Frame 5C84 35 B
55 B 2ms
2ms Image
image/gif 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=495445636&t=event&_s=2&dl=https%3A%2F%2Fwww.boxofficeindia.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x250&je=0&ec=general&ea=page_load&_u=SACAAUABAAAAAC~&jid=&gjid=&cid=449757693.1661313168&tid=UA-0000-00&_gid=1377613117.1661313168&gtm=2ou8m0&z=1178961812

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 14:49:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47019
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 5C84 35 B
55 B 2ms
1ms Image
image/gif 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=495445636&t=event&_s=3&dl=https%3A%2F%2Fwww.boxofficeindia.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x250&je=0&ec=general&ea=script_init&_u=SACAAUABAAAAAC~&jid=&gjid=&cid=449757693.1661313168&tid=UA-0000-00&_gid=1377613117.1661313168&gtm=2ou8m0&z=1706355324

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 14:49:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47019
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5C84 0
0 41ms
41ms Fetch
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-U6rZVWwAzx6Du4gGlD0zXf38cxL8g32iIVolgK9FsY6opN837SIGos_8CHhWj_UgMrxx9aIAf8LQHlePOgbW9dne5ki4Lzh9ZgTnPywMndBp5MJb__45sjSeNaycbrG87jGU6IJ6vQFqu7R5kHilgYC4qWo_mPpaj6IkOrXKnh4Iyyf3OhU-WbdGsQhx6aUGjDO2Ri8IgNCuXHJj9lVY65KqTcaIguEXZm18ixSUrnwPlSpiIYwX_ijuaVskxlq9mno8hJNmEp22Lgryr_avUQibzA0Ftt5RuP5KRfG4zZjfV67pzqhD_breYqp1v99pwErP6M_3XqdFaY98aD-iiJIsDCA3MGQOdl3GQrq-Djh8ILSQLDUW0h2Fu3dlzA&sai=AMfl-YRYe0CyRzoj7Natbupu4kusWGsElNylqiv8P5t8zwTwJ1NuBdtTWqDSYFqWlyPIQQnoUILcSGpCK_0Aj-IknqNHvgxs0CKkjaqX9K2atSheHSX8CPR5ra_Zym1JqjvWaA&sig=Cg0ArKJSzObwiEZpSuLGEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 03:52:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 24 Aug 2022 03:52:48 GMT

GET
DATA 200
OK truncated
/ Frame 5C84 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 030923a8d4bbd3142266d16f47ad7eff3133a437263b6c672b26e60004a5079e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bridge3.527.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame DA15 636 KB
206 KB 42ms
5ms Document
text/html 2404:6800:4004:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.527.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

148022fcf56320601c688ec8f63c2c2edf5479551f6ff2a917caed119acaba0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 78025
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210466
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Aug 2022 06:12:23 GMT
expires: Wed, 23 Aug 2023 06:12:23 GMT
last-modified: Tue, 23 Aug 2022 06:04:08 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 5C84 44 KB
17 KB 288ms
71ms Script
text/javascript 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Aug 2022 03:52:49 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 5C84 35 B
55 B 3ms
2ms Image
image/gif 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=495445636&t=event&_s=4&dl=https%3A%2F%2Fwww.boxofficeindia.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x250&je=0&ec=general&ea=requesting_ad&_u=SACAAUABAAAAAC~&jid=&gjid=&cid=449757693.1661313168&tid=UA-0000-00&_gid=1377613117.1661313168&gtm=2ou8m0&z=1193575893

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 14:49:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47019
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5C84 107 B
122 B 80ms
41ms Script
application/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.boxofficeindia.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 03:52:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ Frame 5C84 35 B
55 B 2ms
2ms Image
image/gif 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=495445636&t=event&_s=5&dl=https%3A%2F%2Fwww.boxofficeindia.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x250&je=0&ec=general&ea=preroll_requested&_u=SACAAUABAAAAAC~&jid=&gjid=&cid=449757693.1661313168&tid=UA-0000-00&_gid=1377613117.1661313168&gtm=2ou8m0&z=1080569315

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 14:49:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47019
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 33E9 6 KB
3 KB 78ms
41ms Document
text/html 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 03:52:48 GMT
expires: Thu, 24 Aug 2023 03:52:48 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 73f9231499d1807d Show response
www.boxofficeindia.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame DB98 2 B
733 B 25ms
25ms XHR
text/plain 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boxofficeindia.com/cdn-cgi/challenge-platform/h/g/cv/result/73f9231499d1807d
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1661299200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 24 Aug 2022 03:52:49 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=325eZCrdC4Fwchi0cSl%2BfE4yJmWFYJIVfW2x0en0AdT%2FuRM8jed%2FcZ%2Be9UVRRYVMp14sqgLq1dVRSvLeYw4OpKhgh0hfKAidfYW%2BicntNY62AcqB0LzY3O3kflEzzTWbN3IVVGRyIkebdeyz35RLfYMJUlLL"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 73f9232a398aaf5e-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
122 B 77ms
39ms Script
application/javascript 2404:6800:4004:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=www.boxofficeindia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 03:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 40ms
40ms Script
application/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.boxofficeindia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 03:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 107 KB
31 KB 525ms
524ms XHR
text/plain 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1295402583167039&correlator=1536647009106888&eid=31068830%2C31068367&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fifs&iu_parts=1067277%2CATD_BoxofficeIndia%2CATD_728x90_Footer-Desktop-Portfolio%2CATD_160x600_LHS%2CATD_160x600_RHS%2CATD_300x250_Desktop_Homepage_BTF%2CATD_300x250_Desktop_Homepage_INR&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F3%2C0%2F1%2F4%2C0%2F1%2F5%2C0%2F1%2F6&prev_iu_szs=728x90%2C320x50%2C160x600%2C160x600%2C300x250%2C300x250&ifi=7&adks=3051531470%2C3843457511%2C1991902033%2C1935449629%2C924216401%2C1904640850&sfv=1-0-38&fsapi=false&prev_scp=mod%3Dfi_hp_ftr%26amznbid%3D2%26amznp%3D2%7Cmod%3Dfi%26amznbid%3D2%26amznp%3D2%7Cmod%3Dfi_hp_lhs%26amznbid%3D2%26amznp%3D2%7Cmod%3Dfi_hp_rhs%26amznbid%3D2%26amznp%3D2%7Cmod%3Dfi_hp_btf%26amznbid%3D2%26amznp%3D2%7Cmod%3Dfi_hp_inr1%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=NativeFloor%3Dyes&sc=1&cookie=ID%3D4eebd6e511a664e1-22fa0387cdd50021%3AT%3D1661313168%3AS%3DALNI_MZKGMMUShWTjknqmbESOaYRUpovVg&gpic=UID%3D000008f88bd85ef5%3AT%3D1661313168%3ART%3D1661313168%3AS%3DALNI_MZC43xI-n1ra-ISYGrfeabGGb9gmA&abxe=1&dt=1661313169013&lmt=1661313169&dlt=1661313167482&idt=364&adxs=436%2C1280%2C64%2C1376%2C992%2C305&adys=1110%2C1150%2C124%2C124%2C1285%2C838&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C1%7C0&ucis=7%7C8%7C9%7Ca%7Cb%7Cc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.boxofficeindia.com%2F&frm=20&vis=1&psz=728x-1%7C320x-1%7C287x610%7C287x610%7C300x0%7C300x0&msz=728x-1%7C320x-1%7C160x-1%7C160x-1%7C300x0%7C300x0&fws=516%2C516%2C4%2C4%2C4%2C4&ohw=728%2C320%2C160%2C160%2C310%2C310&ga_vid=449757693.1661313168&ga_sid=1661313168&ga_hid=1160630961&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb37e5698b4856aecc9e100ae8f3cfc4c183894e3e882aef5b9d47e609f81e6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31944
x-xss-protection: 0
google-lineitem-id: -1,-2,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.boxofficeindia.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 8ms
7ms Script
application/javascript 23.45.60.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.60.123 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 24 Aug 2022 03:52:49 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3 200 css2
fonts.googleapis.com/ Frame 33E9 4 KB
636 B 79ms
42ms Stylesheet
text/css 2404:6800:4004:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 02:14:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 24 Aug 2022 03:52:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Aug 2022 03:52:49 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FB65 448 B
269 B 41ms
41ms Document
text/html 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEY89bs0AEwAQ&v=APEucNWGs6FU79qawfvMwEH-O21FIxHwp4D_U1H9ktKokVw5DonUbTNQsUfCSqKiWhK0XW0ACjnHHaPaGhbax_w0EZ_z49C0GA

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 248
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 03:52:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E8A2 86 KB
35 KB 79ms
79ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AwWYmR8HLVzW4Zb1Jzyk2hAM5xKxA6fPwvjd40AtlUsJV4Wg0LKV69s2WyUYghZ3sTYpUKu6GPKDzFw5SatklNDtSJmw&cry=1&dbm_d=AKAmf-D1c3E0jH5dr-0mdkDHOzAZ0isb4TGY-R5Gc4AObgTxreQFf3pONwvph5xoBwJW03A3BOtVXSVlEwY4sJdJJUDmwiXTAHuuSQeFMPwdQ9dOGmEGkzI1E8j184411oOu_OUwwDcYWa-XE3THszf0rQmhOEMZVIfp4YBvUsh1LozZNspla2l_aP00e4xwQHZz6hA56wDjRs5y1CafsVGfMin7zFVXxwSFj6povOvZ92Qn8Xwa5q-tivP7Dfn2hd7heNiANEnGn1FvQgvuucc4LdeiXlK6XZbHWgGJGAg0sUYlB0e41K4DOM1AoxRNBjWqVj_04DcWpBdAb9RaEMTKc4Awer7Q47w-ws0vu5oOgexUWTOlaIfTXnIvFTVkMDnKjbCnGQWJbV4eKRHjVRRYYzCC9EP1fC0zocPOgY_qc_kccHTQ_eH2mCqqqkPBr3B0VHO5TvyexFzNN87jr8gROtyW6vGm1V3fw0LDdBp3lzMNTrLNjR2mkwOjzhRNLSoPMV28wZ7_Tv3rjMTXdOuhYlbmDyT306uyeZBs8Q5DiAyalJyOmEHDslZFB2yrWkhaeNKllvQjIi5K2iVs6y_uaUh91X2fUNGGIUgPykRjy5WcfjvvEy61mLpzXEDOWFjS9aACewB8ryqD3EBgg4f2AoWLTHMDXbn5-08JCGqEHhBY6O0LgPx6QHx9wst-LlFsVkx2KPHekcckOptBWRBnL7emssitUWRSe7wF6ZQVaYrLXOE56yw3qcGNBlPUWiXv1egDkoc7zpW8FGE2oWUKCLQ-yMnY7HR_HrVxMi42ElaZX3tZ4Nx0uyMKjtKs2U2sMp-vzYStwpweb4vY-5rQDvTShMUnqnuYhfl-c9xwlU6E-5joBSGJ02eGjzZA5jidazPyD7Qi8CSLpv-7Jz1UaMc8PAWOaGxVM7xlDcYFNcI47SMeVpIoY1xhtpdDRl0gZAvAIHmDzFB0B6yKC4V_z69eHz5LDi2DsCLr05z1Yokoa77wNnkvIiqZDwmCC4D2yzXhb5bv0qwjTjDgSKPgQqVizd2WmclnKaV-xAHsAOtv5tN3sYQQQozYxnrz0ODTdAcC1Uz9i2Iiz_RPUa1oyKbvyDgj46fxV_mBlqWN5qNsO0td2iXp7WU5_EzKdkjzknUPT4hMuRKX2JjQ8kZZdQqj0Bx9oP6UYSKTD6xe3c9hNVY_6kDZL9W0lToJe8tTAGZY8-9c1lWq3xTJhGyduBUMaNcReU2-8MPvoz2eTtwT_GKOZlMLGYdaRdpQvsM8RUV6jLrHVsQlwFi8iIuy9qNeq7tZe1-7swvrkiaXDlXL-XOxU4qPH-pno0SO49p-6jschRQcE-X0e44jYlG7h6D0gWlYxkDCD4iKIDzyPZU9zVMdVCPZTQzgPeAqdhLbtdw1PmuVbR1mvUH2ISAw9vkBKmhi9z9BrttkQB1WN9gS4yjD1yLu6kHYOir5fYX_2WoEsCxzwTKJX05R9Amgz5NvAfJuTxNG4-rxjsQhiqiUVXVvm5uab7rqKO1ulu83OZXF-50D790pMKup2YBuByEqcYq-pSAdatVYaEv2LzXMJPPYk5wGjdj8DKH6YAufOdJMgO_XcLQFxLK74EV3rcFprNK-0n4w9Ma1RXZJauwcCyVLxrtOA94rFW8Gscqhc7MFFYwvMTDCiWi-u698GC0GWV-apod1wa3tOQbsBG4E3AnpecxvBWZogTqVDXcEPiHFBrJrPTX9DX2L3XB2tN6nY2WYJyZkLDZZolTbDOX2FYH8UyeULVs6c5X5qD4pn162LsYXaPHQDekc-7UdORdT5miu4A82svkrH4WeW0NWT0ttAmw9efh9lN9UnoCB0nIBXRPIAyEyI7J74wX8cQz1Fte-Gk7_CP-VmWCOZIxn-hAPfX76len3HUW1meMfvbC7Lbbc6BFvyhOlha6rM_3BrJ72UJtedUvyBCYnobCfDasz978RbRCqenkXbO0Rvhw6YBtHcm_XqS2HGdEUoJCc8JcEAzLV-ZooQY28eXhvN1Nb6fp8uVcQ3ZHna8Dfkd6LRsBoODICOEmzW8YDwPk7ephqEgAD45wUqZDKgKMXd-jIa-TpHv6dx5mZg9T6du2kVoDy7IDqIwtctjC7EIMJkX23sxIGxI8U9AdaP9srTXiQnLRO1lfWiQ01-tDHenrKEdiabKnVjq4nU8TOeOOAIcU8LAEr_RekXHwMxL3lNI8fvi5wk3C3Q6aBqtKVpTCwdxvDaXzW8Dn6qeUo_oGaoDDgcW-UvMta7-vU5-U3QbCcdZifXH71QkZ3Ps5kgFlUU8Hm07EHsUeuXKQUfyyi6Pxg3hlde_SW513HdXXeGCoduwFtO1dyb6gMyCAHivPiJYlQX29HlM3ibViR_EEC5_mLRNgQHfT3C3fgUz-wXN9eN5CQxwxOoqWIFnaLc8QDr5u6X88v99OJIPqetxqsfu260Mzb4WWyY8hKEDFHv1T49QfsDVysyeQeb38C-QLkmEqpyjq_yNnt6NYYdbjORaimaiaN43Vet7EIuAAdYgK_3_R1ICdvEePgNjFna68jNHg92s9UFQF-Md3Njayr2fuWAyfTnTFuEE6h_lKaVrgxRUSBguM7MSuHNlwISPbcWo0a1JgtcW7QyyVMyMd68lvXHpwKydmCnyUiJ4_K_fs3-MWnfTIzVzMAVBJ55-iGIrhu9wgQDd9f2V_0m1olpfdPVH5-_lqUZDOf2O-9KnFU40Noo7oiSHK9FfRW129UyrkpdRMG2DjFrpTJtf0LnpZJf6rj6yiZNc0Gl6_bzi1axcJPTUTybcNKSTbpaC1PPHVLLF2CkQls9e24Aut_wbpkSgvo-MfdPc-bsXqUZAEjsv-6lHFAszZtvRqN7S3f-T6gY98GN4IwS0XX177fnwHaH5Z4blFr8J80jdiVV5B0Dm5IMYLztfL5NYELu4OH7BXpHfZkhrec9fK1mLtw26HVp1VTfr54i7HjF7dkVyvS7wpq7baYxUNUBmQKeMJEFmxknpD_IzkuahyliJDN3iGBSItEvZVPINEFXapMeANxtvOyYiCx3TkycXjRuOOxpV8dedW4DEsdESSDFYR_TXJlhbuCayfpRMENQwFv-1loy40BZysayR_LY2SK4faUy3xIxky3ZXZ6lOn4Ug4xJ2KiQIhcfVoqlwwc79f3E517A6jMhA40pwd4ZI9YuhWjBDtfr1AT5AkyC5ebubY8tCIr5iTlUFn1GShQVbBcO5Osb0xOOI2f33pWFZR9u0q6QBPA3mUuhnO0_xj5aGiN7vIbBCg7YAD6HngcLKMujNQZXZog5Pu2mnB1Jk__uoc90TsW226bEF8swG0w6rsxy34-vg&cid=CAASJORo2Z_UbKyzrlPuIpFvTRSasw4jKvvY7-N_D8c2E53Qyo_LRw&rfl=2%2Chttps%253A%252F%252Fwww.boxofficeindia.com%252F%240

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ef8748d02d66b954065066e0286ac098eba5623f521f386bd0d19c2f1f7727a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35737
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame E8A2 3 KB
1 KB 86ms
4ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:51:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 03:51:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame E8A2 17 KB
8 KB 85ms
2ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 784
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 03:39:45 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E8A2 0
0 81ms
38ms Image
text/html 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQD9eV8IzWwCWJLIEyO_0rocJDCn3mNuZ6862BF4NH-ow2m5FE8trHU4dL5C4B5uPOaaD2mCHhpiy9hT2I73PmxStBH1w
Requested by: Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E8A2 140 KB
43 KB 73ms
72ms Script
text/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44049
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661168302676581"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 03:52:49 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E8A2 42 B
63 B 75ms
37ms Image
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DGViDukgGljonu1nhOFY2bobkEPHxIKz7BydJYATFGroGMonMynVXfA6QGK-clepyL9XNi1nCpUPeUHuXxZaUn74JGQ0UAg9nHQDI-nskO44TVv-o

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 33E9 19 KB
8 KB 85ms
3ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:39:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 797
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8368
x-xss-protection: 0
server: cafe
etag: 5162546928090487746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 03:39:32 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame DA15 156 B
748 B 515ms
399ms XHR
text/xml 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F229445249%2C1067277%2FDWTag-DFPNew_RS75_Boxofficeindia_DWV_VAST_180321&description_url=https%3A%2F%2Fboxofficeindia.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4117930729555887&vpmute=1&sdkv=h.3.527.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=175688969&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.527.0&sid=9F7A6085-77B2-4CFF-B846-49EE613CEDC4&nel=0&eid=44754420%2C44760950%2C44762904%2C44765701%2C44771871&url=https%3A%2F%2Fwww.boxofficeindia.com%2F&dlt=1661313168413&idt=682&dt=1661313169113&cookie=ID%3D4eebd6e511a664e1-22fa0387cdd50021%3AT%3D1661313168%3AS%3DALNI_MZKGMMUShWTjknqmbESOaYRUpovVg&scor=2225932879105715&ged=ve4_td1_er253.980.253.980_vi0.0.1200.1600_vp0_eb16616

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.527.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
265 B 215ms
215ms XHR
application/json 23.45.60.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.boxofficeindia.com%2F

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.60.123 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.boxofficeindia.com/
last-modified: Wed, 24 Aug 2022 03:00:00 GMT
server: nginx/1.15.8
date: Wed, 24 Aug 2022 03:52:49 GMT
content-type: application/json
access-control-allow-origin: https://www.boxofficeindia.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 36 B
290 B 196ms
195ms Script
application/json 23.45.60.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.boxofficeindia.com%2F&callback=_ate.cbs.rcb_i96p0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.60.123 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

3c146ea10b0ba96c02946fbc1fa97c020c96fe31c30b2d96134e7b7a871e1c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.boxofficeindia.com/
last-modified: Wed, 24 Aug 2022 03:52:49 GMT
server: nginx/1.15.8
date: Wed, 24 Aug 2022 03:52:49 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 56

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 36 B
290 B 210ms
210ms Script
application/json 23.45.60.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.boxofficeindia.com%2F&callback=_ate.cbs.rcb_k1oq0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.60.123 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

e6e0dcac99652add2e64d33da9354cfcf29eaaf5ef8b0521bd1a6cc4f4262636

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.boxofficeindia.com/
last-modified: Wed, 24 Aug 2022 03:52:49 GMT
server: nginx/1.15.8
date: Wed, 24 Aug 2022 03:52:49 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 56

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 800ms
199ms Script
application/javascript 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nwa/E791) /
Resource Hash: 33558069624c6849e3bedf4ef9ead7bf4cef2afdd7ecb64758a660fa4ae5ed8d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 24 Aug 2022 03:52:49 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 69
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29278
x-tw-cdn: VZ
Last-Modified: Mon, 15 Aug 2022 23:23:32 GMT
Server: ECS (nwa/E791)
Etag: "080f1472776d4d1a972a14cea4433aeb+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 15ms
5ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

19e80653ebc48a76babb3216d3e947fc0a062a0417698a4fcdca7245fc2ce50a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 2cJ7c4JXysP/hYpFybrsiw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: 8rz6UlB4JB7k/Nlh8uaCf1Q8JkZIFkGLd4vCO4WGGLyBsxPG0x3VvVoq9n/r67MdkAM1O3+4BW0XfwhQte2s+w==
x-fb-trip-id: 382461245
x-fb-content-md5: 998df34f94c50dd0352f19fd309ef0cc
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 24 Aug 2022 03:52:49 GMT
vary: Accept-Encoding
x-content-cdn-origin-ts: 1661312419247
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "35d158da4bc4b9ebb5eef6dbcad06809"
timing-allow-origin: *
expires: Wed, 24 Aug 2022 04:00:19 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FB65
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

170 B
188 B

88ms
88ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEY89bs0AEwAQ&v=APEucNWGs6FU79qawfvMwEH-O21FIxHwp4D_U1H9ktKokVw5DonUbTNQsUfCSqKiWhK0XW0ACjnHHaPaGhbax_w0EZ_z49C0GA

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 24 Aug 2022 03:52:49 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
strict-transport-security: max-age=31536000
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FB65
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECwqaac7uq68SR8g6jVWbrM&google_cver=1

43 B
909 B

88ms
88ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECwqaac7uq68SR8g6jVWbrM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEY89bs0AEwAQ&v=APEucNWGs6FU79qawfvMwEH-O21FIxHwp4D_U1H9ktKokVw5DonUbTNQsUfCSqKiWhK0XW0ACjnHHaPaGhbax_w0EZ_z49C0GA
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73f9232c3b50af3d-NRT
pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbj4aKTUODRRBKjAGags8w9KyB8ysgyM1aeUJ98eVKmHI%2BA8EloeS8nR5AOLB7UvjFU6cm4sz%2B%2BXeB5cTRtBIo3BOEueZPX4PVvP4laFyrQonfEccxW59XUqcbHTjToNVak8w%2BLxamxlyA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECwqaac7uq68SR8g6jVWbrM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FB65
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwWgkRkfV1XxQV2lcYMt3AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECwqaac7uq68SR8g6jVWbrM&google_cver=1

43 B
912 B

112ms
112ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECwqaac7uq68SR8g6jVWbrM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEY89bs0AEwAQ&v=APEucNWGs6FU79qawfvMwEH-O21FIxHwp4D_U1H9ktKokVw5DonUbTNQsUfCSqKiWhK0XW0ACjnHHaPaGhbax_w0EZ_z49C0GA
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73f9232d3d00af3d-NRT
pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nzw2nCZSfs2mJp7AlFXMpv4Ih%2FaFz55hZP3AF8JEoMxy2hZgsxPZ5a4bEJ48xCJVP95e37JZ9JvLnkh2vTOWDwF6t%2B%2FYfjwqzZnx78xojF9ZnCpY1qhpSGr3%2FB1eNyqN3UxvFyLlBec%2FTA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECwqaac7uq68SR8g6jVWbrM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 298 KB
85 KB 9ms
4ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ee1106a12264a17f3cb037a9f70c8c05

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

587474c5b9c85ac5e8e99c36f737c1fd45a9359285717bfc9582c5979632f90a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.boxofficeindia.com/
Origin: https://www.boxofficeindia.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: GbXefKcUSBTqNftwbk8qyA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86528
x-fb-rlafr: 0
x-fb-debug: ADIIYkzJ1DTF2960PIL+0K3RKp9c+TSJM/ijRynQdrADxPiCVeJClUSWcz4e+UePsGciJS5XKeZtzcofpH3k0w==
x-fb-content-md5: 216063078ab35353d07257e25584e108
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 24 Aug 2022 03:52:49 GMT
vary: Accept-Encoding
x-content-cdn-origin-ts: 1661308814145
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "64fa06e32a39932fefa9458a77fdb1ae"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 24 Aug 2023 02:40:14 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame E8A2 106 KB
37 KB 42ms
3ms Script
text/javascript 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Origin: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 09:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67809
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Aug 2022 09:02:40 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame E8A2 8 KB
3 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AwWYmR8HLVzW4Zb1Jzyk2hAM5xKxA6fPwvjd40AtlUsJV4Wg0LKV69s2WyUYghZ3sTYpUKu6GPKDzFw5SatklNDtSJmw&cry=1&dbm_d=AKAmf-D1c3E0jH5dr-0mdkDHOzAZ0isb4TGY-R5Gc4AObgTxreQFf3pONwvph5xoBwJW03A3BOtVXSVlEwY4sJdJJUDmwiXTAHuuSQeFMPwdQ9dOGmEGkzI1E8j184411oOu_OUwwDcYWa-XE3THszf0rQmhOEMZVIfp4YBvUsh1LozZNspla2l_aP00e4xwQHZz6hA56wDjRs5y1CafsVGfMin7zFVXxwSFj6povOvZ92Qn8Xwa5q-tivP7Dfn2hd7heNiANEnGn1FvQgvuucc4LdeiXlK6XZbHWgGJGAg0sUYlB0e41K4DOM1AoxRNBjWqVj_04DcWpBdAb9RaEMTKc4Awer7Q47w-ws0vu5oOgexUWTOlaIfTXnIvFTVkMDnKjbCnGQWJbV4eKRHjVRRYYzCC9EP1fC0zocPOgY_qc_kccHTQ_eH2mCqqqkPBr3B0VHO5TvyexFzNN87jr8gROtyW6vGm1V3fw0LDdBp3lzMNTrLNjR2mkwOjzhRNLSoPMV28wZ7_Tv3rjMTXdOuhYlbmDyT306uyeZBs8Q5DiAyalJyOmEHDslZFB2yrWkhaeNKllvQjIi5K2iVs6y_uaUh91X2fUNGGIUgPykRjy5WcfjvvEy61mLpzXEDOWFjS9aACewB8ryqD3EBgg4f2AoWLTHMDXbn5-08JCGqEHhBY6O0LgPx6QHx9wst-LlFsVkx2KPHekcckOptBWRBnL7emssitUWRSe7wF6ZQVaYrLXOE56yw3qcGNBlPUWiXv1egDkoc7zpW8FGE2oWUKCLQ-yMnY7HR_HrVxMi42ElaZX3tZ4Nx0uyMKjtKs2U2sMp-vzYStwpweb4vY-5rQDvTShMUnqnuYhfl-c9xwlU6E-5joBSGJ02eGjzZA5jidazPyD7Qi8CSLpv-7Jz1UaMc8PAWOaGxVM7xlDcYFNcI47SMeVpIoY1xhtpdDRl0gZAvAIHmDzFB0B6yKC4V_z69eHz5LDi2DsCLr05z1Yokoa77wNnkvIiqZDwmCC4D2yzXhb5bv0qwjTjDgSKPgQqVizd2WmclnKaV-xAHsAOtv5tN3sYQQQozYxnrz0ODTdAcC1Uz9i2Iiz_RPUa1oyKbvyDgj46fxV_mBlqWN5qNsO0td2iXp7WU5_EzKdkjzknUPT4hMuRKX2JjQ8kZZdQqj0Bx9oP6UYSKTD6xe3c9hNVY_6kDZL9W0lToJe8tTAGZY8-9c1lWq3xTJhGyduBUMaNcReU2-8MPvoz2eTtwT_GKOZlMLGYdaRdpQvsM8RUV6jLrHVsQlwFi8iIuy9qNeq7tZe1-7swvrkiaXDlXL-XOxU4qPH-pno0SO49p-6jschRQcE-X0e44jYlG7h6D0gWlYxkDCD4iKIDzyPZU9zVMdVCPZTQzgPeAqdhLbtdw1PmuVbR1mvUH2ISAw9vkBKmhi9z9BrttkQB1WN9gS4yjD1yLu6kHYOir5fYX_2WoEsCxzwTKJX05R9Amgz5NvAfJuTxNG4-rxjsQhiqiUVXVvm5uab7rqKO1ulu83OZXF-50D790pMKup2YBuByEqcYq-pSAdatVYaEv2LzXMJPPYk5wGjdj8DKH6YAufOdJMgO_XcLQFxLK74EV3rcFprNK-0n4w9Ma1RXZJauwcCyVLxrtOA94rFW8Gscqhc7MFFYwvMTDCiWi-u698GC0GWV-apod1wa3tOQbsBG4E3AnpecxvBWZogTqVDXcEPiHFBrJrPTX9DX2L3XB2tN6nY2WYJyZkLDZZolTbDOX2FYH8UyeULVs6c5X5qD4pn162LsYXaPHQDekc-7UdORdT5miu4A82svkrH4WeW0NWT0ttAmw9efh9lN9UnoCB0nIBXRPIAyEyI7J74wX8cQz1Fte-Gk7_CP-VmWCOZIxn-hAPfX76len3HUW1meMfvbC7Lbbc6BFvyhOlha6rM_3BrJ72UJtedUvyBCYnobCfDasz978RbRCqenkXbO0Rvhw6YBtHcm_XqS2HGdEUoJCc8JcEAzLV-ZooQY28eXhvN1Nb6fp8uVcQ3ZHna8Dfkd6LRsBoODICOEmzW8YDwPk7ephqEgAD45wUqZDKgKMXd-jIa-TpHv6dx5mZg9T6du2kVoDy7IDqIwtctjC7EIMJkX23sxIGxI8U9AdaP9srTXiQnLRO1lfWiQ01-tDHenrKEdiabKnVjq4nU8TOeOOAIcU8LAEr_RekXHwMxL3lNI8fvi5wk3C3Q6aBqtKVpTCwdxvDaXzW8Dn6qeUo_oGaoDDgcW-UvMta7-vU5-U3QbCcdZifXH71QkZ3Ps5kgFlUU8Hm07EHsUeuXKQUfyyi6Pxg3hlde_SW513HdXXeGCoduwFtO1dyb6gMyCAHivPiJYlQX29HlM3ibViR_EEC5_mLRNgQHfT3C3fgUz-wXN9eN5CQxwxOoqWIFnaLc8QDr5u6X88v99OJIPqetxqsfu260Mzb4WWyY8hKEDFHv1T49QfsDVysyeQeb38C-QLkmEqpyjq_yNnt6NYYdbjORaimaiaN43Vet7EIuAAdYgK_3_R1ICdvEePgNjFna68jNHg92s9UFQF-Md3Njayr2fuWAyfTnTFuEE6h_lKaVrgxRUSBguM7MSuHNlwISPbcWo0a1JgtcW7QyyVMyMd68lvXHpwKydmCnyUiJ4_K_fs3-MWnfTIzVzMAVBJ55-iGIrhu9wgQDd9f2V_0m1olpfdPVH5-_lqUZDOf2O-9KnFU40Noo7oiSHK9FfRW129UyrkpdRMG2DjFrpTJtf0LnpZJf6rj6yiZNc0Gl6_bzi1axcJPTUTybcNKSTbpaC1PPHVLLF2CkQls9e24Aut_wbpkSgvo-MfdPc-bsXqUZAEjsv-6lHFAszZtvRqN7S3f-T6gY98GN4IwS0XX177fnwHaH5Z4blFr8J80jdiVV5B0Dm5IMYLztfL5NYELu4OH7BXpHfZkhrec9fK1mLtw26HVp1VTfr54i7HjF7dkVyvS7wpq7baYxUNUBmQKeMJEFmxknpD_IzkuahyliJDN3iGBSItEvZVPINEFXapMeANxtvOyYiCx3TkycXjRuOOxpV8dedW4DEsdESSDFYR_TXJlhbuCayfpRMENQwFv-1loy40BZysayR_LY2SK4faUy3xIxky3ZXZ6lOn4Ug4xJ2KiQIhcfVoqlwwc79f3E517A6jMhA40pwd4ZI9YuhWjBDtfr1AT5AkyC5ebubY8tCIr5iTlUFn1GShQVbBcO5Osb0xOOI2f33pWFZR9u0q6QBPA3mUuhnO0_xj5aGiN7vIbBCg7YAD6HngcLKMujNQZXZog5Pu2mnB1Jk__uoc90TsW226bEF8swG0w6rsxy34-vg&cid=CAASJORo2Z_UbKyzrlPuIpFvTRSasw4jKvvY7-N_D8c2E53Qyo_LRw&rfl=2%2Chttps%253A%252F%252Fwww.boxofficeindia.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 03:52:08 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame E8A2 30 KB
12 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 03:52:40 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E8A2 41 KB
15 KB 45ms
3ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:36:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141371
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 12:36:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 472F 1 KB
749 B 2ms
2ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 03:25:19 GMT
etag: 48472445140208031
expires: Thu, 25 Aug 2022 03:25:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 472F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJEgA8DU-3sRjyW5xxs8SNM&google_cver=1&google_push=AehlK4BlKmFl7odawmqzRdGaNAJKUdi0J1q6KMePI2KU4rkz_l0HGHQIGNPfo1fWak5eAOUm25eVIcjyKm8zvAqu...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4BlKmFl7odawmqzRdGaNAJKUdi0J1q6KMePI2KU4rkz_l0HGHQIGNPfo1fWak5eAOUm25eVIcjyKm8zvAqu6K5JHIKxTg

170 B
188 B

61ms
42ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4BlKmFl7odawmqzRdGaNAJKUdi0J1q6KMePI2KU4rkz_l0HGHQIGNPfo1fWak5eAOUm25eVIcjyKm8zvAqu6K5JHIKxTg

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 24 Aug 2022 03:52:49 GMT
Server: MT3 4494 7cf1da7 master hkg-pixel-x17 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4BlKmFl7odawmqzRdGaNAJKUdi0J1q6KMePI2KU4rkz_l0HGHQIGNPfo1fWak5eAOUm25eVIcjyKm8zvAqu6K5JHIKxTg
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 24 Aug 2022 03:52:48 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 472F
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESELOVgYOXSVaqmZhCyaHW-Z4&c_param1=AehlK4ARMtM04-YpFycCXcSW5bnVcGhlnGDR1koTItN20tCifFkaxtx6bRngMkwURb9ABLn2YyWhi2O0g3-0Zjj0TuWUAkDpVJ0&gdpr=%%GDPR%%&a...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4ARMtM04-YpFycCXcSW5bnVcGhlnGDR1koTItN20tCifFkaxtx6bRngMkwURb9ABLn2YyWhi2O0g3-0Zjj0TuWUAkDpVJ0

170 B
188 B

42ms
41ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4ARMtM04-YpFycCXcSW5bnVcGhlnGDR1koTItN20tCifFkaxtx6bRngMkwURb9ABLn2YyWhi2O0g3-0Zjj0TuWUAkDpVJ0

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4ARMtM04-YpFycCXcSW5bnVcGhlnGDR1koTItN20tCifFkaxtx6bRngMkwURb9ABLn2YyWhi2O0g3-0Zjj0TuWUAkDpVJ0
date: Wed, 24 Aug 2022 03:52:49 GMT
server: nginx/1.19.0
content-length: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 472F 0
166 B 15ms
2ms Image
text/html 103.231.99.243
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGiCiu3yRuOQGiUG2o5KD2A&google_cver=1&google_push=AehlK4Cym6wDV6_eOHX3ZeZfL94iexNsWAKbsz-PE9G8no9yoCotfwABrow0SEYhpFZjx9BWwDrRJZsmR1USnULGa1CaZm17Wg
Requested by: Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 472F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENftmP6k-B0ETkIP8jF6s4M&google_cver=1&google_push=AehlK4C9irCkSbna966oZveyxASP987OIwO4QY7sqk3ywQJGJduZMF87pjlpAcBazyV1A0FLDb5...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc3MllUUFctMUotMTQ3Sg==&google_push=AehlK4C9irCkSbna966oZveyxASP987OIwO4QY7sqk3ywQJGJduZMF87pjlpAcBazyV1A0FLDb5As4hdZuK9DvtbK1UmbF-dwbw

170 B
188 B

84ms
83ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc3MllUUFctMUotMTQ3Sg==&google_push=AehlK4C9irCkSbna966oZveyxASP987OIwO4QY7sqk3ywQJGJduZMF87pjlpAcBazyV1A0FLDb5As4hdZuK9DvtbK1UmbF-dwbw

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc3MllUUFctMUotMTQ3Sg==&google_push=AehlK4C9irCkSbna966oZveyxASP987OIwO4QY7sqk3ywQJGJduZMF87pjlpAcBazyV1A0FLDb5As4hdZuK9DvtbK1UmbF-dwbw
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Expires: 0

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 472F 43 B
65 B 74ms
37ms Image
image/gif 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEHfQUjITrF-3SwNh2pe58Pk&google_cver=1&google_push=AehlK4BdVYUrm1BBPpqdXaTCAMh2jpQdGUCFBZWbX_OKVBlknVOPHbB59Z3IpBV1y2xL1lEpu9v_W381TU-dRKWHxeOUCp-TMNvd

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 Aug 2022 03:52:49 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 472F
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEGYCsNHy99E4Ei5qEvq9CZU&google_cver=1&google_push=AehlK4DXgFw_0RrVU0PkAmKuTlt-SlKUhdVLDu34noLjuSoV9AzVEfU4ouXx2EWK9lM4m-6_w66rEgTr-wO4xAO-I9gZK0jsZqeI
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAehlK4DXgFw_0RrVU0PkAmKuTlt-SlKUhdVLDu34noLjuSoV9AzVEfU4ouXx2EWK9lM4...
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOzGHWC-1EhYpFWNNnuC7VPyUS7U8Vuwix6rR3IA&google_push=AehlK4DXgFw_0RrVU0PkAmKuTlt-SlKUhdVLDu34noLjuSoV9AzVEfU4ouXx2EWK9lM4m-6_w66rEgTr-wO4xAO-I9gZ...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=E69pZGV5TDS2-eXPDmVJ&google_push=AehlK4DXgFw_0RrVU0PkAmKuTlt-SlKUhdVLDu34noLjuSoV9AzVEfU4ouXx2EWK9lM4m-6_w66rEgTr-wO4xAO-I9gZK0...

170 B
188 B

41ms
39ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=E69pZGV5TDS2-eXPDmVJ&google_push=AehlK4DXgFw_0RrVU0PkAmKuTlt-SlKUhdVLDu34noLjuSoV9AzVEfU4ouXx2EWK9lM4m-6_w66rEgTr-wO4xAO-I9gZK0jsZqeI

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy: no-referrer
x-permitted-cross-domain-policies: none
date: Wed, 24 Aug 2022 03:52:50 GMT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=E69pZGV5TDS2-eXPDmVJ&google_push=AehlK4DXgFw_0RrVU0PkAmKuTlt-SlKUhdVLDu34noLjuSoV9AzVEfU4ouXx2EWK9lM4m-6_w66rEgTr-wO4xAO-I9gZK0jsZqeI
x-xss-protection: 0
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept
content-length: 225
x-content-type-options: nosniff

GET
H2

200

/
onetag-sys.com/match/ Frame 472F
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOFlQ_mDUqgpSj_MwlCQKWQ&google_cver=1&google_push=AehlK4B3dLL1ySUUIsvSxd0HiLrIY6t3nbIe7tW9yqxQ5P0KIqbK2pcuWwMTh9x766rrDwAaVCaSWqLWEGd...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4B3dLL1ySUUIsvSxd0HiLrIY6t3nbIe7tW9yqxQ5P0KIqbK2pcuWwMTh9x766rrDwAaVCaSWqLWEGdKD51w3ZZsmp_q5yKw
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

303ms
230ms

Image
text/plain

51.79.234.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Server

51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip100.ip-51-79-234.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 472F 0
223 B 38ms
37ms Image
text/html 172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JeOPq_VqHHJTJInFq_QxlsX7p18LLxqo11eGqimzp9RV53vUReEj3v3WYbbiYzEOy5bFOiD3XC

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13023750825749512192/ Frame 3907 36 KB
10 KB 32ms
3ms Document
text/html 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13023750825749512192/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13db4ee11ffc7e61aeb8b75e5542810c090864df7c15af11c638dbecf0957cde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 171216
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 9953
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 04:19:13 GMT
expires: Tue, 22 Aug 2023 04:19:13 GMT
last-modified: Thu, 04 Aug 2022 19:20:10 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D054 22 KB
8 KB 2ms
2ms Document
text/html 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 48207
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Aug 2022 14:29:22 GMT
expires: Wed, 23 Aug 2023 14:29:22 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response
pagead2.googlesyndication.com/bg/ Frame D054 36 KB
14 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 01:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 01:46:17 GMT

GET
H3 200 e9c75bf5.png
s0.2mdn.net/sadbundle/13023750825749512192/images/ Frame 3907 4 KB
4 KB 3ms
3ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13023750825749512192/images/e9c75bf5.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6db34bd903920d0823ef8393e369782e90743dd91ceaa1600e406a26d0ae8bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:19:13 GMT
x-content-type-options: nosniff
age: 171216
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4453
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:20:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:19:13 GMT

GET
H3 200 f584f4e2.jpg
s0.2mdn.net/sadbundle/13023750825749512192/images/ Frame 3907 35 KB
35 KB 8ms
6ms Image
image/jpeg 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13023750825749512192/images/f584f4e2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

359e558ecbf39ab02b6a5aa43e2c34b3e79cc127d3c96bbb985ee4095f9e19fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:19:13 GMT
x-content-type-options: nosniff
age: 171216
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35648
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:20:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:19:13 GMT

GET
H3 200 d626140e.png
s0.2mdn.net/sadbundle/13023750825749512192/images/ Frame 3907 12 KB
12 KB 8ms
6ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13023750825749512192/images/d626140e.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

625fab6d4b96597f280b03b17d666c67b48f24dad70add5300f7e602fad41020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:19:13 GMT
x-content-type-options: nosniff
age: 171216
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12555
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:20:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:19:13 GMT

GET
H3 200 52a2ceb1.png
s0.2mdn.net/sadbundle/13023750825749512192/images/ Frame 3907 26 KB
26 KB 11ms
9ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13023750825749512192/images/52a2ceb1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

128f3ea6f36d12804294018c82c523aa7f2b4f97df7a0be92c2f18e00c534f32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:19:13 GMT
x-content-type-options: nosniff
age: 171216
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26557
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:20:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:19:13 GMT

GET
H3 200 44b72285.png
s0.2mdn.net/sadbundle/13023750825749512192/images/ Frame 3907 11 KB
11 KB 14ms
13ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13023750825749512192/images/44b72285.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6fa1f10ae9ba6d86e02b473c7e20101e9be80e4f1e667ff9b05b024313cb4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:19:13 GMT
x-content-type-options: nosniff
age: 171216
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11388
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:20:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:19:13 GMT

GET
H3 200 4da4a690.png
s0.2mdn.net/sadbundle/13023750825749512192/images/ Frame 3907 10 KB
10 KB 12ms
11ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13023750825749512192/images/4da4a690.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4948bbcbdc0ffc3c0065962326f2780e0a54e0e029baec2690d80a956f34e93b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:19:13 GMT
x-content-type-options: nosniff
age: 171216
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10327
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:20:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:19:13 GMT

GET
H3 200 e2f7ca8a.png
s0.2mdn.net/sadbundle/13023750825749512192/images/ Frame 3907 16 KB
16 KB 11ms
10ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13023750825749512192/images/e2f7ca8a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffb93d82f92d99f0a0c0445a488b70a40345a02967d342a3f2703c0ec89b6e52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:19:13 GMT
x-content-type-options: nosniff
age: 171216
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:20:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:19:13 GMT

GET
H3 200 fe21cf04.png
s0.2mdn.net/sadbundle/13023750825749512192/images/ Frame 3907 43 KB
43 KB 9ms
8ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13023750825749512192/images/fe21cf04.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d3ecc36c0586b10312f75bc69f598a5c511e617b751d6deecd0ecb047962b64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:19:13 GMT
x-content-type-options: nosniff
age: 171216
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43658
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:20:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:19:13 GMT

GET
H3 200 c9917f9f.png
s0.2mdn.net/sadbundle/13023750825749512192/images/ Frame 3907 1 KB
2 KB 13ms
12ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13023750825749512192/images/c9917f9f.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a828c511fd5466b8941822dae48b0067535a6855ba393e7122a24602407d8184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:19:13 GMT
x-content-type-options: nosniff
age: 171216
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1531
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:20:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:19:13 GMT

GET
H3 200 ad6ca5c6.png
s0.2mdn.net/sadbundle/13023750825749512192/images/ Frame 3907 3 KB
3 KB 12ms
11ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13023750825749512192/images/ad6ca5c6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea063130fd66df829b99fd3b631ef9c73dffb991c58d839c3e8fb2d0159642bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:19:13 GMT
x-content-type-options: nosniff
age: 171216
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2695
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:20:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:19:13 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D054 0
20 B 42ms
42ms Image
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlU7vkaAFY4n_BomDpt8Py8eqsA0AAAAAOAHgBAI&bg=!yMuly4_NAAYUOm8VNDo7ACkAdvg8WqI1Odz1hVnXvXCi5OmxOcUoAKEC3v6uauG5k0k7_1bY4-k3VAIAAABVUgAAAAFoAQeZA4pzDwm8gRDZAt5eST9eBFbVXh51Dmgug3FPEbpIzb5v6GXKoOOCGll6dJjdS-v4jreeA8vyCwph4mNWVrdLqjYvH8GU4ZBf14UEoEEVhWgzAvtOkUfhu4zfoGTSeHQHQwzWuVgSRzeEp1dgjJpmYxOCa5hsQb7kjdXATlprDQ-Rigv4rKYVr1c1yX-jtO5k4usGYfXk96X3bnENjjp4rVopzkjDuU4vPb3GnpxVrDAIyZjnz87pZ9BSdlltktpaLEpWH1VS9oWmLouAch4ohatDaRZ-407FpOqaAuk2YIO3GoQ9H28MnXDYMLX-bRmvAopNQwNlICXZ3vv43rJoPTFUHMDdfmbMrxyWkRKxzp8EaadSY0DsD3NQ-OCw_wOGxQ4qtyHO1g3Px3gMHYEWv2zQ04_jhLMx7rO3ryJuS4Wc-6eKMZ_duCSHhZp_60zXK0OS_xJE_33gv75zRov8ef05W_QbNYzO5v8RwbzAe0T-qn9Hn719bbAmlD_mBFggpJH5tqRaU8uHuIpuZewtq85Fw_kHW-K-ZdgHddzTYA1zZMiBoDGH7UlkE5Ul71ZXdwVdq2mZyq7VLOsHmG7GsnQjuMQTseHjXRFBZ8-o9tuA6i1AexIehXPP5OPuUEfLMNTHFOvCXEVugOzNTfO4lUXSsV17OXBWc_oL_Kpi2aBdjCg_P7Wtfmd06lIEkVIioKKdmZVM6zIksP8eqJxxrkRow1bkQ-AduuN15ArVSBlxmC4O6CJM5IKSHw9GiOFr66pf_DOzJ5ZXtTjSsuSHNglSfn5N3IfYrzzITuHuvCoUW7Unaw2LDfXrveXeijq8bkpFDSQS0dXsVF8NqaJ9l5wLNKvll_SjQdX2c2mjZ49_ZKlENUj5V4YcmXCK2KEyGqhSragNenSqUPBGU4cLWqxX4ESj61-gLTkkrBuLD-EjcjwX093YqX3uepujIbJkJxy80XJeK91mZyEvdpxMK9R5kRNFR-Pd54Nq1LgYVhbx8wlkUZYdQZacCa8w3CbcIa5Db2X-PghbYoGT3jBeB2FmueXlBHY0NQF7bchx4PqkysjLKvgQkiyXG88kr12fT4-tSiV4kt5-WY6usC78J5SKWlYo363OCLp3p3Y2v3inFi-wsPZSHz-HHZODiw1sPHSbjR7ndLtSHWLhbQv_2FadrQzNFKRxg_uLOseyw3e8eJWEE32TsF2XoXA

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BA95 6 KB
3 KB 6ms
5ms Document
text/html 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 03:52:48 GMT
expires: Thu, 24 Aug 2023 03:52:48 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D645 6 KB
3 KB 6ms
3ms Document
text/html 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 03:52:48 GMT
expires: Thu, 24 Aug 2023 03:52:48 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5F95 6 KB
3 KB 4ms
3ms Document
text/html 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 03:52:48 GMT
expires: Thu, 24 Aug 2023 03:52:48 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012208081650000/ Frame F4E9 220 KB
61 KB 116ms
2ms Script
text/javascript 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 125113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61502
x-xss-protection: 0
server: sffe
date: Mon, 22 Aug 2022 17:07:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "df13b0b17adb5918"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 22 Aug 2023 17:07:36 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012208081650000/v0/ Frame F4E9 14 KB
5 KB 121ms
8ms Script
text/javascript 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 125113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5197
x-xss-protection: 0
server: sffe
date: Mon, 22 Aug 2022 17:07:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aca8368210f82021"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 22 Aug 2023 17:07:36 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012208081650000/v0/ Frame F4E9 94 KB
28 KB 119ms
7ms Script
text/javascript 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208081650000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 125113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28794
x-xss-protection: 0
server: sffe
date: Mon, 22 Aug 2022 17:07:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cc093c4134ec5f1e"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 22 Aug 2023 17:07:36 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012208081650000/v0/ Frame F4E9 5 KB
2 KB 121ms
9ms Script
text/javascript 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208081650000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 125113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
date: Mon, 22 Aug 2022 17:07:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ef17e6cba96d5668"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 22 Aug 2023 17:07:36 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012208081650000/v0/ Frame F4E9 40 KB
13 KB 122ms
9ms Script
text/javascript 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208081650000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 125113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12948
x-xss-protection: 0
server: sffe
date: Mon, 22 Aug 2022 17:07:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "08e07a681963ea9f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 22 Aug 2023 17:07:36 GMT

GET
DATA 200
OK truncated
/ Frame F4E9 222 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07b207cb78a45b05e29db49284c7ab7241da504845cdca65c0e27b66c6cc4bab

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7FE7 6 KB
3 KB 3ms
3ms Document
text/html 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 03:52:48 GMT
expires: Thu, 24 Aug 2023 03:52:48 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 9516200581315271275
tpc.googlesyndication.com/simgad/ Frame F4E9 42 KB
42 KB 5ms
4ms Image
image/png 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9516200581315271275?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnpft4EhNq8lIAJPvFqLlk8YGMEjg

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee8ea62213ef15019a65f68d11de802768e46ad248a8a3c0dc14cee5377e6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 07:46:55 GMT
x-content-type-options: nosniff
age: 331554
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42692
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 10:18:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 20 Aug 2023 07:46:55 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F4E9 3 KB
3 KB 3ms
2ms Image
image/png 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 06:43:07 GMT
x-content-type-options: nosniff
server: cafe
age: 76182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 15880770647744369592
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Wed, 24 Aug 2022 06:43:07 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F4E9 344 B
368 B 4ms
3ms Image
image/png 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 06:43:07 GMT
x-content-type-options: nosniff
server: cafe
age: 76182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 24 Aug 2022 06:43:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F4E9 0
0 82ms
39ms Image
text/html 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQL4J_A9dy5WmNeqbGvt9w56gCyp4pv3NnNkQm5auKd_BmFlW7OrZJd0j73x9e3AIVEsRkfHpNuY-GxRbNdu1eTMDfTQ
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F4E9 0
0 51ms
50ms Image
text/html 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cf_BckaAFY4WuBYu88AW6z4JY69au_2u6mu330RC6vIzxvgEQASD-joOQAWCJ88WE9BOgAe3LzaUoyAECqQIzPgUEBKsJPuACAKgDAcgDCKoEmwJP0N--yaYmoj9JQiiXATmgTpTo9IY4To8MkNX4_7IYLqb6vIEl4QoCYVCmiemHIgfJwkpupRwOfMdCGtE8coaT6LxwFifojKxmvAtIIGDPVYdiCKzWc6vB0Uu7nel-guuvotmHuwP8OSj9VBVVE3HERaMq1bHTY56znRi9n6rdQyR5zre_RldSX_8AjUMCSoqNz_KvIkUDD5mvzQQyPrIniNkGhqHZMsAa4zcQK3ZLLsxGwjFrDW5N_HM3MxxyjRSRa7AKzgfR0jofqgMVOVwN7jIMn3gtXAXfMZLpJWIncyJ7JU9kc0fO--Zg9w4y9QdrrRCsgZRYkNHUOGWDzGZXLX2JtIhn9qCe6SHzDunQ8VFetFkce6lBtWDYwASZ_paHmATgBAGSBQQIBBgBkgUECAUYBKAGAoAH7YOehQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxDwLtIIDwiAYRABGB0yAooCOgKAQIAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi0yMjA5NzU5NDY2MjIxMDg5GN3MCQ&sigh=gGC1iQeSyQI&uach_m=[UACH]
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 29B3 611 B
317 B 42ms
42ms Document
text/html 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEYtcfs0AEwAQ&v=APEucNW7bEOD6RK1Xitwj6r93q_lrPWQ0k2yaahwA4NS-JMhxORsdn0vJw8UzoCGmJPF1NWI3z-CRqLAhO0lLzuWMnGge1lQ0g

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 03:52:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BA95 79 KB
33 KB 78ms
77ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B64-rSSnZvrTgkom7BngCdi2iFU4Z9P_xHahpxcM9F4UvubCT1x8QPRPwQY5_fDa9HHg9_5J1BCdpcecGuTFs0s7TNzw&cry=1&dbm_d=AKAmf-DaqpHs2VDBUYA-n-v2qVclsRBQ44SNIBfZNcOQVYgfxkCr7F3y3kLGHkV2Tx6if8aI6ITbmlduS36yHWG0d3JB_N3-I47MvAAH14tWGntpNAaqOCdnf_GgqWEy8IHzxqKsK2fa8CECpR7nhpoUxditb2G_DDD2YqdtFxFqicvvAIsltELpnW8DctdS-_AZA8yhHvNPmuaRB5h8ifAJd_zDTpEkuiqcBwYl5PUVHR-eUEZ_c5FTCmsSelbuN48Ubs7sKJCPv2Tv7NH_rQ8H3HwsjViqv90iTMgUuyTV_RuZm4vpTl9572S911ZmWXBYBwBAp6QKsKUMJ0pLb28jr67Dq0NM1Qzf5X88qpp_tz2cOoF5i8nGdKLerdnRNKmJ5ba240EEA7rX1xQ5Fn6AD3XW-15zHWHEFEJqmhUEkMEstWlIll7DGrnMvL5a4nGhQ45ztyvxZg8WPYJyuGHyBZrXmrDxaSi4tWTsVX-Vi2rJGgNkhaJYYINHos3HWgUyP7wJ5s8M5i74WDQEE9jMRe9jLhiOFt3hIHc_jz5tEC9g2crBGVsTjo3lSXBMtetvwS5eteRngx7qRvIKqVwMcP1aEAf6A99QqgnA2Xw_1xAln9Vz_W9W25ORwk47zFX_9tH3sEHCRlfACnd-8VWzdKXlfglWZKx2smieQO1jRgDpb-fvGEcIqfACCRZ7QWa3ilCD3QtbSmotaDdCk3t9BDX1NP_MhHHsLg3XnV5ujr5VbdkbnEOXBryd_AspMGR1fVLYWuF1w6h3LJZcNQyF-ChVa1cvDa4dLnW577aqo3V5yvJAj0kn1UKWqubYa9QM68tKaH52mUvCFZN5dUK3u8Q8DsO-hQH8-W7baxQvxeTPSa9UGvIKciJrWlcHWgxfb3112dqcXpMbJa_C_Wsn3_xAFRI328MWyIPrm2Zh4Lr0d9PY2WJ48Hj5GwT9mypP52N2wCEWUMYwhJoRK-ETA39PJ9We07NtKRmF_p4huuateg0mSnNkQrZAlJ7dL6b37wGMyQ6ZUr_7DejyUlxeyxiefNYNPGRgs7Lw94bhfYlbgpwrC4kP_dNmthyp6nZC-CJu3muRsUD25KaTCd7XOHyMNuIrszlf23A_nkKxMXrj91Gvs6mwbgFrPbT1rEFtnSfJ2a4fMwpYwAHiJtObp615G9kr3iMttjVWZvLr-pnrwI1otaoBpLXEJLluxSnGQn81_g0AkGGr5g99W6W05jt0E3Fm1yd_1a6tcOoaYVHItlUdfth1k7iCOBYVT-Fzm7BvbpWBLfgPIiYxUy4uucKX-O6bPsXNzJPOG54VKaufXjwSbZslzC4lywblDO1-xo_y8W3qf5a7L-Oh-6QtOFIj-de_kbTLrYOG-ft-HzA93IHLLjihcXDRVVphdr3ZJEj4veaCxR3z_HnhcW51GcSF5bd1KbieiIbGAArs629Bgau9Dy-1fX8Vs9x1eChU4lW2YlFPXSn8RkJvrsFvlbWn7v_Ebyt0Jip_co451rN5WqxUJLB871rBWYCX-yRCet6zkhZivvHJTqk3aK8rpToMZ10BkNpZ-7pt9tdi8Nqxr3TyaXCa3AhqVacxXGdctU4zQrv8D-3_xHJYLgBT_cvA3UFM8gngZbhqbucG932jsCQW0nmc8ud63zvxokiabKj7DxAlegCrbGAqH0u-1IQ9xwNITNqA3Pes7nI-_HjwtGgnfLMxs7l7B4nudJ_b5oYegrc6c634H_YP7xMCKTRJWWDBC7vQ3C-ARIxF2mSuUa37IzT77vtsYYvp9pksPuLObmKEAGclAbtSp32FK8YjbmqOi08Wm_A-9u5E6PXNU0u10UugZAjw_gX9EZXxscQ6cWg4vzq8aRZmDESwNE7CTzV64-se4JMz_xx-rlSYsxvHqqjFnJ-CTBS0DeT5ylz2Z0fV8XX5DZXXDG764jNtMQBu-e_u6Ge5D9XUa215k_5HIRR4Q1BMaKda0nRMp8Glj8o4Uqh_NOpXhbk586q48jxyDWrT4uFInFk4zq2u3uk9B-UjVys5Pg6BENPen1ZN2Cew5VULmL18D2AlrQcI-SFofgrW99g0wUrThHm9ND_bBVRWDh9_CyPb7IgKrjrl3sfyvr2ZGh2Qt4YPSuRr9HmkOC2jtjXVFEWj4W5GXXpq_9l6C6vW7oGmBhN9FNT9ug1dFUBmdkZ1LYBzreq6zfIaW2pxAnfzVJd5XIt119hmiHSXhh7JpqXI7ckKswviPLLa6qo8a2pL1i5yONJgsolvsix5ohYb51RTmbwcuIKEISMRnyuD1dgA9xypAeV5NwWi--pNc7tB4KytIbioa2rzg1igohV2KhF4sMcRe8LAGdIkkVica2a_5kUP4BIz7shGHxfosejs3xssTXXJ_00Om_r5Dc5MPXU2k2-cCG42iCod7mm3G5lFDHYc7Dru0JlHIph9oowmOAejVnstYP3PJG4h_PRr7tTdNtDjJWmwel7hyEHNGhb5M2B9dZASp1BaDYywSSZ4pXUSCGh7W2ltfg_ilqpGEGBsNhV2rxUFRf0fgWxEsNv5LZhhaL1Z_ivXnI49PNtx4eKXOQyVylzKSCCcZnTM2tjjgR3ezu_pHQi6FRHLLYDYrPtlgZvf8v8exJqJ2_5AUm0qC5jemSIq6sJizpQg7BOyC_mVmh3LuKLD9_a7z00cjzjZYeE5mzDgeHm9V0iMMKph5fE6WrFdk01iicG8GxucyFldSUc6syz-Egc4SR83JRE_TIXJMotn70WlV5Gfi9z8CHzMV9pmMWEFRAPB_g32VlZWylk47ZyYjIR8IBYSjQKuRd4l-Jy67eXrQ0fQ5Zp9D-thcba403QN6twvlJa-uu3X3u-67Ne1OtKmPBd1Nr_3ZQilUzl7I6W1hqmrN3l1xon8zrh_jXmI_b45WFQ1w6qSr8tYUpKillXJNmK9pipoywP5nBf-OY7E9T4GFj0h3hTBSuI3zfCtq8pvdgmV18bOVavfLj2rSeDX5giwrfElzzall6s1t_Rhgkwv9BK5k6m2LUhLgdqiIiFK1VJ5-Cv2IVQFK4HD8NtYtAgEB1ZR1P4jD26Lo0-aJ5Jk7FftGlbu7BOsCCKAfTrCxI_RjSu4vdrtCStDbcYThDqB7Mz4hES_GTjaomyadv-9pPA_3JAQgq5zpXEQbfn5XiWmWmX1Gndly77oadFmJrh6OvSP7xlIkbG-lhk0W-tZfKwrDntHzsuRYcZ-KRtTY9GJt6D75dbtR3KeQFcxrsWP8DvtGPdiNIEfsAJ4zffTx_wuGlvbPATDh-SCeZdw_zgyqKdcdpRRhdocdZlksTSZsiitX0YTxsdX&cid=CAASJORo0LCFX0d7_GDQDCj6UVA3V9ZSwgBFKb0u9rzPUXPxoYL3-w&rfl=1%2Chttps%253A%252F%252Fwww.boxofficeindia.com%252F%240

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4b1ae30fbd5c1d0d9e86da4c8d2e3aa7858ca005836cf6b7c9102d7f464cc2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33859
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BA95 42 B
63 B 37ms
36ms Image
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AYLwysatH-Us4r5yAyBvSay1Sf5CnXy40n90FnH4YGctQcBqemy46J5AMWLOTKFGjI4GRa6TgxyyWembNp0kFl78aZ6oMYAldtb6dYWd-dLZ4bCfY

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame BA95 3 KB
1 KB 4ms
3ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 03:46:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame BA95 17 KB
7 KB 6ms
6ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:44:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 03:44:54 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BA95 0
0 43ms
36ms Image
text/html 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSxvmvLgWPOR0N6zB9Ro8Lle66u-gPA2uFfyMd-HyvRPm5-h2RNi8_mVyHiDdSm_DLebGFxN1DV9RY6KzQjA0dQxMoz2A
Requested by: Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA95 140 KB
43 KB 74ms
73ms Script
text/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44049
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661168302676581"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 03:52:49 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8BCE 611 B
317 B 41ms
41ms Document
text/html 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEYxvzr0AEwAQ&v=APEucNU9LECXexKhzTGGr4KQ_ILZDmtKNqxaBMBNW5URTFRiZWU9BBM5mMI-2PamJ_QBkam_C0vAwc_icpGdzEXYB6ra7lYMxQ

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 03:52:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D645 79 KB
33 KB 79ms
78ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AAAyhfPPDvli-nwKiC9GjmmOiN59FpPxg6pnDQ89nFO7UNwFZYV82eMzc2CZpLybxVgqW6W5WpumD-ajewO58GWSBWDg&cry=1&dbm_d=AKAmf-ChwcEMU25dlikK9b5EdmBO3iHRHuEPwy3Zyl1n5ZkLEfTmATs24j568a17l3QeWMbtWxDdyp7V_VXxHlS4SoQC9fvzLSwxlc4L_FnrkcExhEmYeoXpPYh-4wWfTlfGdF0puRvNcI1Xo2CeyThz69dav1auI8W7tjoO3U5rChnBKwbUJ2CZALOABehBgprzZL8LsbUcp5Jl1L8Pcmps0YpFX4p1CSfNZsVy4iZ9JHOwRBsuThYLWmOH5XPqWxLJCqEivRKVSFjDzCVHweNMkfgJiJqCnevLo8nUl86ZteN4W348gIa-qKdnWoYlrVxenFYR2DtgULHCk-CNVaBokZoM6Tur5rFKmjqsBSdCBxIzXpxoktxfKy3jB4cIjpLNZu4q4b3YWrAW-5oJPXR6Y8xnIT5oN6NueAvHxnFmMLqi8kVLobYwadN5okS4rY7av9RMB3js-wRwNBsE34OXNj9qVZgcupJS9Kov_yu-odYdoYR7hOV4ygB5CmBeIhdIOpvQabkeFkfy4XpNFlgGF1UKrwXCaA64Aqoe0p-C41jxifBuM-mOkiqixBCMt1WS2tCqD96mv1Ps8PK88X21yfYQuK49iAFR9joeODzaZBUaO5zfDp0Ipct-xpVwnSDHz8RfRq5ZqGxToI-YHQ4NzsMTb_KHC5oPSBhU_oQLZJ-5oI3WiuRJATpJK7A_qf3xs1IACCgnO2OCVGJRvVBEV4TgbOehEmwo_2u4UXI1YSrASa29MQihkjBNRiuCrcOwXftZD-vRIV2wcabszuYfo-krpVf2V29L_dWtuwyP1wINDLnD1kRIWmexCDi_icq24XmxmVE_V1HBOq_LdQg2itpFdKqynlaMLFlCd68s_-kEUBmj2VCzsORjIVLhfuwsZLBKsjOd74MIipSvKOtmh4Iv3zzPjwVJvG77Cw1GNubPQz1TGL3b4nP-r9EUVEGMI3d5Qs9Q4P3JiNMt5LTcveLnzHmV8bMmxviuGS7I3F-sz_GtAPVo3TZQkd9vJ_kchP5Yk8AOBfEoquh1HtNNmDs5GHlo-mj0UeghH7-J3R22lpZwMnlSyzYwvaNLMHtOv64GODAWsBk88Z59J8sz-lxjBk84Wk3zPeV_TdPWIwRS4vmHLcfrqHmgDehpuZ7fcMjfGwauM5NVOl281IneMB9Pu6POhv63yPaaq9RRmemhmPpCLlgnA6DQ7UIZqq4cSvFm1-deTY4b8s1reoL-AD8MKpDFZGswLAeXf63QefOFNJwAg1moA31lEbAjI5K7kbLq20v0S6VgnEGchTG0OWmh02I-v7fuIpsQDtqyTa8KYO3BOu6eo9NlNMNNaxJIzbEzvO3Muix7GZHdpLUIWfN2LV5cR4yaA9VzEV5NWwvN_r2GJNTQkgRYb3DoHiwdr9o-13cjz7mvvkpxkyR69cfKeY87mQnoXaGO4WDss9TTTayg3vvJgixbbdAOYfVYKOVejJHChYyqbfRel8czBHBiyBzMFCZGKmsW1ZLMFYf_e3yB7lqOjnIU9YoJ_mokwFrdCCguCQ29jkTB3O0e18YViWqsSjvCpwa4mqlAhAJ_gK4JPXGkDhu3LLtgiNLQ5ZEHDCigJI55yhpd86q19vbVg1Qtrfs6mKM0xXXKoTJqWmjyVLuFGvi8FZOojy1MIj9azhw6l4YZVg0for55thzyP0NtQZHcimOiFYiEEwgSHi8DQ0PF8GkiS3tOg7Q7f8E5Dku4N47sjRWr8KfHumIuzEIy_XRvMxd60Srj5k-gkMuaXVrkbRH33ffPc2YqU7KeL7x-9xVsFlTjjAuf3JnRF7_NzdrXBGUAMZmJjifHUcn0ckRXeRZSnjcS6eB7yu_FBsG6G0x7QQiEi4emKudRR7dPvdpt1thzOMyop9cctbo_vcMJ7puEkCmRUWmGz5ow6WxnqpLJRNwS8RoEb8G4dZGfXQRtoxYrceA-q8XAoKKH57YWhDCG6phWe2R9XEGRoeFMPjxabE9D_HptE7C1BoJeED6QKs9BwgReOIj7NCbC3lSb3sSFVm6FwX2gH4fKT1-ps0sc2flg5dgXLBMC-o-zS0rvqtmaqzReVdH3VTeNDJkCDeflPoIvZLIz6-N55lI2CrlWAl9LuG1gWV0fEmPOAZ4zsX3AYBykrrRTAkVBsHWb6EmENawKh3VsJJRO1VgtYvfLoBvL9qURsdzoyKbbKiP4TfleQVBIr-7ZcUjqnfJFCSqBG_9hJR9ZCiDspSVTqN9TJ9hpJddOcAM0qC_oS1_bLC6L9G95nsaYSZJyLkir6BQUZ_MnIfmi5U1RWuD8v_-0by1YSkSotFBuiCeX4d-v2XzojqqUKzVRPpLYkDJzurxiDvoJNubiyeltWt0jQ_JNSjS_o1Ew7QnQlXZXZrPQ02tdeFv8yGA05nN7KOtdb8QHMNcQMBR2G6LTOUTWzCxue8oijdZ7XGNvnuPidAYXJfJlT2vt8OOhsHueYYIRVh2GhPp_knZXdDfTQne99-EBStCftBPkLaIan_nSTP0VvTlE-pUFN7CmIfxSpbT6E1GO5uBe6_J1ChhU1RGLeq_sPVW6KmJM8zMbdus7ISxfRL4hWrcwf2oz0JAQn_kJvBysgdk_bPbpJQEEV6DWZCt749gHEHD3eYd2QMVwzR7MBiT9-MKHI0m5bhc7ztPvJUQ-cOnqcSLj-QWpeNy5w6jyYaWaut3G7_Ygkfo9GbSAI-AxR3Q1OP_dpa1BG0Tc0wl8AiX6sX_yUy3DQwi6Hn6WJJAokhiNVZ5F5aokIpXeYrMD8LlMyc3kKuzv_UjNgk47dfb0TDw7JqQWgC8fzMg2cGWyXBmgwevoryPTYJ0sDmOxuWHpX4ZIO7PNYFjvMVpmzlABMqrLSZ4cfslepLGtqpdrT7ymwViuDqCQQP2YH0xHORR86buNUG8hoaHWet3HJa9OhMO096qheut_gjM28-_9U2_70WGE4Y2dGV9On4tRc_OdTG-LN-1j_8yoSL7wxe04M0d2-9OXNCmgTr_lbPgiw8wPGZrLtuuQEppdFg5LgSmyy2g3TXQRLrMU2HUHopStF-JtR_zAurqDR-X_ZtUUmGA8GVy-IKl68AF5dLQpjtv9uVu1eVoq5pJq6KG8kKsA3bxAH2pJSyM0cNwJu5kM0uLeoGu7jDZOGuxElmLZoAnvHo5mjFsmHn0BXz8Cd-cXg2HiFTy4PU88gAaNFydqeAqz_zKTlxJjPIQKQAM_taMM2yE5KmnIfSO6sCCWEFOOBZfUhqFl3X_vmzAtE-IKZCoww9L79tjXvG7jOEGN3eOolDlQ8TfGkXlyMPDi2JpQkQIMEY_UwbOBZ4eNXnhYpcFUaSh_bKENZA&cid=CAASJORoQCS5229_t9cglNpVZ-nRBUEzP-5rC62kH9HbLdpErGM6Ag&rfl=1%2Chttps%253A%252F%252Fwww.boxofficeindia.com%252F%240

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d68a0cdde94ee6b9befda865eefe22787c5d12e33e00b6e64ea091ce9e05bb66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33806
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D645 42 B
63 B 37ms
36ms Image
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CKVh1N3f7iw6f7bmP0fPXN7OWdkqBAFWiJTewEyA_7Xywc1ib7SjJDEUjMWON_nieNZXFnbCHW5ECAFBcfyJKCWFFfdIt0LqXPrF4vnBngSgIcKIA

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame D645 3 KB
1 KB 5ms
4ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 03:46:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame D645 17 KB
7 KB 5ms
4ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:44:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 03:44:54 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D645 0
0 41ms
37ms Image
text/html 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRnMWk4K1QcVVtHz9s-xRty6m7ccvKOnCxZndNgvukpaNUOPAaectrKpzouNpyyrf_RO3O3-72ftcoR8hGhhqQKIWJUJw
Requested by: Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D645 140 KB
43 KB 117ms
116ms Script
text/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44049
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661168302676581"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 03:52:49 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 3CB2 83 KB
28 KB 66ms
62ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc6be4e0446cd24ad821174f17712c4656266770325e9f8036343befd4968721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28511
x-xss-protection: 0
server: sffe
etag: "1312 / 97 of 1000 / last-modified: 1661293254"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 24 Aug 2022 03:52:49 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 5C84 35 B
55 B 6ms
2ms Image
image/gif 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=495445636&t=event&_s=6&dl=https%3A%2F%2Fwww.boxofficeindia.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x250&je=0&ec=general&ea=preroll_expired&_u=SACAAUABAAAAAC~&jid=&gjid=&cid=449757693.1661313168&tid=UA-0000-00&_gid=1377613117.1661313168&gtm=2ou8m0&z=1850217261

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 14:49:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47020
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 92CE 441 B
249 B 42ms
40ms Document
text/html 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEYxvzr0AEwAQ&v=APEucNX6pogMq3I8QgZK-_fsrhmRP0jFJUWBRJcA5lzBiYSDaPXAIH2SjFjHdTtfJ8uRNmpXAY8TNVfOs_zkwkpKLdho_wBMNg

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 227
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 03:52:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5F95 80 KB
33 KB 82ms
80ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKfst3XFAYmK5MoqYZCTG348tZsqjSukjIAkAtoKA42ZH1cuOXIe4s0-YMkki6h3AX1L2A5qyA6s5dc42XoIS44ddGnQ&cry=1&dbm_d=AKAmf-CUZRVoGnLIc6ibJXIsTNrL5ZsHQtL3sQx3rP_75zOVi0j2Kgl1zjnOuOgPQrCheF2EHIyVQSE-cWZQm8BU8XVH5_wbqGZOc3hrNhF4wwWvmTZwOjB4An_hZbAnB8qytpR3Wkl5uEuLW-9S2fFfRycsHjAe9XTE-VnQWcdC4h3_CnDak8RVZVaLHDhmHGbkdVExbcwF68bIOOt_H7sWen4jYOAiyZXLCXFh_fF4mM6e9ws4KC3RVgs1zYbHVP_wXKlvLsHRkeHkkjOv-Ikd4Z_rBU0GCvmvI_iHjcP-yAiuyRNfbEqNUGf81e2y73_e39uDws4YI3ZtU-Z5b6qz69MYXtnu_UF-eyTf6g15Q1v496aUP-c3GYi9uDHdryFrmGJ4YMkuemGAL8BSnkSdZyznfMBmsH2axp5OnPpaPI9eWSn-n3i9xQFBKByVBYuvUtTFn-rA4sXg0biB8kCJA0g7elKyJ-CJzg3KfmcsSI-y-yl_xbZ-wV-3M9I5D9RT6fwE1JWbrGVx3lYWyPlbWfO8XQDwaNMzbvpBenm1kAvqn6uPm3gSewPMnsHMFBaP_0PCR6-lUni5Xtr-_wN8kfXXAWHevO9TWfj4S1q3ZbdTLhKydudpNc4h7Oxcnr2D1LDlKybZgY6KLx04UFHQ4foomaWn_e5Ue8WTUVOEQe7U9VXxLjpXDi6hcvkKkilnkPmeRNhCN-H66-TZRzgM2YNTi_eYpF1kwP4KTuN0XuOTvI5eYtFc-Oh5NfqeBih7DtokkTN6wo6Z46j6ZoD62wlIyco6627TLXyf5cXouf_kvikKWx4BEELT9SA9BlIHybmervnj2koGiX4kOkZfgsBM3RE498bnTLH1-7wya5ZmK1H8TzJn2QiitTZ3HdY5Gw_AYonK_wgyVRmniB0KRparZZhlvgAPByacn9ldP6TJNwU8_wdVozkIquMWDVQxQg7HddT-OvU1BxrNdLydHjsXWZBh28tfMlUTixgM2wjV6KExtM5-Ky29pM8xu1TphcpKf0N2cdHs4J4D0FDJ2eE3d8oLcKM0N_r_LmJY2nHkWb9c30eP4I1nj1d44cGP3faG-6IhHDQojR0qLaLjIZVyTw9toRLk-B6L9B9MC4lUmp0OhNSclTRvPTXftoOUel8jTkY0QhmI8buffZui9eBl7RJHmOukYvNpTRwRp55wOFTdNKYWXIl6M0FZqGyWVlTzvLsVCFFxQoqyMDhrXlJsOtfqEQPdNpPt01okzXn1zQMstY7Z9vz6q4_k4jgOK11nyanporY408f4YX7UNXp3lkLe4BzgwQVAfS7rIIM6TDPZA283RhAp7l-HWemQLvcOa72c7hZ5IBS638Pv1tP3h27dtGTEQchxuPFfSuvrKKVCJ_TpJrfm_WImGCYN98qwnlSq7j3-aIna4WwrRjDPl41D_NL8nhuYcw6Xth3ry9XeoOWPCwPgnkZsFK9pWbqUARbbkaAvehi-KKH6zrWb4Y9t5VrHb6NUzwsSfgcpTeLipqqk2GSNji4Hhd7Lg53P3DvpoSUX-vzfNIvWlDcaHxaQ8jroQ8tiR0o31iAviA-QEjLAWOdQsnSMYywMJM2sTCPHjvFKA7EMsDj8ipsiNCjZntv9M90B3xLqD47GKhvgbYLN8KaY-flLdldUHr6N5kKrqjpNg9B8CByiAcQ1NC4c0Gf7xCQYV9darSfpjASxOHbOhMOuUAJvk1fwq_q64Pa0Afk9MALW-BVm3RrrtXW2rXMgQy8mQxF1kDnNtlgFobhqhF4lsdT8-6YTE3vk0KdZa4SCNvAL9zsmjxHxyL_HBJBmavEfEKjrWw3tan3p0BuIVYO43RLUKkMlxTm_uW-1YPxeHY5hs7Y_BhIc0wB4EIAJ6tgc8mYogifIo1F-8KLdXuRxzKuOZ8wyy_jpiTwjnAu6-JXJQxJ8fgFFzh9f05odt52QvPGVITNtjnf0-ApMoJN1FMEmAJMndnZBuJljNxjq6d5uFQezMyLs-llzcnyCyx2Nlq34oC7Dxw84NBC80pKJtDQ8ioDlKzzCwHiIPJeUK-BIx0qBWYlNx7-KiAr4_OlG0Wx7ry33cvAsaDAbaR5_RqnDlKTvtXjRyxMKOvRH--DxdJRQ1OHbogNmJenOFZDQ9ALSTXfOGWqwc6DtrxeHwJnVN-pwLhEVhSQH0g24XW6SoJf044aF5kIfuPy-S6Gr1iFANAgyiv2oP67SFmPrSP50R_Nl7l4DNbRAHVP-SG_pD2yCOfKxiEtCw0fJMsH_BCRlnLSvAhhxs8fkHJQHnsTZTmR7T_TtQ7xCJKKLHOgHYqIS37hlrR2JlHacvy2jxOGbEV5mHydGD9in0qXVqDJ1NycxbUU66d8YzkVX5euCBQyPXYZnvAdyG9I05P8V2RM_s1H3sasK3HQ13pFwQZiPMFmOMqzLPISoFzHqPyrBlcdfb42e9VBoW97hN1abVpJrCSdxz_1jvsElfKiGKYt0klrO10SQx_JMW0YqxfX1g6WOmUumUZztPTLGJq8F47cBiQbhoKoiHOp-JOUNC4ZtLp9IX9ENnHxxtZCVfs9bfTzie-wyko1nbZzGgYWXuomLPHlI5XbdmogWGeVmfkAq1xVhcbsezEqrdXZZKUp9RoS3zEHqV2l8kBJuzO20a1ZKAzFTRlXxq-lgU9s7--X5LP3a6eKtWKjQJQ2AqXya8FiMNrpNie5vv1zVBQB4Xn1M6c5RUCU4Q2caHZlwiPj5iFbzHBYf-PVLQDxVPYX7mAIhxVVff8tmVSQnGE_IMYU00cHz0DEZn9ZIPsUPdAnGSICWYq_ASNxKCEtcAnvBO3saZk0ZNKGmaYYFIAWCheRo3k2OnJCc6TsI5xXiyH5ybjXCZABQw2R4H_TFPLDHUfHkSjwTY7kjJBRgt_9cgepc496YC2Pk8HjEJE1uG4W_vFhVgOMSJp1BI0fJ0hbZd_dqEEEdxSCs3aQzN94B0vZZRZkC8FQkWd-T4cQmYbPT2nWrw4x4s48Aklb1FE8HdcHIh1ttuq53QFVIu3qPRfr-HJbmQUQZQFJPNH04AprgmAUQZHR04thUXhbeci5saZzWrXoME9wRyFvmwqiELZu5A0L4HXEStr8ut7btY9QWId3ns3MSbX0HYcpyzAIO-gPzoOA22rnweYz8tI69L8vu879lpj1NLTNilWJAAQPH-s7WNzS77D2PPmKs3t8UmXn0-9A6BpRvO6_2L4zdvWeyrWeW4Py4D6oSXyp5WYa0u15nn_1PUqjGBSFLjLJbn0Z-oMh6kTrj4QTIwuPqZGdoAm2eMeTSB3QQ9Xw8kMKZDkMK_Tk0tom9y1r2ms6HZzE22nHtRX9KJQ&cid=CAASJORoC5rj247FTM2Ebh3wn5B-UbOkBkjpYnc8kIXBpl8H95f-PA&rfl=1%2Chttps%253A%252F%252Fwww.boxofficeindia.com%252F%240

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08d44b40441c89acc9aeb6394fecafacb4a6af5a659a145f2f8d96a0b6326db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33947
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F95 42 B
63 B 41ms
39ms Image
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DzCA0bL0bncz9rEAHuDmBLhvuppDhTuFow5e0kXt86XNXjuPBp2iPLQRkPgqe611uUUorOHJbHF8tuZUWRvVFx8qd0HGnoeX5f5tvDcmJcG5lH3rg

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 5F95 3 KB
1 KB 5ms
2ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 03:46:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 5F95 17 KB
7 KB 7ms
4ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:44:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 03:44:54 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5F95 0
0 39ms
37ms Image
text/html 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSokaOXeJv0Fh_AWaqrrf-FjuU-Q5zAg18xbb6FhhznUh612_X-8GH2avxFoGTz1QncRmKnuQRXRb7jS7n7IBUBsAZUkQ
Requested by: Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5F95 140 KB
43 KB 107ms
104ms Script
text/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44049
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661168302676581"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 03:52:49 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A372 441 B
249 B 42ms
40ms Document
text/html 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEY89bs0AEwAQ&v=APEucNWjFjWBmgVcISAQSLx6m5BiBQal19e3oUlC-y1OOSuZ4WF25UpQ-3FEZrOuES5UkcEZJ7MSntw43hjzchiAOFSxw0jEvg

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 227
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 03:52:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7FE7 80 KB
33 KB 100ms
98ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CeDI8t1fVjUblpAYG8Ye4MCdUR-9BXaal59T-Cwtvev7Xl8TOzwQojz-_Vxv4095RD6bjy2xStPKnW4wHsQSlo3Cyzig&cry=1&dbm_d=AKAmf-APItW0TQ9DmZ2mCuSQHFrxqkhov-Nxm5V-siLQ9qZONtofFwrHf6ss4zOSWWCeoqvHzNJO919ymdcWhVTBCwYn1Fr3nDghMhO6bD5igXg154MsYlkHwB50CUpRt4muESJiLdouKxpZexWA56LIojheHGeQnh2iC55QhmKjn19NO2rA6P6T1qblfKvyFryEjYCSXknAQYgmVI9OYMwJ2j3YFry9aBoLLH4to4f8CKdwdP-lBt1-Kpa3TJIHRlBOOsWPHR8OVsKEKpaj2yUfnVvwDFQtcKK1sOVLxeVIuI71s-N9RTrMx9aSIs95Pej7Bt2g3GL1SDN0wnvHqLsPnNYboc68VFiKZBT3jfmSVO16VaCpHMwb6Hgt-X5yjZadAtelxfL9vA6qax9jWwH-ewcmofcWctlnqAJ6hMT8Flt_F1tkRoQE8LzZ3vU4AuG3Ep-rMcOZTbq5MQrHRlO_aHojDafZHqGqr1B43wJ4Ps30L0jlKiMDDrYn0znDsaDP3xqbskGOmX_IszillM1E3hQH7XXqSZBfnqVzYrdo7RjUJFcT3dcexJ4MFK-hwtioG_U1DHBusKMrlnxQTclMoGdja3JtaUCR7ElTDpYSj00ISPYjq2k4n-9sIKUN3UU0NonJ2wiGZ7-adIQxSeHZy6K6B2SKN2b3ANZZLJyAKCMIaIy4sHP5ay_7D7krZZafoBiTZ51jXm89E2_a_6Tn_sbXA5dtyt9LXqw1taEY7Kjqc5TnKcI5AGj_fwcgWU-MuI1i4jJhMZwmvlMjwjr8IH-yfwcXlGHI1nKPpsKXsnO4Pzk40bz8shtQTGYATIeZYd7z23Wns9i5ZKwNZMHvOscr7013Me21q76PQqDaRYm8ng1UTWNXWrUAsMH2bIxWJOcIF8ANhguW7Dgsdu1YCasI2B_Q2O77euDCeWJ6eYyEBq8gXR1B6UEH7mSJg_70fTEw2AVZ_TVReOBpSpZrQgWWFz-jyJhEipvxnWdTq3BIks_8xyQ3E7MfHOVF5uE9kE3HoZVV0W4To4OqlNJEEBi-2GNwHzLvYlN75OJb5zBYREDY8Lcce2WnKMXxI4MKi8Ge_-lr2gTAR78f9r8UZTjq88S4VWo3tAiMniJdL41qiBcFgW3cyeG1YBh8jfa12IqQhUSJnvYHHL6ScTwAnpfKNPTaYU21wQMfqC43pGD6Cq8T0Ot3uSoDE2_RrS-ymqVvPMUP6oloHBJaarfGlY4pYY5ZxTcOpgJIo6kK0O0OTo6CaU510d5G7g1XbDE66KqK3qijzOAX5k7uj6Veul54ryCa92w8s63Kv6cASRCriO1K8ZchGPk_iOjFHq7uMDRnnQmQ75wzp0L97CcR-YujcEFYQkS3ttdfN-G8_Xw-fJtQNhr8juvuU2LEH445ocuAGqQmfbmS07mtduuuGHUuRW3A57OxiK1S20h0umYptswVjPiBlRJilu6-P_brGc-eU7BF_Fj0g-VfjrjMDervK_9GZqB99ZCVbtTlUkkc9WErTfxQgtkPw03Xoikk8m5zUgA7p6gnNIyeluo3nzPF9i1xUnK9gXmvTPryhz-rSPYN9cVvPsSU2GW1e2zPbdtdNvb1Vp_DdulQOn7DWL3Wpu8msxWfpfSaizrHxB3EFRnDFosLpxdQbaZeAfjaUB_Ze08zg_F1StchsBrIVu_yRd8HGo7tYmP_3yYWNStLykGSh3qyk_D5I9tS-6oinmAaeaTY9Vnm1C0AZuuBql506Izd4Euk0aJltF-br-7-XTNTMzVgA8-I-QpbDLMQLxlCiClnu30CI2aEam4M3c1T3H9sw-Y-9BPHkKfR-0r0TthRJSVOcUseWwtw25Ips0DqrSiyJ2XZOi4AvIPkohSXbFVC9LEjyEdEKO-2PoeTjW6IpEJUaLOmpzagmRsSqXXdX5Wjrtw5Gin2gQAgyW5Lk4Z6B-UXbaMBuI0LiwSUicot1o8fo-NuFHF6rXnkEJlknfOqtO8Rq03YuezLSBhJNO8sbm8RgR6iarobf9P-Jk1EB1fWVVpes0bluMtTxwr1pxUtzLHxCpi36SIa2xrA8KslM9EecIqlGIvhT88m1UkHMiF6RKQnxndXd1a43rH9ZA4WFiOATTac03Fi_cEHkWLrGrxZnyKe2QgganCq89UKCJ2XdWt6SFpuPIQ8R9sEEAe1STFxpyMVaeXiFLEwbba_sdhHSdyfdoNxMf8NOglpjJBtyfsyfqHke-roUID4Cr5ybmwRAB6IUemliojiU0yJHo-Nm7ItP6oF60EWgIBXPY2uEx-qwgL7_NiQZMi_1gMncvo4YGvK9cKcryUjlbMSG5L4jIo66cPiulQIT4CzuG3mUkIGuZ6pXEHVevTqc6AfPpCcovKVvCD6IF-6nFuCdZ7WNTD9x7WvOZQDgsxMXLCQaYUH6yw_0zgfgkWCBLNENopx5uqYxNF1d2qPpW3Uy6Oc1QOhLpLhifpO9WaRMblkAplycjyuJIuhbfakKTeHLjpxdH6o4Oz41A4GMNZcfho0MCyQNwO-hVj1xNJkCB7rl4ZsYRb-GD7f0UbLsB7mxYg958p_Yw4aDQUMecfMWfKksdkeNcWSrNK0R2TQ_u-EO5eiuYtQDK-AIn8Hrmi_XTtoSGzrTlg8i4DzGUcVQdGcI1JqLYMXTO-Uli_OmqwT2QSuq3mtY3OSOFP5DpqM36J8-ZpxjF4s5EjH3mKT8H-eD3p8jR1sk21M2u4eTU2MV2jWIwXDVLia1Czce_qnwPOqpR8_xIAYz9wJX8rK0ydnXHZ3qOzRtPZRHCpLSNjnHMK0TvMzGcugVgWOELbHbpx0q19Xpi3XLT5F0eLj91tzXt4A0jV4aqETbBDcA4gX0kYJvaD5L3bCuDvOFJF6j7OnBBRIuARZhn9BEzQT9nICU6_1Xo-Dr1UwXwg1liwaUbSEgtmzfk7eAD7XGH0GZr3gXgrV7nQ8oDyCORHIKxD3m4eBVUtvRCgkLokz8PtuRXExokfsHfm7_8FEz_v2fDj8zHFGDyuYs9d5HUGaHZmCJhimUEyu_JNt86t2dRHQ0Hct3Mv54cJ053QtQG82vdyXfgaCPjA5Cn6BNtE19z_JNcBXFRdfyZT-f_QCCw9AEhZObVkvUewpDSFVArfbTbD66KcC106Pmd7IhqcT4euayw9m1h3WTNi_93WpcYfAhK5XCGx8WfpQlU63Zvc4BY13h1oWHLYzkomaOYJ66yLA0Ff7tv8Y1BswLPaMhL5uFLHqFR-mXxEssoTDZ7KaflVT8K1ndAWjvA0DaU3jTo0cdz48_U295_1TwX-kICCetfDj8KYC6bgvOCwJ0oszgXTVolCjjyQaGHnL9u8SdQ&cid=CAASJORo1HVm0U_ujIOJO4j8pUOiIJdvoOsHebt-OAXxqFLdIo0pvQ&rfl=1%2Chttps%253A%252F%252Fwww.boxofficeindia.com%252F%240

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f993369da04937acc321bab7fe7c63ade60e83d2b627ff604ed4154f628c4e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33971
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FE7 42 B
63 B 41ms
39ms Image
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AIoucZNCxEMro5cLPkj44ETCxjhkxb21iNFfWkfnk5_M0hkBMapHmwPbKGqkv7qTxTSXD1mIFuaf2GlYvDB_bVNacWzLTlVvwN3ahU__IQtcPXhEs

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 7FE7 3 KB
1 KB 5ms
3ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 03:46:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 7FE7 17 KB
7 KB 5ms
4ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:44:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 03:44:54 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7FE7 0
0 38ms
36ms Image
text/html 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRo__r-00XGJTDIRkdRmPzDQjTWh3rKglYr1ayA93cc_Dax5D3j-7HtyWvohyJL_bqeDEtIsDqbPMQ32X-Xnug0e5IJXA
Requested by: Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7FE7 140 KB
43 KB 103ms
101ms Script
text/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44049
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661168302676581"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 03:52:49 GMT

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 47CD 1 KB
2 KB 185ms
185ms Document
text/html 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1&dmt=3

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_rbd&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

7d28cbc412fb35048219365012a7f0f6ace201811166c674a8e596e8cc6539f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_rbd&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1071
Content-Type: text/html;charset=ISO-8859-1
Date: Wed, 24 Aug 2022 03:52:49 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid: ZCYAQZFZQ3K02J4GRPPM

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 29B3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHPCuJ_AJFpW1MUzbcCeGzw&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHPCuJ_AJFpW1MUzbcCeGzw%26google_cver%3D1

43 B
1 KB

133ms
115ms

Image
image/gif

104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHPCuJ_AJFpW1MUzbcCeGzw%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEYtcfs0AEwAQ&v=APEucNW7bEOD6RK1Xitwj6r93q_lrPWQ0k2yaahwA4NS-JMhxORsdn0vJw8UzoCGmJPF1NWI3z-CRqLAhO0lLzuWMnGge1lQ0g

Protocol

HTTP/1.1

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:50 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 87e4b887-c159-4733-a535-d6665e265088
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:49 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3e690483-fc45-42a2-a57b-75398be52359
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHPCuJ_AJFpW1MUzbcCeGzw%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 29B3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ3MzI2MTc2MTUzNDY2MDUwNw%3D%3D

170 B
188 B

40ms
40ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ3MzI2MTc2MTUzNDY2MDUwNw%3D%3D

Requested by

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:50 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 72078081-6f4f-4e37-b82c-be99a6a160f4
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ3MzI2MTc2MTUzNDY2MDUwNw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 29B3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC0DXS00iu585nebeDO37cU&google_cver=1

43 B
61 B

84ms
65ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC0DXS00iu585nebeDO37cU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEYtcfs0AEwAQ&v=APEucNW7bEOD6RK1Xitwj6r93q_lrPWQ0k2yaahwA4NS-JMhxORsdn0vJw8UzoCGmJPF1NWI3z-CRqLAhO0lLzuWMnGge1lQ0g
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC0DXS00iu585nebeDO37cU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 29B3
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjBjNWY0NjQtODlmZS02ZTIzLTcxNTAtZWI1OTkyNjQxMWI1

170 B
188 B

44ms
43ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjBjNWY0NjQtODlmZS02ZTIzLTcxNTAtZWI1OTkyNjQxMWI1

Requested by

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 24 Aug 2022 03:52:49 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjBjNWY0NjQtODlmZS02ZTIzLTcxNTAtZWI1OTkyNjQxMWI1
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 8BCE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHPCuJ_AJFpW1MUzbcCeGzw&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHPCuJ_AJFpW1MUzbcCeGzw%26google_cver%3D1

43 B
1 KB

121ms
121ms

Image
image/gif

104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHPCuJ_AJFpW1MUzbcCeGzw%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEYxvzr0AEwAQ&v=APEucNU9LECXexKhzTGGr4KQ_ILZDmtKNqxaBMBNW5URTFRiZWU9BBM5mMI-2PamJ_QBkam_C0vAwc_icpGdzEXYB6ra7lYMxQ

Protocol

HTTP/1.1

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:50 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e8fb87be-c638-4022-9e9d-b04ae2e3276a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:49 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 76288804-2642-4710-89ff-422f84655cea
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHPCuJ_AJFpW1MUzbcCeGzw%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BCE
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ3MzI2MTc2MTUzNDY2MDUwNw%3D%3D

170 B
188 B

41ms
41ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ3MzI2MTc2MTUzNDY2MDUwNw%3D%3D

Requested by

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:50 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2a2498e8-e996-4430-9582-78c484b4aae1
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ3MzI2MTc2MTUzNDY2MDUwNw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 8BCE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC0DXS00iu585nebeDO37cU&google_cver=1

43 B
61 B

90ms
78ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC0DXS00iu585nebeDO37cU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEYxvzr0AEwAQ&v=APEucNU9LECXexKhzTGGr4KQ_ILZDmtKNqxaBMBNW5URTFRiZWU9BBM5mMI-2PamJ_QBkam_C0vAwc_icpGdzEXYB6ra7lYMxQ
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC0DXS00iu585nebeDO37cU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BCE
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjBjNWY0NjQtODlmZS02ZTIzLTcxNTAtZWI1OTkyNjQxMWI1

170 B
188 B

89ms
88ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjBjNWY0NjQtODlmZS02ZTIzLTcxNTAtZWI1OTkyNjQxMWI1

Requested by

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 24 Aug 2022 03:52:49 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjBjNWY0NjQtODlmZS02ZTIzLTcxNTAtZWI1OTkyNjQxMWI1
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 92CE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEIR47Xtt9thbQN2KuV39tKQ&google_cver=1

23 B
172 B

11ms
11ms

Image
image/gif

23.45.61.118
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEIR47Xtt9thbQN2KuV39tKQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEYxvzr0AEwAQ&v=APEucNX6pogMq3I8QgZK-_fsrhmRP0jFJUWBRJcA5lzBiYSDaPXAIH2SjFjHdTtfJ8uRNmpXAY8TNVfOs_zkwkpKLdho_wBMNg
Protocol: H2
Server: 23.45.61.118 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-45-61-118.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 24 Aug 2022 03:52:49 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEIR47Xtt9thbQN2KuV39tKQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 92CE
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZmUzY2MzMGUtZWRjMS00ZDBhLTgxY2UtM2UxZDJiNzQ0OTg1

170 B
188 B

42ms
41ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZmUzY2MzMGUtZWRjMS00ZDBhLTgxY2UtM2UxZDJiNzQ0OTg1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEYxvzr0AEwAQ&v=APEucNX6pogMq3I8QgZK-_fsrhmRP0jFJUWBRJcA5lzBiYSDaPXAIH2SjFjHdTtfJ8uRNmpXAY8TNVfOs_zkwkpKLdho_wBMNg

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
server: akka-http/10.2.8
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZmUzY2MzMGUtZWRjMS00ZDBhLTgxY2UtM2UxZDJiNzQ0OTg1
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Wed, 24 Aug 2022 03:52:49 GMT

GET
H2

200

sync
partners.tremorhub.com/ Frame 92CE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
https://partners.tremorhub.com/sync?UIGL=CAESEIaJmIEVEyPG7piL99hjPrc&google_cver=1

43 B
183 B

529ms
172ms

Image
image/gif

2600:1f18:612b:4232:40ff:2de3:a398:119a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIGL=CAESEIaJmIEVEyPG7piL99hjPrc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEYxvzr0AEwAQ&v=APEucNX6pogMq3I8QgZK-_fsrhmRP0jFJUWBRJcA5lzBiYSDaPXAIH2SjFjHdTtfJ8uRNmpXAY8TNVfOs_zkwkpKLdho_wBMNg
Protocol: H2
Server: 2600:1f18:612b:4232:40ff:2de3:a398:119a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://partners.tremorhub.com/sync?UIGL=CAESEIaJmIEVEyPG7piL99hjPrc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 283
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame A372
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEIR47Xtt9thbQN2KuV39tKQ&google_cver=1

23 B
172 B

11ms
11ms

Image
image/gif

23.45.61.118
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEIR47Xtt9thbQN2KuV39tKQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEY89bs0AEwAQ&v=APEucNWjFjWBmgVcISAQSLx6m5BiBQal19e3oUlC-y1OOSuZ4WF25UpQ-3FEZrOuES5UkcEZJ7MSntw43hjzchiAOFSxw0jEvg
Protocol: H2
Server: 23.45.61.118 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-45-61-118.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 24 Aug 2022 03:52:49 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEIR47Xtt9thbQN2KuV39tKQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A372
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=Y2RjMzJmYTMtMzdmNS00NjhmLTg0NzItZDIwNDQxMmUxMTU4

170 B
188 B

39ms
39ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=Y2RjMzJmYTMtMzdmNS00NjhmLTg0NzItZDIwNDQxMmUxMTU4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEY89bs0AEwAQ&v=APEucNWjFjWBmgVcISAQSLx6m5BiBQal19e3oUlC-y1OOSuZ4WF25UpQ-3FEZrOuES5UkcEZJ7MSntw43hjzchiAOFSxw0jEvg

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
server: akka-http/10.2.8
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=Y2RjMzJmYTMtMzdmNS00NjhmLTg0NzItZDIwNDQxMmUxMTU4
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Wed, 24 Aug 2022 03:52:49 GMT

GET
H2

200

sync
partners.tremorhub.com/ Frame A372
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
https://partners.tremorhub.com/sync?UIGL=CAESEIaJmIEVEyPG7piL99hjPrc&google_cver=1

43 B
182 B

482ms
173ms

Image
image/gif

2600:1f18:612b:4232:40ff:2de3:a398:119a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIGL=CAESEIaJmIEVEyPG7piL99hjPrc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEY89bs0AEwAQ&v=APEucNWjFjWBmgVcISAQSLx6m5BiBQal19e3oUlC-y1OOSuZ4WF25UpQ-3FEZrOuES5UkcEZJ7MSntw43hjzchiAOFSxw0jEvg
Protocol: H2
Server: 2600:1f18:612b:4232:40ff:2de3:a398:119a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://partners.tremorhub.com/sync?UIGL=CAESEIaJmIEVEyPG7piL99hjPrc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 283
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022081701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 3CB2 384 KB
130 KB 3ms
2ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 14:28:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48246
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133512
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 08:37:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 23 Aug 2023 14:28:43 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame BA95 106 KB
37 KB 7ms
4ms Script
text/javascript 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Origin: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 09:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67809
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Aug 2022 09:02:40 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame BA95 8 KB
3 KB 7ms
5ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B64-rSSnZvrTgkom7BngCdi2iFU4Z9P_xHahpxcM9F4UvubCT1x8QPRPwQY5_fDa9HHg9_5J1BCdpcecGuTFs0s7TNzw&cry=1&dbm_d=AKAmf-DaqpHs2VDBUYA-n-v2qVclsRBQ44SNIBfZNcOQVYgfxkCr7F3y3kLGHkV2Tx6if8aI6ITbmlduS36yHWG0d3JB_N3-I47MvAAH14tWGntpNAaqOCdnf_GgqWEy8IHzxqKsK2fa8CECpR7nhpoUxditb2G_DDD2YqdtFxFqicvvAIsltELpnW8DctdS-_AZA8yhHvNPmuaRB5h8ifAJd_zDTpEkuiqcBwYl5PUVHR-eUEZ_c5FTCmsSelbuN48Ubs7sKJCPv2Tv7NH_rQ8H3HwsjViqv90iTMgUuyTV_RuZm4vpTl9572S911ZmWXBYBwBAp6QKsKUMJ0pLb28jr67Dq0NM1Qzf5X88qpp_tz2cOoF5i8nGdKLerdnRNKmJ5ba240EEA7rX1xQ5Fn6AD3XW-15zHWHEFEJqmhUEkMEstWlIll7DGrnMvL5a4nGhQ45ztyvxZg8WPYJyuGHyBZrXmrDxaSi4tWTsVX-Vi2rJGgNkhaJYYINHos3HWgUyP7wJ5s8M5i74WDQEE9jMRe9jLhiOFt3hIHc_jz5tEC9g2crBGVsTjo3lSXBMtetvwS5eteRngx7qRvIKqVwMcP1aEAf6A99QqgnA2Xw_1xAln9Vz_W9W25ORwk47zFX_9tH3sEHCRlfACnd-8VWzdKXlfglWZKx2smieQO1jRgDpb-fvGEcIqfACCRZ7QWa3ilCD3QtbSmotaDdCk3t9BDX1NP_MhHHsLg3XnV5ujr5VbdkbnEOXBryd_AspMGR1fVLYWuF1w6h3LJZcNQyF-ChVa1cvDa4dLnW577aqo3V5yvJAj0kn1UKWqubYa9QM68tKaH52mUvCFZN5dUK3u8Q8DsO-hQH8-W7baxQvxeTPSa9UGvIKciJrWlcHWgxfb3112dqcXpMbJa_C_Wsn3_xAFRI328MWyIPrm2Zh4Lr0d9PY2WJ48Hj5GwT9mypP52N2wCEWUMYwhJoRK-ETA39PJ9We07NtKRmF_p4huuateg0mSnNkQrZAlJ7dL6b37wGMyQ6ZUr_7DejyUlxeyxiefNYNPGRgs7Lw94bhfYlbgpwrC4kP_dNmthyp6nZC-CJu3muRsUD25KaTCd7XOHyMNuIrszlf23A_nkKxMXrj91Gvs6mwbgFrPbT1rEFtnSfJ2a4fMwpYwAHiJtObp615G9kr3iMttjVWZvLr-pnrwI1otaoBpLXEJLluxSnGQn81_g0AkGGr5g99W6W05jt0E3Fm1yd_1a6tcOoaYVHItlUdfth1k7iCOBYVT-Fzm7BvbpWBLfgPIiYxUy4uucKX-O6bPsXNzJPOG54VKaufXjwSbZslzC4lywblDO1-xo_y8W3qf5a7L-Oh-6QtOFIj-de_kbTLrYOG-ft-HzA93IHLLjihcXDRVVphdr3ZJEj4veaCxR3z_HnhcW51GcSF5bd1KbieiIbGAArs629Bgau9Dy-1fX8Vs9x1eChU4lW2YlFPXSn8RkJvrsFvlbWn7v_Ebyt0Jip_co451rN5WqxUJLB871rBWYCX-yRCet6zkhZivvHJTqk3aK8rpToMZ10BkNpZ-7pt9tdi8Nqxr3TyaXCa3AhqVacxXGdctU4zQrv8D-3_xHJYLgBT_cvA3UFM8gngZbhqbucG932jsCQW0nmc8ud63zvxokiabKj7DxAlegCrbGAqH0u-1IQ9xwNITNqA3Pes7nI-_HjwtGgnfLMxs7l7B4nudJ_b5oYegrc6c634H_YP7xMCKTRJWWDBC7vQ3C-ARIxF2mSuUa37IzT77vtsYYvp9pksPuLObmKEAGclAbtSp32FK8YjbmqOi08Wm_A-9u5E6PXNU0u10UugZAjw_gX9EZXxscQ6cWg4vzq8aRZmDESwNE7CTzV64-se4JMz_xx-rlSYsxvHqqjFnJ-CTBS0DeT5ylz2Z0fV8XX5DZXXDG764jNtMQBu-e_u6Ge5D9XUa215k_5HIRR4Q1BMaKda0nRMp8Glj8o4Uqh_NOpXhbk586q48jxyDWrT4uFInFk4zq2u3uk9B-UjVys5Pg6BENPen1ZN2Cew5VULmL18D2AlrQcI-SFofgrW99g0wUrThHm9ND_bBVRWDh9_CyPb7IgKrjrl3sfyvr2ZGh2Qt4YPSuRr9HmkOC2jtjXVFEWj4W5GXXpq_9l6C6vW7oGmBhN9FNT9ug1dFUBmdkZ1LYBzreq6zfIaW2pxAnfzVJd5XIt119hmiHSXhh7JpqXI7ckKswviPLLa6qo8a2pL1i5yONJgsolvsix5ohYb51RTmbwcuIKEISMRnyuD1dgA9xypAeV5NwWi--pNc7tB4KytIbioa2rzg1igohV2KhF4sMcRe8LAGdIkkVica2a_5kUP4BIz7shGHxfosejs3xssTXXJ_00Om_r5Dc5MPXU2k2-cCG42iCod7mm3G5lFDHYc7Dru0JlHIph9oowmOAejVnstYP3PJG4h_PRr7tTdNtDjJWmwel7hyEHNGhb5M2B9dZASp1BaDYywSSZ4pXUSCGh7W2ltfg_ilqpGEGBsNhV2rxUFRf0fgWxEsNv5LZhhaL1Z_ivXnI49PNtx4eKXOQyVylzKSCCcZnTM2tjjgR3ezu_pHQi6FRHLLYDYrPtlgZvf8v8exJqJ2_5AUm0qC5jemSIq6sJizpQg7BOyC_mVmh3LuKLD9_a7z00cjzjZYeE5mzDgeHm9V0iMMKph5fE6WrFdk01iicG8GxucyFldSUc6syz-Egc4SR83JRE_TIXJMotn70WlV5Gfi9z8CHzMV9pmMWEFRAPB_g32VlZWylk47ZyYjIR8IBYSjQKuRd4l-Jy67eXrQ0fQ5Zp9D-thcba403QN6twvlJa-uu3X3u-67Ne1OtKmPBd1Nr_3ZQilUzl7I6W1hqmrN3l1xon8zrh_jXmI_b45WFQ1w6qSr8tYUpKillXJNmK9pipoywP5nBf-OY7E9T4GFj0h3hTBSuI3zfCtq8pvdgmV18bOVavfLj2rSeDX5giwrfElzzall6s1t_Rhgkwv9BK5k6m2LUhLgdqiIiFK1VJ5-Cv2IVQFK4HD8NtYtAgEB1ZR1P4jD26Lo0-aJ5Jk7FftGlbu7BOsCCKAfTrCxI_RjSu4vdrtCStDbcYThDqB7Mz4hES_GTjaomyadv-9pPA_3JAQgq5zpXEQbfn5XiWmWmX1Gndly77oadFmJrh6OvSP7xlIkbG-lhk0W-tZfKwrDntHzsuRYcZ-KRtTY9GJt6D75dbtR3KeQFcxrsWP8DvtGPdiNIEfsAJ4zffTx_wuGlvbPATDh-SCeZdw_zgyqKdcdpRRhdocdZlksTSZsiitX0YTxsdX&cid=CAASJORo0LCFX0d7_GDQDCj6UVA3V9ZSwgBFKb0u9rzPUXPxoYL3-w&rfl=1%2Chttps%253A%252F%252Fwww.boxofficeindia.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 03:52:08 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame BA95 30 KB
12 KB 5ms
4ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 03:52:40 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame D645 106 KB
37 KB 8ms
5ms Script
text/javascript 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Origin: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 09:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67809
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Aug 2022 09:02:40 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame D645 8 KB
3 KB 6ms
4ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AAAyhfPPDvli-nwKiC9GjmmOiN59FpPxg6pnDQ89nFO7UNwFZYV82eMzc2CZpLybxVgqW6W5WpumD-ajewO58GWSBWDg&cry=1&dbm_d=AKAmf-ChwcEMU25dlikK9b5EdmBO3iHRHuEPwy3Zyl1n5ZkLEfTmATs24j568a17l3QeWMbtWxDdyp7V_VXxHlS4SoQC9fvzLSwxlc4L_FnrkcExhEmYeoXpPYh-4wWfTlfGdF0puRvNcI1Xo2CeyThz69dav1auI8W7tjoO3U5rChnBKwbUJ2CZALOABehBgprzZL8LsbUcp5Jl1L8Pcmps0YpFX4p1CSfNZsVy4iZ9JHOwRBsuThYLWmOH5XPqWxLJCqEivRKVSFjDzCVHweNMkfgJiJqCnevLo8nUl86ZteN4W348gIa-qKdnWoYlrVxenFYR2DtgULHCk-CNVaBokZoM6Tur5rFKmjqsBSdCBxIzXpxoktxfKy3jB4cIjpLNZu4q4b3YWrAW-5oJPXR6Y8xnIT5oN6NueAvHxnFmMLqi8kVLobYwadN5okS4rY7av9RMB3js-wRwNBsE34OXNj9qVZgcupJS9Kov_yu-odYdoYR7hOV4ygB5CmBeIhdIOpvQabkeFkfy4XpNFlgGF1UKrwXCaA64Aqoe0p-C41jxifBuM-mOkiqixBCMt1WS2tCqD96mv1Ps8PK88X21yfYQuK49iAFR9joeODzaZBUaO5zfDp0Ipct-xpVwnSDHz8RfRq5ZqGxToI-YHQ4NzsMTb_KHC5oPSBhU_oQLZJ-5oI3WiuRJATpJK7A_qf3xs1IACCgnO2OCVGJRvVBEV4TgbOehEmwo_2u4UXI1YSrASa29MQihkjBNRiuCrcOwXftZD-vRIV2wcabszuYfo-krpVf2V29L_dWtuwyP1wINDLnD1kRIWmexCDi_icq24XmxmVE_V1HBOq_LdQg2itpFdKqynlaMLFlCd68s_-kEUBmj2VCzsORjIVLhfuwsZLBKsjOd74MIipSvKOtmh4Iv3zzPjwVJvG77Cw1GNubPQz1TGL3b4nP-r9EUVEGMI3d5Qs9Q4P3JiNMt5LTcveLnzHmV8bMmxviuGS7I3F-sz_GtAPVo3TZQkd9vJ_kchP5Yk8AOBfEoquh1HtNNmDs5GHlo-mj0UeghH7-J3R22lpZwMnlSyzYwvaNLMHtOv64GODAWsBk88Z59J8sz-lxjBk84Wk3zPeV_TdPWIwRS4vmHLcfrqHmgDehpuZ7fcMjfGwauM5NVOl281IneMB9Pu6POhv63yPaaq9RRmemhmPpCLlgnA6DQ7UIZqq4cSvFm1-deTY4b8s1reoL-AD8MKpDFZGswLAeXf63QefOFNJwAg1moA31lEbAjI5K7kbLq20v0S6VgnEGchTG0OWmh02I-v7fuIpsQDtqyTa8KYO3BOu6eo9NlNMNNaxJIzbEzvO3Muix7GZHdpLUIWfN2LV5cR4yaA9VzEV5NWwvN_r2GJNTQkgRYb3DoHiwdr9o-13cjz7mvvkpxkyR69cfKeY87mQnoXaGO4WDss9TTTayg3vvJgixbbdAOYfVYKOVejJHChYyqbfRel8czBHBiyBzMFCZGKmsW1ZLMFYf_e3yB7lqOjnIU9YoJ_mokwFrdCCguCQ29jkTB3O0e18YViWqsSjvCpwa4mqlAhAJ_gK4JPXGkDhu3LLtgiNLQ5ZEHDCigJI55yhpd86q19vbVg1Qtrfs6mKM0xXXKoTJqWmjyVLuFGvi8FZOojy1MIj9azhw6l4YZVg0for55thzyP0NtQZHcimOiFYiEEwgSHi8DQ0PF8GkiS3tOg7Q7f8E5Dku4N47sjRWr8KfHumIuzEIy_XRvMxd60Srj5k-gkMuaXVrkbRH33ffPc2YqU7KeL7x-9xVsFlTjjAuf3JnRF7_NzdrXBGUAMZmJjifHUcn0ckRXeRZSnjcS6eB7yu_FBsG6G0x7QQiEi4emKudRR7dPvdpt1thzOMyop9cctbo_vcMJ7puEkCmRUWmGz5ow6WxnqpLJRNwS8RoEb8G4dZGfXQRtoxYrceA-q8XAoKKH57YWhDCG6phWe2R9XEGRoeFMPjxabE9D_HptE7C1BoJeED6QKs9BwgReOIj7NCbC3lSb3sSFVm6FwX2gH4fKT1-ps0sc2flg5dgXLBMC-o-zS0rvqtmaqzReVdH3VTeNDJkCDeflPoIvZLIz6-N55lI2CrlWAl9LuG1gWV0fEmPOAZ4zsX3AYBykrrRTAkVBsHWb6EmENawKh3VsJJRO1VgtYvfLoBvL9qURsdzoyKbbKiP4TfleQVBIr-7ZcUjqnfJFCSqBG_9hJR9ZCiDspSVTqN9TJ9hpJddOcAM0qC_oS1_bLC6L9G95nsaYSZJyLkir6BQUZ_MnIfmi5U1RWuD8v_-0by1YSkSotFBuiCeX4d-v2XzojqqUKzVRPpLYkDJzurxiDvoJNubiyeltWt0jQ_JNSjS_o1Ew7QnQlXZXZrPQ02tdeFv8yGA05nN7KOtdb8QHMNcQMBR2G6LTOUTWzCxue8oijdZ7XGNvnuPidAYXJfJlT2vt8OOhsHueYYIRVh2GhPp_knZXdDfTQne99-EBStCftBPkLaIan_nSTP0VvTlE-pUFN7CmIfxSpbT6E1GO5uBe6_J1ChhU1RGLeq_sPVW6KmJM8zMbdus7ISxfRL4hWrcwf2oz0JAQn_kJvBysgdk_bPbpJQEEV6DWZCt749gHEHD3eYd2QMVwzR7MBiT9-MKHI0m5bhc7ztPvJUQ-cOnqcSLj-QWpeNy5w6jyYaWaut3G7_Ygkfo9GbSAI-AxR3Q1OP_dpa1BG0Tc0wl8AiX6sX_yUy3DQwi6Hn6WJJAokhiNVZ5F5aokIpXeYrMD8LlMyc3kKuzv_UjNgk47dfb0TDw7JqQWgC8fzMg2cGWyXBmgwevoryPTYJ0sDmOxuWHpX4ZIO7PNYFjvMVpmzlABMqrLSZ4cfslepLGtqpdrT7ymwViuDqCQQP2YH0xHORR86buNUG8hoaHWet3HJa9OhMO096qheut_gjM28-_9U2_70WGE4Y2dGV9On4tRc_OdTG-LN-1j_8yoSL7wxe04M0d2-9OXNCmgTr_lbPgiw8wPGZrLtuuQEppdFg5LgSmyy2g3TXQRLrMU2HUHopStF-JtR_zAurqDR-X_ZtUUmGA8GVy-IKl68AF5dLQpjtv9uVu1eVoq5pJq6KG8kKsA3bxAH2pJSyM0cNwJu5kM0uLeoGu7jDZOGuxElmLZoAnvHo5mjFsmHn0BXz8Cd-cXg2HiFTy4PU88gAaNFydqeAqz_zKTlxJjPIQKQAM_taMM2yE5KmnIfSO6sCCWEFOOBZfUhqFl3X_vmzAtE-IKZCoww9L79tjXvG7jOEGN3eOolDlQ8TfGkXlyMPDi2JpQkQIMEY_UwbOBZ4eNXnhYpcFUaSh_bKENZA&cid=CAASJORoQCS5229_t9cglNpVZ-nRBUEzP-5rC62kH9HbLdpErGM6Ag&rfl=1%2Chttps%253A%252F%252Fwww.boxofficeindia.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 03:52:08 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame D645 30 KB
12 KB 6ms
5ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 03:52:40 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F4E9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

56ms
55ms

Image
text/html

142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Server: 142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Redirect headers

date: Wed, 24 Aug 2022 03:52:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 5F95 106 KB
37 KB 3ms
2ms Script
text/javascript 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Origin: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 09:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67809
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Aug 2022 09:02:40 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 5F95 8 KB
3 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKfst3XFAYmK5MoqYZCTG348tZsqjSukjIAkAtoKA42ZH1cuOXIe4s0-YMkki6h3AX1L2A5qyA6s5dc42XoIS44ddGnQ&cry=1&dbm_d=AKAmf-CUZRVoGnLIc6ibJXIsTNrL5ZsHQtL3sQx3rP_75zOVi0j2Kgl1zjnOuOgPQrCheF2EHIyVQSE-cWZQm8BU8XVH5_wbqGZOc3hrNhF4wwWvmTZwOjB4An_hZbAnB8qytpR3Wkl5uEuLW-9S2fFfRycsHjAe9XTE-VnQWcdC4h3_CnDak8RVZVaLHDhmHGbkdVExbcwF68bIOOt_H7sWen4jYOAiyZXLCXFh_fF4mM6e9ws4KC3RVgs1zYbHVP_wXKlvLsHRkeHkkjOv-Ikd4Z_rBU0GCvmvI_iHjcP-yAiuyRNfbEqNUGf81e2y73_e39uDws4YI3ZtU-Z5b6qz69MYXtnu_UF-eyTf6g15Q1v496aUP-c3GYi9uDHdryFrmGJ4YMkuemGAL8BSnkSdZyznfMBmsH2axp5OnPpaPI9eWSn-n3i9xQFBKByVBYuvUtTFn-rA4sXg0biB8kCJA0g7elKyJ-CJzg3KfmcsSI-y-yl_xbZ-wV-3M9I5D9RT6fwE1JWbrGVx3lYWyPlbWfO8XQDwaNMzbvpBenm1kAvqn6uPm3gSewPMnsHMFBaP_0PCR6-lUni5Xtr-_wN8kfXXAWHevO9TWfj4S1q3ZbdTLhKydudpNc4h7Oxcnr2D1LDlKybZgY6KLx04UFHQ4foomaWn_e5Ue8WTUVOEQe7U9VXxLjpXDi6hcvkKkilnkPmeRNhCN-H66-TZRzgM2YNTi_eYpF1kwP4KTuN0XuOTvI5eYtFc-Oh5NfqeBih7DtokkTN6wo6Z46j6ZoD62wlIyco6627TLXyf5cXouf_kvikKWx4BEELT9SA9BlIHybmervnj2koGiX4kOkZfgsBM3RE498bnTLH1-7wya5ZmK1H8TzJn2QiitTZ3HdY5Gw_AYonK_wgyVRmniB0KRparZZhlvgAPByacn9ldP6TJNwU8_wdVozkIquMWDVQxQg7HddT-OvU1BxrNdLydHjsXWZBh28tfMlUTixgM2wjV6KExtM5-Ky29pM8xu1TphcpKf0N2cdHs4J4D0FDJ2eE3d8oLcKM0N_r_LmJY2nHkWb9c30eP4I1nj1d44cGP3faG-6IhHDQojR0qLaLjIZVyTw9toRLk-B6L9B9MC4lUmp0OhNSclTRvPTXftoOUel8jTkY0QhmI8buffZui9eBl7RJHmOukYvNpTRwRp55wOFTdNKYWXIl6M0FZqGyWVlTzvLsVCFFxQoqyMDhrXlJsOtfqEQPdNpPt01okzXn1zQMstY7Z9vz6q4_k4jgOK11nyanporY408f4YX7UNXp3lkLe4BzgwQVAfS7rIIM6TDPZA283RhAp7l-HWemQLvcOa72c7hZ5IBS638Pv1tP3h27dtGTEQchxuPFfSuvrKKVCJ_TpJrfm_WImGCYN98qwnlSq7j3-aIna4WwrRjDPl41D_NL8nhuYcw6Xth3ry9XeoOWPCwPgnkZsFK9pWbqUARbbkaAvehi-KKH6zrWb4Y9t5VrHb6NUzwsSfgcpTeLipqqk2GSNji4Hhd7Lg53P3DvpoSUX-vzfNIvWlDcaHxaQ8jroQ8tiR0o31iAviA-QEjLAWOdQsnSMYywMJM2sTCPHjvFKA7EMsDj8ipsiNCjZntv9M90B3xLqD47GKhvgbYLN8KaY-flLdldUHr6N5kKrqjpNg9B8CByiAcQ1NC4c0Gf7xCQYV9darSfpjASxOHbOhMOuUAJvk1fwq_q64Pa0Afk9MALW-BVm3RrrtXW2rXMgQy8mQxF1kDnNtlgFobhqhF4lsdT8-6YTE3vk0KdZa4SCNvAL9zsmjxHxyL_HBJBmavEfEKjrWw3tan3p0BuIVYO43RLUKkMlxTm_uW-1YPxeHY5hs7Y_BhIc0wB4EIAJ6tgc8mYogifIo1F-8KLdXuRxzKuOZ8wyy_jpiTwjnAu6-JXJQxJ8fgFFzh9f05odt52QvPGVITNtjnf0-ApMoJN1FMEmAJMndnZBuJljNxjq6d5uFQezMyLs-llzcnyCyx2Nlq34oC7Dxw84NBC80pKJtDQ8ioDlKzzCwHiIPJeUK-BIx0qBWYlNx7-KiAr4_OlG0Wx7ry33cvAsaDAbaR5_RqnDlKTvtXjRyxMKOvRH--DxdJRQ1OHbogNmJenOFZDQ9ALSTXfOGWqwc6DtrxeHwJnVN-pwLhEVhSQH0g24XW6SoJf044aF5kIfuPy-S6Gr1iFANAgyiv2oP67SFmPrSP50R_Nl7l4DNbRAHVP-SG_pD2yCOfKxiEtCw0fJMsH_BCRlnLSvAhhxs8fkHJQHnsTZTmR7T_TtQ7xCJKKLHOgHYqIS37hlrR2JlHacvy2jxOGbEV5mHydGD9in0qXVqDJ1NycxbUU66d8YzkVX5euCBQyPXYZnvAdyG9I05P8V2RM_s1H3sasK3HQ13pFwQZiPMFmOMqzLPISoFzHqPyrBlcdfb42e9VBoW97hN1abVpJrCSdxz_1jvsElfKiGKYt0klrO10SQx_JMW0YqxfX1g6WOmUumUZztPTLGJq8F47cBiQbhoKoiHOp-JOUNC4ZtLp9IX9ENnHxxtZCVfs9bfTzie-wyko1nbZzGgYWXuomLPHlI5XbdmogWGeVmfkAq1xVhcbsezEqrdXZZKUp9RoS3zEHqV2l8kBJuzO20a1ZKAzFTRlXxq-lgU9s7--X5LP3a6eKtWKjQJQ2AqXya8FiMNrpNie5vv1zVBQB4Xn1M6c5RUCU4Q2caHZlwiPj5iFbzHBYf-PVLQDxVPYX7mAIhxVVff8tmVSQnGE_IMYU00cHz0DEZn9ZIPsUPdAnGSICWYq_ASNxKCEtcAnvBO3saZk0ZNKGmaYYFIAWCheRo3k2OnJCc6TsI5xXiyH5ybjXCZABQw2R4H_TFPLDHUfHkSjwTY7kjJBRgt_9cgepc496YC2Pk8HjEJE1uG4W_vFhVgOMSJp1BI0fJ0hbZd_dqEEEdxSCs3aQzN94B0vZZRZkC8FQkWd-T4cQmYbPT2nWrw4x4s48Aklb1FE8HdcHIh1ttuq53QFVIu3qPRfr-HJbmQUQZQFJPNH04AprgmAUQZHR04thUXhbeci5saZzWrXoME9wRyFvmwqiELZu5A0L4HXEStr8ut7btY9QWId3ns3MSbX0HYcpyzAIO-gPzoOA22rnweYz8tI69L8vu879lpj1NLTNilWJAAQPH-s7WNzS77D2PPmKs3t8UmXn0-9A6BpRvO6_2L4zdvWeyrWeW4Py4D6oSXyp5WYa0u15nn_1PUqjGBSFLjLJbn0Z-oMh6kTrj4QTIwuPqZGdoAm2eMeTSB3QQ9Xw8kMKZDkMK_Tk0tom9y1r2ms6HZzE22nHtRX9KJQ&cid=CAASJORoC5rj247FTM2Ebh3wn5B-UbOkBkjpYnc8kIXBpl8H95f-PA&rfl=1%2Chttps%253A%252F%252Fwww.boxofficeindia.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 03:52:08 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 5F95 30 KB
12 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 03:52:40 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5C84 42 B
64 B 78ms
41ms Fetch
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFJIHXRpdN4bs00rOLX2rXe7hVmbpcR73lXNROnp5ncawGd2LHX1LZGxoRS0ieVTeTP2N9WXZR72xHIhzh1-gLe3V_58H7_hDRP1aMwVgzx_gBGYKd&sig=Cg0ArKJSzBQ6VXFz_Q5eEAE&id=lidar2&mcvt=1025&p=253,980,503,1280&mtos=1025,1025,1025,1025,1025&tos=1025,0,0,0,0&v=20220822&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3949431089&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661313168413&rpt=376&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 7FE7 106 KB
37 KB 3ms
3ms Script
text/javascript 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Origin: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 09:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67809
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Aug 2022 09:02:40 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 7FE7 8 KB
3 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CeDI8t1fVjUblpAYG8Ye4MCdUR-9BXaal59T-Cwtvev7Xl8TOzwQojz-_Vxv4095RD6bjy2xStPKnW4wHsQSlo3Cyzig&cry=1&dbm_d=AKAmf-APItW0TQ9DmZ2mCuSQHFrxqkhov-Nxm5V-siLQ9qZONtofFwrHf6ss4zOSWWCeoqvHzNJO919ymdcWhVTBCwYn1Fr3nDghMhO6bD5igXg154MsYlkHwB50CUpRt4muESJiLdouKxpZexWA56LIojheHGeQnh2iC55QhmKjn19NO2rA6P6T1qblfKvyFryEjYCSXknAQYgmVI9OYMwJ2j3YFry9aBoLLH4to4f8CKdwdP-lBt1-Kpa3TJIHRlBOOsWPHR8OVsKEKpaj2yUfnVvwDFQtcKK1sOVLxeVIuI71s-N9RTrMx9aSIs95Pej7Bt2g3GL1SDN0wnvHqLsPnNYboc68VFiKZBT3jfmSVO16VaCpHMwb6Hgt-X5yjZadAtelxfL9vA6qax9jWwH-ewcmofcWctlnqAJ6hMT8Flt_F1tkRoQE8LzZ3vU4AuG3Ep-rMcOZTbq5MQrHRlO_aHojDafZHqGqr1B43wJ4Ps30L0jlKiMDDrYn0znDsaDP3xqbskGOmX_IszillM1E3hQH7XXqSZBfnqVzYrdo7RjUJFcT3dcexJ4MFK-hwtioG_U1DHBusKMrlnxQTclMoGdja3JtaUCR7ElTDpYSj00ISPYjq2k4n-9sIKUN3UU0NonJ2wiGZ7-adIQxSeHZy6K6B2SKN2b3ANZZLJyAKCMIaIy4sHP5ay_7D7krZZafoBiTZ51jXm89E2_a_6Tn_sbXA5dtyt9LXqw1taEY7Kjqc5TnKcI5AGj_fwcgWU-MuI1i4jJhMZwmvlMjwjr8IH-yfwcXlGHI1nKPpsKXsnO4Pzk40bz8shtQTGYATIeZYd7z23Wns9i5ZKwNZMHvOscr7013Me21q76PQqDaRYm8ng1UTWNXWrUAsMH2bIxWJOcIF8ANhguW7Dgsdu1YCasI2B_Q2O77euDCeWJ6eYyEBq8gXR1B6UEH7mSJg_70fTEw2AVZ_TVReOBpSpZrQgWWFz-jyJhEipvxnWdTq3BIks_8xyQ3E7MfHOVF5uE9kE3HoZVV0W4To4OqlNJEEBi-2GNwHzLvYlN75OJb5zBYREDY8Lcce2WnKMXxI4MKi8Ge_-lr2gTAR78f9r8UZTjq88S4VWo3tAiMniJdL41qiBcFgW3cyeG1YBh8jfa12IqQhUSJnvYHHL6ScTwAnpfKNPTaYU21wQMfqC43pGD6Cq8T0Ot3uSoDE2_RrS-ymqVvPMUP6oloHBJaarfGlY4pYY5ZxTcOpgJIo6kK0O0OTo6CaU510d5G7g1XbDE66KqK3qijzOAX5k7uj6Veul54ryCa92w8s63Kv6cASRCriO1K8ZchGPk_iOjFHq7uMDRnnQmQ75wzp0L97CcR-YujcEFYQkS3ttdfN-G8_Xw-fJtQNhr8juvuU2LEH445ocuAGqQmfbmS07mtduuuGHUuRW3A57OxiK1S20h0umYptswVjPiBlRJilu6-P_brGc-eU7BF_Fj0g-VfjrjMDervK_9GZqB99ZCVbtTlUkkc9WErTfxQgtkPw03Xoikk8m5zUgA7p6gnNIyeluo3nzPF9i1xUnK9gXmvTPryhz-rSPYN9cVvPsSU2GW1e2zPbdtdNvb1Vp_DdulQOn7DWL3Wpu8msxWfpfSaizrHxB3EFRnDFosLpxdQbaZeAfjaUB_Ze08zg_F1StchsBrIVu_yRd8HGo7tYmP_3yYWNStLykGSh3qyk_D5I9tS-6oinmAaeaTY9Vnm1C0AZuuBql506Izd4Euk0aJltF-br-7-XTNTMzVgA8-I-QpbDLMQLxlCiClnu30CI2aEam4M3c1T3H9sw-Y-9BPHkKfR-0r0TthRJSVOcUseWwtw25Ips0DqrSiyJ2XZOi4AvIPkohSXbFVC9LEjyEdEKO-2PoeTjW6IpEJUaLOmpzagmRsSqXXdX5Wjrtw5Gin2gQAgyW5Lk4Z6B-UXbaMBuI0LiwSUicot1o8fo-NuFHF6rXnkEJlknfOqtO8Rq03YuezLSBhJNO8sbm8RgR6iarobf9P-Jk1EB1fWVVpes0bluMtTxwr1pxUtzLHxCpi36SIa2xrA8KslM9EecIqlGIvhT88m1UkHMiF6RKQnxndXd1a43rH9ZA4WFiOATTac03Fi_cEHkWLrGrxZnyKe2QgganCq89UKCJ2XdWt6SFpuPIQ8R9sEEAe1STFxpyMVaeXiFLEwbba_sdhHSdyfdoNxMf8NOglpjJBtyfsyfqHke-roUID4Cr5ybmwRAB6IUemliojiU0yJHo-Nm7ItP6oF60EWgIBXPY2uEx-qwgL7_NiQZMi_1gMncvo4YGvK9cKcryUjlbMSG5L4jIo66cPiulQIT4CzuG3mUkIGuZ6pXEHVevTqc6AfPpCcovKVvCD6IF-6nFuCdZ7WNTD9x7WvOZQDgsxMXLCQaYUH6yw_0zgfgkWCBLNENopx5uqYxNF1d2qPpW3Uy6Oc1QOhLpLhifpO9WaRMblkAplycjyuJIuhbfakKTeHLjpxdH6o4Oz41A4GMNZcfho0MCyQNwO-hVj1xNJkCB7rl4ZsYRb-GD7f0UbLsB7mxYg958p_Yw4aDQUMecfMWfKksdkeNcWSrNK0R2TQ_u-EO5eiuYtQDK-AIn8Hrmi_XTtoSGzrTlg8i4DzGUcVQdGcI1JqLYMXTO-Uli_OmqwT2QSuq3mtY3OSOFP5DpqM36J8-ZpxjF4s5EjH3mKT8H-eD3p8jR1sk21M2u4eTU2MV2jWIwXDVLia1Czce_qnwPOqpR8_xIAYz9wJX8rK0ydnXHZ3qOzRtPZRHCpLSNjnHMK0TvMzGcugVgWOELbHbpx0q19Xpi3XLT5F0eLj91tzXt4A0jV4aqETbBDcA4gX0kYJvaD5L3bCuDvOFJF6j7OnBBRIuARZhn9BEzQT9nICU6_1Xo-Dr1UwXwg1liwaUbSEgtmzfk7eAD7XGH0GZr3gXgrV7nQ8oDyCORHIKxD3m4eBVUtvRCgkLokz8PtuRXExokfsHfm7_8FEz_v2fDj8zHFGDyuYs9d5HUGaHZmCJhimUEyu_JNt86t2dRHQ0Hct3Mv54cJ053QtQG82vdyXfgaCPjA5Cn6BNtE19z_JNcBXFRdfyZT-f_QCCw9AEhZObVkvUewpDSFVArfbTbD66KcC106Pmd7IhqcT4euayw9m1h3WTNi_93WpcYfAhK5XCGx8WfpQlU63Zvc4BY13h1oWHLYzkomaOYJ66yLA0Ff7tv8Y1BswLPaMhL5uFLHqFR-mXxEssoTDZ7KaflVT8K1ndAWjvA0DaU3jTo0cdz48_U295_1TwX-kICCetfDj8KYC6bgvOCwJ0oszgXTVolCjjyQaGHnL9u8SdQ&cid=CAASJORo1HVm0U_ujIOJO4j8pUOiIJdvoOsHebt-OAXxqFLdIo0pvQ&rfl=1%2Chttps%253A%252F%252Fwww.boxofficeindia.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 03:52:08 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 7FE7 30 KB
12 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 03:52:40 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ Frame 3CB2 107 B
122 B 39ms
38ms Script
application/javascript 2404:6800:4004:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=www.boxofficeindia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 03:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3CB2 107 B
122 B 41ms
41ms Script
application/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.boxofficeindia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 03:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CB2 0
0 37ms
37ms Fetch
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=topics_debug&api=false&signalVal=undefined&signal=null&signalResolved=1&signalFlag=0&nonBlockingFlag=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 3CB2 20 KB
9 KB 450ms
450ms XHR
text/plain 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2179290984517249&correlator=603754536724783&eid=31069104%2C21068767%2C31068884%2C31062931&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fif&iu_parts=229445249%3A1067277%2CDWTag-DFPNew_RS75_Boxofficeindia_DWV_300x250_180321&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=210909084&sfv=1-0-38&fsapi=false&eri=4&sc=1&cookie=ID%3D4eebd6e511a664e1%3AT%3D1661313168%3AS%3DALNI_MYF_jgPaPyA1nWK2rDl1Fef5VvCGg&cdm=www.boxofficeindia.com&gpic=UID%3D000008f88bd85ef5%3AT%3D1661313168%3ART%3D1661313168%3AS%3DALNI_MZC43xI-n1ra-ISYGrfeabGGb9gmA&abxe=1&dt=1661313169846&dlt=1661313168759&idt=1078&adxs=980&adys=253&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=eawqow2t5x4z&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Fboxofficeindia.com%2F&loc=https%3A%2F%2Fwww.boxofficeindia.com%2F&top=www.boxofficeindia.com&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=449757693.1661313168&ga_sid=1661313170&ga_hid=421396577&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a61040e242b4663ac86b74da9a1a0116981dc821445a50e2132fb903ff168a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9427
x-xss-protection: 0
google-lineitem-id: 5990130883
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138388911453
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.boxofficeindia.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3bb8f22b24ecaaa65cd3079c14ee23c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E40E 6 KB
3 KB 74ms
38ms Document
text/html 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3bb8f22b24ecaaa65cd3079c14ee23c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 03:52:49 GMT
expires: Thu, 24 Aug 2023 03:52:49 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8237831796738228224/ Frame 1829 24 KB
6 KB 3ms
3ms Document
text/html 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8237831796738228224/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c17854a78acba974bbb61f8b6320a4d2a113c93817adca72713a0ac05d7ed30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 169770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 6369
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 04:43:19 GMT
expires: Tue, 22 Aug 2023 04:43:19 GMT
last-modified: Thu, 04 Aug 2022 19:21:52 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BA95 0
64 B 129ms
52ms Ping
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstYxsAnAL6js8htPlzjDQvBSKDVpcBVSY2EAdCU3ALshB6oEU7EiiI-gOd9tidNPNstD7gXmWg32R2xQ-A93yMXtBe3O1Wh7DSiHEkPnOtV1FtXiSEax-ncH-K7TNh2DElrtrsiXtqetZrZALuWONDPfWT5vGTUh_OBSC6fHynf9MGeYO-UM8kDI5AIEklYCYoShgb9W6wfds1rCrLpcFyCpVgaT5Dk25GTUNU06ohfQu0t5LErjKFvX3EnHscfrlsIJORZsfOriGdJPaWAa3T6cXk_zPdM6FjCURt4sCIbWawkaRytZHVcJsqbDHi_vx_2poZkFfHOsPw1A_xzRpYimuYjSGL0Hs2m9FW-BAf8PtMkc64sRcAe6nNLJBbX1G32SBi_SE6Jfcb8HQxJleRIqz-Hr_pyB7c_jBFNqu54iOEGkRHucAAeMtCAI5574Rzql7U3ZWVGzxf6vwyxxQ5ZFE6zHcJX65mqitDTLY-KSsoo54wBJcowTOULCoV0SSzcl4SJGS3FfqE1clv1ItECuPKTtHw1xGN0tFAorNTA1bvBSgFrvTZ9em9ap4UxGmxT6_jnKEiOpx8z-eSBFrmRtYz_2YHJQii4vQVP6R7JZ7AilHvX__2bjlubNHjoCV8uRf0kpMrJum6R5ix1VCHSkIl0A96rIrXWP_AEXmZ7gVklOUDOXb3rLuLAqBb737xOViVoqQKqR60Zx5cRoHAdPkQ4CEukwU2Hgh7FH-ORH1SGxxkIjPlJ4YgVLwKKvEiUn7JGLnGPQttAOLzd67ClkSIb381ZMq4g7H5us63339NAgK5cYauInMgi-yZrTYxfY9x3QQfT8AT4hreOT-NXHOjedqFQlH6I-uVZFaRO4Was7prGHq6Kc9jKx7K5wLU5tBUnW1h16SKZgNJkXbkI5Dzicv6-xKaTBLNvY8Mx1lhpnx-trSHarT90zBAENwRSgG0BqaTqIEvpUYVGT5CzyntFuaAo_25G5LOGvlIBdQgWbmGvHd-Ug4aacVMrHeDuzFQwUIWvCjyQqKHLGOamOKf3IxIxCWZ9l-cZkcJIKtqjmuilsNlbT-crURg_cx6iaArhHKANcEAXwqHWzGUcFQZna-NDpZt9767VUNuISDRRHBDAdZuNGAA6HNT1Zn1DkOj98bgq0zBkrc2LmtMgCCn3eZLCFT8fytIR4N9Kvc8AtWlm-6Dki7jwIbPLcs0KoocdASVhXeqyvCfA8YGYArSxUb-9WbenJ78Q8QHn6FKQMcwoaTYSsjY3pqgapanj0qKGGsdmYAPnqle_jtzNKtut1j9Ig_3kCA&sai=AMfl-YTU6KAgdD2NBhVoFt_TSn9w74ADAkEVmLM6qP8sdL8Q2NS1fPpku9coZqSA5UKfXRN3uEqso_w6YLIzRNsO9vbro9TgvwzVFBP_olMZD5jYCXPe9tGu2EgNLbK-Y6kFniYsfTCA2viK3viBZa6k1a-2JUEzEK8ZZU4DTfdo6SieRf8tvH4MFVNmqONFipoJGHnLtFi5kWAVBqRAG1MSqVv_VIO-Nu1xijyCdqtv5WA2GV0k&sig=Cg0ArKJSzAzYyVe4GQXIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=95&cbvp=1&cstd=93&cisv=r20220822.90766&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 24 Aug 2022 03:52:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8396020733649616896/ Frame AE49 38 KB
10 KB 4ms
3ms Document
text/html 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f62cdd62bf8db4ac62a2808f40171fa38f402236695b8d5cd6e2c0587476d998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 166675
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 10208
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 05:34:54 GMT
expires: Tue, 22 Aug 2023 05:34:54 GMT
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D645 0
64 B 120ms
55ms Ping
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssBYTtRSd7Akgbb-6gOP9Zz1_SlC03_TJnCBLr5hH8Ynur0iZtyJv3RDQsTl32zzi8T4k3hlObb0kztOwf4et-6tAQj8MrU0PqOUAFQYFM8H1u0RuG1gWB36avwqy_B5lzDhO9QRoWTDpeYaD3nz4Us4wm2WjiPbCw1WlQjm9UJx0L2xd0djNQydSnMWuW9IA2e54Kr7hgpYj1ch0bOWALeDFxV0vdJBIFUYPdxV5ZKmR-yUg3lAh6oPh0ixbZwXHpeQRqdRgI1qc8lrLVl0uBXk6lG13AFW7W04g0jD0pSLsgTJ2sX7sjtPj074ADeJNE0uIdfQ9JctLqhIzSOqkCArz1aFU0xWsoAeJcWierlajYJJaIWB2YcADWuXX_dxlJ6w7hxjfEB9cxPRwk518qpJRnM9X05kCimwX746Xny1sg38ALk-bvvrFviUjDs2JJUe8d1N7UTOTrqiC74gEo5y798Iv21v6SYuwFf21JaHBij5rTLLvSK7PJHZXoTdUZf3U73vMBsb5J7-Ur60MJF6Tl4IJeEc3V-qW0FEER_q9vpggFkB-MlZdS35ZO0E9fwSn2DDGi0AymyphmOFyYsju-NCTooNP1yuoJTaNncYIkSGblC9mVSpbuHlUAvgv6y6Kghz2xQoz16g5LQw8LbvA2Ml0mW0ltU1jSUZNgbNYEVoEjnfpkdQEatVUbxJL9fJRmXysIuTio9BTan9K_SQsGIB5SRQ3NxtJgAVtLYzLORpbmZmy6F8cYaAJ74jK8TW8moHklUXoobr6dFT9238bIL2HKaiIW3gPUh9iXdwmlJhMdE4w_BpM1uXihQJbAU0hC3Qk2OktX0TQTRwqZrlDjWMX227laygoMzuYlAzpruM6HbafSkITI-wUejPtRdBgfvNapiJIjXePR0Lk5eoz8yfKrryaOtBv9K-ZBtmu_QDCK6vP8thdKxwzfWnMD7xeNItZvFs-fxmeOpzbdwhjrqay8uDtH9t74YUYY4XXv_gDj0x46BHt16w0UGBEQENglYI9kEQMV9-9A_flf1TToTHo-7U1QxBNLbHDH2ae31C4mA7zvs7SG2EASj6bnkklzGTEfK34JNNX7pI7FFksW41g02QH-oHRMtRi3K2m5a_YDeUlELY13WcFyLOOoF-n2_xFMzHC6CSX156Hkkh7pF6b6ymL7RwXNE8KyEcVmDW57g9o7jVacGDgpmqYDIhanQ6uTTsGntGs8RlL2z3vHrxoelhx0fdoJiC-HN3Zn3_K4JmeJz9U0w3pH7v7DHvfbmIf5TCu6mOcoyeWJR6XLTmAihjHY17Erro1je&sai=AMfl-YRAGC-jPsuFEUDk3yaPavl0kaM4fYtfVD-0aS7tBwPTwNIYol45JONBr48Iua6QeYv1aYoslXJLu6w2BUK71pp8EauuAARQXZcDKsqpn8A1E4ly4HfCJ4GcXVbMNnudE6cEHel8UJ8v8rQrCWiNg-OmoAgt9qiwLf658y4Vb-3ez7zRu0RsWFQN4GFunQLONsAgjQxmXTGxK_jsSaF0yT-IcnoilaXRldfbz57c2vY98Si3&sig=Cg0ArKJSzDE-PFsehinTEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=101&cbvp=1&cstd=99&cisv=r20220822.51672&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 24 Aug 2022 03:52:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8396020733649616896/ Frame 7D27 38 KB
10 KB 3ms
2ms Document
text/html 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f62cdd62bf8db4ac62a2808f40171fa38f402236695b8d5cd6e2c0587476d998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 166675
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 10208
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 05:34:54 GMT
expires: Tue, 22 Aug 2023 05:34:54 GMT
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5F95 0
64 B 112ms
56ms Ping
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssR8B8rkNuj8KdTTwEATZ9hyfGKsnVJUfnMrwDkWNiI8DKhicuzRjdowK776EBrsMrwwJyiJZCoylGiaBFyCaZ_PKMH6RSwU6TNek7lL4c0TC5kTohFHpXHbEu0pMtTuG7odKont1MeTNnfgdfEQkGyVQ-_VEAZzTNbMN7lGJzaqaicPC2hvU9hJrflZw3KJipMlAlm83wNmgF1Pc_TUaCohmcCnIkFKMPMXRz4lSRLXptXOUc1yw2X2v9VdnRtLSJmFYf4OSg9e8mfICbduUhMjEJT08qHLwxj9MVGmiOiKlfb3kJsJNvFhvKrDkUvzMBUSJQfAdsDnNrR3Ye8K7qMwVpCDJbiXbMLnXHqh0AZRmmo6l0bzJPZ6ZHKnjDFlQXS6ZDAQKITSRzLLaOVtK_b1_2IxcM1Hd-WmOBxP1rykXL4rZgQWaKD_heh7L3mXocUe-gU4-lGZx_F6F_KO91pX1nBcRYhUtuoErpSkBFHuKDF0rZ-xapfmCgw8adDdTv6vs0l590bLr1UZd9zTvdcIE_hQqlkGdr9TNA5DQ4twEN401B5FLV5tQwuWtxtpA_lobOTgOUGiCeNOzruR6Z6NWtqzmYqik5M7uG6SXnK9c31cBicSC72ribIt2RcCUulKCD6Gjkr-gsKyCxsmrn_OBq_q-v1Vwl8FSwVMEvfKDdPEnybIxSO0wDEhf9uKtivUsQFNmVPtjsTtbl8GF4k8hSf83REGHeBec3szxTdllZ57gF-cKNEH_229xjh0j5QlDfIHMJW4ss25BuFxJ3ZzldkzHjXDjQvMtuOH1eRrLCQZ98r2RA2gu0Mmavq10NkVOVsBWA7owLXoQCqxvkBlBqbI-mzn4I-zftCDXJIAN0b6I_5HHMZSM2-8qNv57fGT_uKxnUt9ouP67znB4QfBqcsv9_cQxJFQE7oubuq4lTlQMLYaNJfnJOTvvt6blkg5-aW6CEVytwtL87333sgzkqJ1GH3cl97DwrclJBcLnOXdopXPnPowJC_yrZXRo0U42U8oLz1CV1IaeByVgzQMorOdcg_sn_iptKauX1-OGGSoChoNK6kXossusssegh9VvOKVP1q4sYAP_KBjsjOCYuBCtn6b5iVIQWCg8ffaeK3pT8QWRNdJnTTFAVL_llOu7U90hesVGUNeDGM_jSfWLpi6FnJnIKywvptQguEaTDPNKz0PpA1FLCOrd_jEb2IoWA2ugNaFiIPubh1DpsR-keK33RXo0eLXpYHvy38ZmmvaMZn6viIrZ_9EQ0yRvJNAF8VSs0rNl6luN_n70ilJ-sNtbxYx0dxYOUTSUYu&sai=AMfl-YSkQt1nME7bMWrWkGXmIcOenBTsL2TL0S1Hjl31iJ-9C_wCQvaMaeUlVgoEQtdpc007DLYqQ-6_QIfNhcLJk4rpzDQ82VSswcFIJBKiCDDquR4nT4LsF13IUhH6zbuty7b3Fzn4MmRxUD_C_WJ1M6RyD2nG-gIJO28Z0RjeK5um_mNej4V-Uq54Z0q4FqMsD8zUVGxOCZNpvbczBwBAAIbdtxFNJIo_teHn9MTNbOlhdQ9i&sig=Cg0ArKJSzN5_yul6IHZ0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=71&cbvp=1&cstd=70&cisv=r20220822.39045&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 24 Aug 2022 03:52:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13023750825749512192/ Frame 8BAD 36 KB
10 KB 4ms
3ms Document
text/html 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13023750825749512192/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13db4ee11ffc7e61aeb8b75e5542810c090864df7c15af11c638dbecf0957cde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 171216
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 9953
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 04:19:13 GMT
expires: Tue, 22 Aug 2023 04:19:13 GMT
last-modified: Thu, 04 Aug 2022 19:20:10 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7FE7 0
622 B 91ms
51ms Ping
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvKoKLreWmB-249b3Ny91HkPfwuQuWoXBi2zuNEw8cxTiyWA-PxFLJCv6Ujl62eRnE1A07IveuzViDimdc2ov8FLGi0DC0F7AnH-1_VpM0GXnal0D49DWBvWbDBWloOf1E7aDqW2tCZh9utroJt_3UzJeRuQaiisHIHtj_RqJKnfUi58Irh37RvXmPd1HJvasAxUZhsiwZJ5rz7eqY2FVUR9zlstgdvSm4qYZkpUoxxF5Rn7PZA-2NdXRBeqKljzMeP-a-nr5dvClyjZ7S1aCtYqyX_T-6XBJZeyyjTOVJMlqxSRLcIjkQrS4CwNQvFmWOnscWScjTOPa8N67n33Ycq_Ex1E2Xk056Np4-etgCcGIRC_ceokWfzgCouTkvMpQdV4S_EuIqSaI3yxx5Nejo9P2OwdwfdpciCIJjIAHxMt6MU8o8exDEuwM0d2SDoTFBnCOwpApAfZ0Ezh3Pdna8LoozqhBGYYe13NTK03x9NoPEfdY6nW4SbH5iJ_-WtUdWTJM2fMgYAABrQBMaLuNw5I2ybZbiRNwQIpJ--AbCLX4hqnIYfRZRYgCFkxwXCrd0NxfCnl6g5Kij24WPjHSZEHGRmhe-vf3kmRHQPuT_uJ-KzCF1zuN9MGXE4h-xq2TkRciJHTPjKraX5Vdi28lIp0-JbfyRAgQYdfqHukuTPKGr5ILEjhfV51rZliWRAYhJlcCEUnleF-MhlCcPYirPqKkvu_okxhgbVuvBocunglaaTYlHewqNdEsZo-MPXY8xQI-F-325UeDVm-y7NbeNnxA75T8fSXCs_2cqLiLU7w6wt2xCs-k_FyfP82zogqbFruoSwEF5xPaN_2XG0vLgO7b_8Icke_qwUDWqj7J9Sep403kxNnQx0REDgrUtRzLhF7FCvd3F-XvzOKfmIx2o4u3d5_1rvS7hVvhAcXJ05xnpYwYuBQ7CQC0YkZ91oW2RHuROfEOORKaS6KV8LdOBNY4roR2GyxioqM_rk1BASatIAnlCEJzEEctdTLOb5SY0Q2IdZAtTvjpQIFRDCWtjJfeAlitNCGaBga_0Ha4aDDDg2Cm5eRz09k-Zl3SzxSQpKWwFK2qj8qU5lxbdtuET0r48fTHzwhub9S58zL9MemzDBKFo_uQPhj7bLwZAP2jFC8phLHHj83vh1FheXlmrxEugwhcwZ4WUsYCBQVvUGhQXWDRQoiK-3SnGnjXLhyAbOH-CtvNZwV44z6EULSnJlqSyC_kL6yRRf3_MlzNSpM9R_0m-ljQIa4GdYgWCOaMLUTQxBdK2EM2fuiN6M8-Tl4GOuO5d6t9ZRv5w6R-5TGy0n5g&sai=AMfl-YTQqH-jaseu1UJaGvDCvj0VPOJ-b_yq1-IejQS-BPcEWaFuWnvJhoeeI2pbC4AQL29GBJcV3VEZXLFg3noPFKImr7j9vrjN8UXivme_4w4CRHNCA7_HP9JmyetU2zeGAtSNnXdtFd9HzTmgHiiyDlsfnAYcdsFV5XjK-SK6fnp25mHDUlXZkzbNfisU7MGe7k9mEgqJegg7xkU_itojEhgAkPQQ_InVgh8-IJsNSeZgR3Ro&sig=Cg0ArKJSzOglacGuq6uyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=73&cbvp=1&cstd=71&cisv=r20220822.45385&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 24 Aug 2022 03:52:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BA95 41 KB
15 KB 3ms
3ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:36:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141371
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 12:36:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BBB8 1 KB
749 B 4ms
2ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 03:25:19 GMT
etag: 48472445140208031
expires: Thu, 25 Aug 2022 03:25:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BA95 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e164652bf9806f0c930319d498e562c4dc02cea6e0c9f5db76b3bffd5949ce7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D645 41 KB
15 KB 3ms
2ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:36:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141371
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 12:36:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6D90 1 KB
749 B 2ms
2ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 03:25:19 GMT
etag: 48472445140208031
expires: Thu, 25 Aug 2022 03:25:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D645 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3e4052eefc2663a17f632a47031f12e627c9b84b7734db562e4c9d609b3a1fd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 47CD
Redirect Chain

https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=d0c18034

43 B
556 B

191ms
189ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=d0c18034

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:50 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: CAAZVJNYWGBDQEC3TE3J
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 24 Aug 2022 03:52:50 GMT
via: 1.1 234e9be7d7243ea51bdddd284d99c552.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: NRT12-C5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=d0c18034
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: h9F2LTEhMyLlOjRYXgULxrB1v4OjbC6VSskcAkYGgOEU-WEHpFBICQ==

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5F95 41 KB
15 KB 3ms
3ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:36:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141371
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 12:36:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 658B 1 KB
749 B 2ms
2ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 03:25:19 GMT
etag: 48472445140208031
expires: Thu, 25 Aug 2022 03:25:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5F95 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81ff1227ea51546f651e8943f15559deee35e598c7829a6f3c72458339fb8813

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 32e0d303.png
s0.2mdn.net/sadbundle/8237831796738228224/images/ Frame 1829 6 KB
6 KB 4ms
4ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8237831796738228224/images/32e0d303.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8237831796738228224/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a8229b39735d4c16310f4749bd6d0250a6b0c57aabaf05330bb36dcd4dda5b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8237831796738228224/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:43:20 GMT
x-content-type-options: nosniff
age: 169769
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5716
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:21:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:43:20 GMT

GET
H3 200 f1b6d643.png
s0.2mdn.net/sadbundle/8237831796738228224/images/ Frame 1829 2 KB
2 KB 31ms
29ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8237831796738228224/images/f1b6d643.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8237831796738228224/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eec032cdfa8715ca8ec8eb987b862b06c4257aa82e5ad5333d086eaadd103b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8237831796738228224/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:43:20 GMT
x-content-type-options: nosniff
age: 169769
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1682
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:21:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:43:20 GMT

GET
H3 200 d51c3f9d.png
s0.2mdn.net/sadbundle/8237831796738228224/images/ Frame 1829 3 KB
3 KB 31ms
29ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8237831796738228224/images/d51c3f9d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8237831796738228224/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e48809ab95ec8ab3fc71670579a474333f78ed58739617035640f3d23658198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8237831796738228224/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:43:20 GMT
x-content-type-options: nosniff
age: 169769
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2800
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:21:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:43:20 GMT

GET
H3 200 47131711.png
s0.2mdn.net/sadbundle/8237831796738228224/images/ Frame 1829 14 KB
14 KB 29ms
28ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8237831796738228224/images/47131711.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8237831796738228224/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52486c218d382e7e96e8d92db282398f462294604a504f3f59d9bb8b4a982933

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8237831796738228224/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:43:20 GMT
x-content-type-options: nosniff
age: 169769
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14721
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:21:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:43:20 GMT

GET
H3 200 ab00bb38.png
s0.2mdn.net/sadbundle/8237831796738228224/images/ Frame 1829 29 KB
29 KB 25ms
23ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8237831796738228224/images/ab00bb38.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8237831796738228224/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dc174f9bda80ed68f9b43a16edd727195e6dac07439dcdcf949fa2509f3ed26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8237831796738228224/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:43:20 GMT
x-content-type-options: nosniff
age: 169769
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30089
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:21:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:43:20 GMT

GET
H3 200 e60d4bee.png
s0.2mdn.net/sadbundle/8237831796738228224/images/ Frame 1829 25 KB
25 KB 25ms
24ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8237831796738228224/images/e60d4bee.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8237831796738228224/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84f56a0a87f859ca21cffe946e1c95bd1b6d4c0780f90cf03e737ae844cd0d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8237831796738228224/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:43:20 GMT
x-content-type-options: nosniff
age: 169769
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25516
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:21:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:43:20 GMT

GET
H3 200 52353ab7.png
s0.2mdn.net/sadbundle/8237831796738228224/images/ Frame 1829 21 KB
21 KB 27ms
25ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8237831796738228224/images/52353ab7.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8237831796738228224/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0fa5a2b4362b9459f9808a210665a3d0dd413c74e364b394768df84c597df32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8237831796738228224/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:43:20 GMT
x-content-type-options: nosniff
age: 169769
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21387
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:21:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:43:20 GMT

GET
H3 200 fe7fca83.png
s0.2mdn.net/sadbundle/8237831796738228224/images/ Frame 1829 6 KB
6 KB 32ms
30ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8237831796738228224/images/fe7fca83.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8237831796738228224/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c119d30440025cc732538acba12431f07d24e897d09d80eb6371e377b8736e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8237831796738228224/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:43:20 GMT
x-content-type-options: nosniff
age: 169770
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6019
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:21:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:43:20 GMT

GET
H3 200 78229fa7.png
s0.2mdn.net/sadbundle/8237831796738228224/images/ Frame 1829 11 KB
12 KB 31ms
29ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8237831796738228224/images/78229fa7.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8237831796738228224/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0807ea7eec16c72403a73f59f7c5ae72fb7314d4ba133ee8d7a5c20873067ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8237831796738228224/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:43:20 GMT
x-content-type-options: nosniff
age: 169770
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11751
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:21:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:43:20 GMT

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 0B79 2 KB
2 KB 115ms
94ms Document
text/html 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56838c8c4093bacef93bde9da40fbd8d165c4e033afafc3a0896db94d948af79

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 73f92330b8db34c9-NRT
content-encoding: br
content-type: text/html
date: Wed, 24 Aug 2022 03:52:50 GMT
dropped-udsids: 241|39|230|46|13|93|206|41
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flaRxAYOkAue%2BWccOF4fZa35ubHdnpjgmacHH4IoE2sqXmp61r%2FeN3IT8U0MKEQVYJhqu8HyTcRgMtn1FWVoUFB%2FQ8YyLiNf0qY7c3upQleR1GMQ8vp4G047pR6hSGrsnmVeivKdU89yfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A6E9 15 KB
6 KB 19ms
3ms Document
text/html 23.44.52.240
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-52-240.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=159240
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 24 Aug 2022 03:52:50 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 26 Aug 2022 00:06:50 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 5F4C 281 B
554 B 17ms
3ms Document
text/html 23.207.98.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.98.70 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-98-70.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 24 Aug 2022 03:52:50 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7FE7 41 KB
15 KB 9ms
5ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:36:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141372
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 12:36:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E4F5 1 KB
749 B 9ms
2ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1651
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 03:25:19 GMT
etag: 48472445140208031
expires: Thu, 25 Aug 2022 03:25:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7FE7 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7ec9095270a2a2b91921f77745c936b40bf0a0af9a7e2039b6b76641d33feb9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 play-button.svg
s0.2mdn.net/sadbundle/8396020733649616896/images/fastloading/ Frame AE49 285 B
253 B 4ms
4ms Image
image/svg+xml 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/fastloading/play-button.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bedae8b93524a65ba25aca84fddab0657c1a5d67d1b8cee481e80060ca53e0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 224
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 replay-button.svg
s0.2mdn.net/sadbundle/8396020733649616896/images/fastloading/ Frame AE49 630 B
428 B 7ms
5ms Image
image/svg+xml 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/fastloading/replay-button.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57e401d00ba20a72dfbd21ec604814bfeec0b389e0e9f22b06f2984eb5b63ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 399
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 unmute-button.svg
s0.2mdn.net/sadbundle/8396020733649616896/images/fastloading/ Frame AE49 668 B
454 B 7ms
6ms Image
image/svg+xml 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/fastloading/unmute-button.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88db1838b88d6e744aa3922e7f756c6e33d5423e7b1a43f6471cc8c2abe1ee5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 425
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 mute-button.svg
s0.2mdn.net/sadbundle/8396020733649616896/images/fastloading/ Frame AE49 544 B
381 B 14ms
12ms Image
image/svg+xml 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/fastloading/mute-button.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50519389d24638a2ca4b05dbde347ad4b1b3142ef5f9bd48fe3a23f84137e43e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 352
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 fac88e99.jpg
s0.2mdn.net/sadbundle/8396020733649616896/images/ Frame AE49 52 KB
52 KB 8ms
6ms Image
image/jpeg 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/fac88e99.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47f69584f7bdf38b522737599e7e0b2844e7fc4ca7215ff3189be5bc4327e3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53447
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 21b0b4d7.png
s0.2mdn.net/sadbundle/8396020733649616896/images/ Frame AE49 5 KB
5 KB 14ms
12ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/21b0b4d7.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cff3a6d806af467116201316a2e09b0119498ce68a99a381f1f590839d8ada8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4763
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 cde4360d.png
s0.2mdn.net/sadbundle/8396020733649616896/images/ Frame AE49 12 KB
12 KB 10ms
8ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/cde4360d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feb5acf9293b7502dc10c1b176028d1a820ccce2946503c8ffd5053495f754ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12535
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 e36abfbc.png
s0.2mdn.net/sadbundle/8396020733649616896/images/ Frame AE49 25 KB
25 KB 9ms
7ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/e36abfbc.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644257963e204a647e9de7a1e63ad6239e66980c52a63156507e4c0b823e64e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26068
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 c3a6e83d.png
s0.2mdn.net/sadbundle/8396020733649616896/images/ Frame AE49 6 KB
6 KB 10ms
9ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/c3a6e83d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab3031e3db5219603c2914674dcd84f1851ed8fb2302ec5efb9e55b939801861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5860
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 7e05f100.png
s0.2mdn.net/sadbundle/8396020733649616896/images/ Frame AE49 10 KB
11 KB 9ms
8ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/7e05f100.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59fc0203fca697173d89859521818207a4e749f64bc1a92177c10f30060efa40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10739
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 74fd8887.png
s0.2mdn.net/sadbundle/8396020733649616896/images/ Frame AE49 24 KB
24 KB 14ms
13ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/74fd8887.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a14267d56a8e0d5bfb4b0ef5abbb7804420ea6790699ec15660c97f9c2bba43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24073
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 b8d4f393.png
s0.2mdn.net/sadbundle/8396020733649616896/images/ Frame AE49 20 KB
20 KB 14ms
13ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/b8d4f393.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65114402fb68433d3cb5fe7ca4d91a9511d1dcbf0832357c944f34758a2b3a93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20128
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 95159878.png
s0.2mdn.net/sadbundle/8396020733649616896/images/ Frame AE49 2 KB
2 KB 15ms
14ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/95159878.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452bcf04806f471f9dd5ba88e8622c989d4ebcb45591449054d06c176932feb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1649
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 19d498a6.png
s0.2mdn.net/sadbundle/8396020733649616896/images/ Frame AE49 3 KB
3 KB 14ms
13ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/19d498a6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72282a19a26d3d7376513f45288f3abc5cc0e5740106eeae2cc44fe6dafd6cfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 play-button.svg
s0.2mdn.net/sadbundle/8396020733649616896/images/fastloading/ Frame 7D27 285 B
253 B 8ms
3ms Image
image/svg+xml 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/fastloading/play-button.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bedae8b93524a65ba25aca84fddab0657c1a5d67d1b8cee481e80060ca53e0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 224
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 replay-button.svg
s0.2mdn.net/sadbundle/8396020733649616896/images/fastloading/ Frame 7D27 630 B
428 B 9ms
4ms Image
image/svg+xml 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/fastloading/replay-button.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57e401d00ba20a72dfbd21ec604814bfeec0b389e0e9f22b06f2984eb5b63ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 399
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 unmute-button.svg
s0.2mdn.net/sadbundle/8396020733649616896/images/fastloading/ Frame 7D27 668 B
454 B 10ms
4ms Image
image/svg+xml 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/fastloading/unmute-button.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88db1838b88d6e744aa3922e7f756c6e33d5423e7b1a43f6471cc8c2abe1ee5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 425
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 mute-button.svg
s0.2mdn.net/sadbundle/8396020733649616896/images/fastloading/ Frame 7D27 544 B
381 B 10ms
5ms Image
image/svg+xml 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/fastloading/mute-button.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50519389d24638a2ca4b05dbde347ad4b1b3142ef5f9bd48fe3a23f84137e43e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 352
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 fac88e99.jpg
s0.2mdn.net/sadbundle/8396020733649616896/images/ Frame 7D27 52 KB
52 KB 12ms
7ms Image
image/jpeg 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/fac88e99.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47f69584f7bdf38b522737599e7e0b2844e7fc4ca7215ff3189be5bc4327e3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53447
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 21b0b4d7.png
s0.2mdn.net/sadbundle/8396020733649616896/images/ Frame 7D27 5 KB
5 KB 12ms
8ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/21b0b4d7.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cff3a6d806af467116201316a2e09b0119498ce68a99a381f1f590839d8ada8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4763
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 cde4360d.png
s0.2mdn.net/sadbundle/8396020733649616896/images/ Frame 7D27 12 KB
12 KB 13ms
8ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/cde4360d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feb5acf9293b7502dc10c1b176028d1a820ccce2946503c8ffd5053495f754ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12535
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 e36abfbc.png
s0.2mdn.net/sadbundle/8396020733649616896/images/ Frame 7D27 25 KB
25 KB 13ms
9ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/e36abfbc.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644257963e204a647e9de7a1e63ad6239e66980c52a63156507e4c0b823e64e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26068
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 c3a6e83d.png
s0.2mdn.net/sadbundle/8396020733649616896/images/ Frame 7D27 6 KB
6 KB 14ms
9ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/c3a6e83d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab3031e3db5219603c2914674dcd84f1851ed8fb2302ec5efb9e55b939801861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5860
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 7e05f100.png
s0.2mdn.net/sadbundle/8396020733649616896/images/ Frame 7D27 10 KB
11 KB 14ms
10ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/7e05f100.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59fc0203fca697173d89859521818207a4e749f64bc1a92177c10f30060efa40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10739
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 74fd8887.png
s0.2mdn.net/sadbundle/8396020733649616896/images/ Frame 7D27 24 KB
24 KB 15ms
11ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/74fd8887.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a14267d56a8e0d5bfb4b0ef5abbb7804420ea6790699ec15660c97f9c2bba43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24073
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 b8d4f393.png
s0.2mdn.net/sadbundle/8396020733649616896/images/ Frame 7D27 20 KB
20 KB 16ms
11ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/b8d4f393.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65114402fb68433d3cb5fe7ca4d91a9511d1dcbf0832357c944f34758a2b3a93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20128
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 95159878.png
s0.2mdn.net/sadbundle/8396020733649616896/images/ Frame 7D27 2 KB
2 KB 16ms
12ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/95159878.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452bcf04806f471f9dd5ba88e8622c989d4ebcb45591449054d06c176932feb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1649
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 19d498a6.png
s0.2mdn.net/sadbundle/8396020733649616896/images/ Frame 7D27 3 KB
3 KB 17ms
12ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8396020733649616896/images/19d498a6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72282a19a26d3d7376513f45288f3abc5cc0e5740106eeae2cc44fe6dafd6cfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 05:34:54 GMT
x-content-type-options: nosniff
age: 166676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:19:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 05:34:54 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 391C 22 KB
8 KB 3ms
2ms Document
text/html 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 48208
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Aug 2022 14:29:22 GMT
expires: Wed, 23 Aug 2023 14:29:22 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2679 22 KB
8 KB 3ms
2ms Document
text/html 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 48208
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Aug 2022 14:29:22 GMT
expires: Wed, 23 Aug 2023 14:29:22 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK widget_iframe.9d00f3a022654eb8edfbc3190e981f9d.html Show response
platform.twitter.com/widgets/ Frame E901 320 KB
104 KB 200ms
200ms Document
text/html 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.9d00f3a022654eb8edfbc3190e981f9d.html?origin=https%3A%2F%2Fwww.boxofficeindia.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nwa/E78B) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 637281
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Wed, 24 Aug 2022 03:52:50 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Mon, 15 Aug 2022 23:01:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nwa/E78B)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame BA95 0
26 B 87ms
51ms Ping
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstYxsAnAL6js8htPlzjDQvBSKDVpcBVSY2EAdCU3ALshB6oEU7EiiI-gOd9tidNPNstD7gXmWg32R2xQ-A93yMXtBe3O1Wh7DSiHEkPnOtV1FtXiSEax-ncH-K7TNh2DElrtrsiXtqetZrZALuWONDPfWT5vGTUh_OBSC6fHynf9MGeYO-UM8kDI5AIEklYCYoShgb9W6wfds1rCrLpcFyCpVgaT5Dk25GTUNU06ohfQu0t5LErjKFvX3EnHscfrlsIJORZsfOriGdJPaWAa3T6cXk_zPdM6FjCURt4sCIbWawkaRytZHVcJsqbDHi_vx_2poZkFfHOsPw1A_xzRpYimuYjSGL0Hs2m9FW-BAf8PtMkc64sRcAe6nNLJBbX1G32SBi_SE6Jfcb8HQxJleRIqz-Hr_pyB7c_jBFNqu54iOEGkRHucAAeMtCAI5574Rzql7U3ZWVGzxf6vwyxxQ5ZFE6zHcJX65mqitDTLY-KSsoo54wBJcowTOULCoV0SSzcl4SJGS3FfqE1clv1ItECuPKTtHw1xGN0tFAorNTA1bvBSgFrvTZ9em9ap4UxGmxT6_jnKEiOpx8z-eSBFrmRtYz_2YHJQii4vQVP6R7JZ7AilHvX__2bjlubNHjoCV8uRf0kpMrJum6R5ix1VCHSkIl0A96rIrXWP_AEXmZ7gVklOUDOXb3rLuLAqBb737xOViVoqQKqR60Zx5cRoHAdPkQ4CEukwU2Hgh7FH-ORH1SGxxkIjPlJ4YgVLwKKvEiUn7JGLnGPQttAOLzd67ClkSIb381ZMq4g7H5us63339NAgK5cYauInMgi-yZrTYxfY9x3QQfT8AT4hreOT-NXHOjedqFQlH6I-uVZFaRO4Was7prGHq6Kc9jKx7K5wLU5tBUnW1h16SKZgNJkXbkI5Dzicv6-xKaTBLNvY8Mx1lhpnx-trSHarT90zBAENwRSgG0BqaTqIEvpUYVGT5CzyntFuaAo_25G5LOGvlIBdQgWbmGvHd-Ug4aacVMrHeDuzFQwUIWvCjyQqKHLGOamOKf3IxIxCWZ9l-cZkcJIKtqjmuilsNlbT-crURg_cx6iaArhHKANcEAXwqHWzGUcFQZna-NDpZt9767VUNuISDRRHBDAdZuNGAA6HNT1Zn1DkOj98bgq0zBkrc2LmtMgCCn3eZLCFT8fytIR4N9Kvc8AtWlm-6Dki7jwIbPLcs0KoocdASVhXeqyvCfA8YGYArSxUb-9WbenJ78Q8QHn6FKQMcwoaTYSsjY3pqgapanj0qKGGsdmYAPnqle_jtzNKtut1j9Ig_3kCA&sai=AMfl-YTU6KAgdD2NBhVoFt_TSn9w74ADAkEVmLM6qP8sdL8Q2NS1fPpku9coZqSA5UKfXRN3uEqso_w6YLIzRNsO9vbro9TgvwzVFBP_olMZD5jYCXPe9tGu2EgNLbK-Y6kFniYsfTCA2viK3viBZa6k1a-2JUEzEK8ZZU4DTfdo6SieRf8tvH4MFVNmqONFipoJGHnLtFi5kWAVBqRAG1MSqVv_VIO-Nu1xijyCdqtv5WA2GV0k&sig=Cg0ArKJSzAzYyVe4GQXIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=345&vt=11&dtpt=250&dett=3&cstd=93&cisv=r20220822.90766&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 03:52:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5F4C 31 KB
10 KB 4ms
4ms Script
text/html 23.207.98.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.98.70 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-98-70.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0c1faf7fff157dbff7978866f662396ae2dcc90ece68ea0b78c556b2331cb84b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 24 Aug 2022 03:52:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Aug 2022 13:55:35 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=38697
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9442
Expires: Wed, 24 Aug 2022 14:37:47 GMT

GET
H3 200 e9c75bf5.png
s0.2mdn.net/sadbundle/13023750825749512192/images/ Frame 8BAD 4 KB
4 KB 6ms
5ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13023750825749512192/images/e9c75bf5.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6db34bd903920d0823ef8393e369782e90743dd91ceaa1600e406a26d0ae8bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:19:13 GMT
x-content-type-options: nosniff
age: 171217
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4453
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:20:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:19:13 GMT

GET
H3 200 f584f4e2.jpg
s0.2mdn.net/sadbundle/13023750825749512192/images/ Frame 8BAD 35 KB
35 KB 9ms
4ms Image
image/jpeg 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13023750825749512192/images/f584f4e2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

359e558ecbf39ab02b6a5aa43e2c34b3e79cc127d3c96bbb985ee4095f9e19fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:19:13 GMT
x-content-type-options: nosniff
age: 171217
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35648
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:20:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:19:13 GMT

GET
H3 200 d626140e.png
s0.2mdn.net/sadbundle/13023750825749512192/images/ Frame 8BAD 12 KB
12 KB 10ms
6ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13023750825749512192/images/d626140e.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

625fab6d4b96597f280b03b17d666c67b48f24dad70add5300f7e602fad41020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:19:13 GMT
x-content-type-options: nosniff
age: 171217
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12555
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:20:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:19:13 GMT

GET
H3 200 52a2ceb1.png
s0.2mdn.net/sadbundle/13023750825749512192/images/ Frame 8BAD 26 KB
26 KB 11ms
6ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13023750825749512192/images/52a2ceb1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

128f3ea6f36d12804294018c82c523aa7f2b4f97df7a0be92c2f18e00c534f32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:19:13 GMT
x-content-type-options: nosniff
age: 171217
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26557
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:20:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:19:13 GMT

GET
H3 200 44b72285.png
s0.2mdn.net/sadbundle/13023750825749512192/images/ Frame 8BAD 11 KB
11 KB 11ms
7ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13023750825749512192/images/44b72285.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6fa1f10ae9ba6d86e02b473c7e20101e9be80e4f1e667ff9b05b024313cb4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:19:13 GMT
x-content-type-options: nosniff
age: 171217
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11388
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:20:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:19:13 GMT

GET
H3 200 4da4a690.png
s0.2mdn.net/sadbundle/13023750825749512192/images/ Frame 8BAD 10 KB
10 KB 11ms
7ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13023750825749512192/images/4da4a690.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4948bbcbdc0ffc3c0065962326f2780e0a54e0e029baec2690d80a956f34e93b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:19:13 GMT
x-content-type-options: nosniff
age: 171217
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10327
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:20:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:19:13 GMT

GET
H3 200 e2f7ca8a.png
s0.2mdn.net/sadbundle/13023750825749512192/images/ Frame 8BAD 16 KB
16 KB 13ms
9ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13023750825749512192/images/e2f7ca8a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffb93d82f92d99f0a0c0445a488b70a40345a02967d342a3f2703c0ec89b6e52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:19:13 GMT
x-content-type-options: nosniff
age: 171217
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:20:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:19:13 GMT

GET
H3 200 fe21cf04.png
s0.2mdn.net/sadbundle/13023750825749512192/images/ Frame 8BAD 43 KB
43 KB 14ms
10ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13023750825749512192/images/fe21cf04.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d3ecc36c0586b10312f75bc69f598a5c511e617b751d6deecd0ecb047962b64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:19:13 GMT
x-content-type-options: nosniff
age: 171217
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43658
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:20:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:19:13 GMT

GET
H3 200 c9917f9f.png
s0.2mdn.net/sadbundle/13023750825749512192/images/ Frame 8BAD 1 KB
2 KB 15ms
8ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13023750825749512192/images/c9917f9f.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a828c511fd5466b8941822dae48b0067535a6855ba393e7122a24602407d8184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:19:13 GMT
x-content-type-options: nosniff
age: 171217
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1531
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:20:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:19:13 GMT

GET
H3 200 ad6ca5c6.png
s0.2mdn.net/sadbundle/13023750825749512192/images/ Frame 8BAD 3 KB
3 KB 15ms
8ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13023750825749512192/images/ad6ca5c6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea063130fd66df829b99fd3b631ef9c73dffb991c58d839c3e8fb2d0159642bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:19:13 GMT
x-content-type-options: nosniff
age: 171217
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2695
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 19:20:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 04:19:13 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BBB8
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NjhVRU0xRE0xT3FIckk1&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4CVCdxNuRfv60ldkwFxN0Ul2Ns2pJTLlwiW-XbBmHH...

170 B
188 B

42ms
42ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NjhVRU0xRE0xT3FIckk1&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4CVCdxNuRfv60ldkwFxN0Ul2Ns2pJTLlwiW-XbBmHHzUMJq8s132EIEGxBdS4DXac98kqqk8c0663Zq8lxXE4W9ORNxkw

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:50 GMT
Server: PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-0d0566d062fd4ea5d@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NjhVRU0xRE0xT3FIckk1&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4CVCdxNuRfv60ldkwFxN0Ul2Ns2pJTLlwiW-XbBmHHzUMJq8s132EIEGxBdS4DXac98kqqk8c0663Zq8lxXE4W9ORNxkw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BBB8
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMYP7uAgJeAGjBVFcd-MwzI&google_cver=1&google_push=AehlK4Aq0V7QVtbaCZrlYvbiTpdWk6v2NpwvqTSYmIpR5Rm6yY768BInBkAzis8NkPo864ERP-eaKn_STgerK0VNBHRddxdKOWQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0A9BFB2969004015BB9A451BDA1C2578&google_push=AehlK4Aq0V7QVtbaCZrlYvbiTpdWk6v2NpwvqTSYmIpR5Rm6yY768BInBkAzis8NkPo864ERP-eaKn_STgerK0V...

170 B
188 B

41ms
41ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0A9BFB2969004015BB9A451BDA1C2578&google_push=AehlK4Aq0V7QVtbaCZrlYvbiTpdWk6v2NpwvqTSYmIpR5Rm6yY768BInBkAzis8NkPo864ERP-eaKn_STgerK0VNBHRddxdKOWQ

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 24 Aug 2022 03:52:50 GMT
x-content-type-options: nosniff
server: openresty
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0A9BFB2969004015BB9A451BDA1C2578&google_push=AehlK4Aq0V7QVtbaCZrlYvbiTpdWk6v2NpwvqTSYmIpR5Rm6yY768BInBkAzis8NkPo864ERP-eaKn_STgerK0VNBHRddxdKOWQ
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 23 Aug 2022 03:52:50 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BBB8
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKb-KHc-lMdzUmdD5o9q3Ac&google_cver=1&google_push=AehlK4B-NE9s1srT4JPTZxj-QVkiwrMrXNB-kgltmDbpTmQgiDFkbztXPvjqqqE446sHkjDtKc1CnVYS1flIKmc9ks...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEKb-KHc-lMdzUmdD5o9q3Ac&google_cver=1&google_push=AehlK4B-NE9s1srT4JPTZxj-QVkiwrMrXNB-kgltmDbpTmQgiDFkbztXPvjqqqE446sHkjDtKc1CnVYS1flIKmc9ks...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTI0NWFiMjktNTgxMC00YzVhLTk0OGItY2FjNGVkODI5NDhj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1245ab29-5810-4c5a-948b-cac4ed82948c

170 B
188 B

48ms
47ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTI0NWFiMjktNTgxMC00YzVhLTk0OGItY2FjNGVkODI5NDhj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1245ab29-5810-4c5a-948b-cac4ed82948c

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTI0NWFiMjktNTgxMC00YzVhLTk0OGItY2FjNGVkODI5NDhj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1245ab29-5810-4c5a-948b-cac4ed82948c
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 423

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BBB8
Redirect Chain

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESECpORWJhJ9UR_ueTKEP2VXY&google_cver=1&google_push=AehlK4Bh2IPQMOX0_8vZzVtFCZ671amiH7HB733GFOO8Vm2DvxYqwDbJhwb4oM7VOJHOVj3oUB0GAnyyz1Qwi7lhDvpFid25lPA
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4Bh2IPQMOX0_8vZzVtFCZ671amiH7HB733GFOO8Vm2DvxYqwDbJhwb4oM7VOJHOVj3oUB0GAnyyz1Qwi7lhDvpFid25lPA&google_hm=NTA4M3FvMDBGQkRBWTAwOHRCazc

170 B
188 B

55ms
54ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4Bh2IPQMOX0_8vZzVtFCZ671amiH7HB733GFOO8Vm2DvxYqwDbJhwb4oM7VOJHOVj3oUB0GAnyyz1Qwi7lhDvpFid25lPA&google_hm=NTA4M3FvMDBGQkRBWTAwOHRCazc

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-store, no-cache
Date: Wed, 24 Aug 2022 03:52:50 GMT
Server: nginx
P3P: CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location: //cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4Bh2IPQMOX0_8vZzVtFCZ671amiH7HB733GFOO8Vm2DvxYqwDbJhwb4oM7VOJHOVj3oUB0GAnyyz1Qwi7lhDvpFid25lPA&google_hm=NTA4M3FvMDBGQkRBWTAwOHRCazc
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
X-SID: 159f32b0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BBB8
Redirect Chain

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEMm8dKzz_v66r5xCz1VGVik&google_cver=1&google_push=AehlK4BNr9Gt6XIJVIqvp5yAruK8YWKpndtmlWK9r_903J55RNDMIqUEaccgN78N236H-iwPl3mr7CuX...
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEMm8dKzz_v66r5xCz1VGVik%26google_cver%3D1%26google_push%3DAehlK4BNr9Gt6XIJVIqvp5...
https://rtb2-useast.e-volution.ai/sync?adkuid=A502076053627345627&exchange=193&google_gid=CAESEMm8dKzz_v66r5xCz1VGVik&google_cver=1&google_push=AehlK4BNr9Gt6XIJVIqvp5yAruK8YWKpndtmlWK9r_903J55RNDMI...
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTUwMjA3NjA1MzYyNzM0NTYyNw&google_push=AehlK4BNr9Gt6XIJVIqvp5yAruK8YWKpndtmlWK9r_903J55RNDMIqUEaccgN78N236H-iwPl3mr7CuX...

170 B
188 B

39ms
39ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTUwMjA3NjA1MzYyNzM0NTYyNw&google_push=AehlK4BNr9Gt6XIJVIqvp5yAruK8YWKpndtmlWK9r_903J55RNDMIqUEaccgN78N236H-iwPl3mr7CuXZb277IrKO6P5s3VVEZgz

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTUwMjA3NjA1MzYyNzM0NTYyNw&google_push=AehlK4BNr9Gt6XIJVIqvp5yAruK8YWKpndtmlWK9r_903J55RNDMIqUEaccgN78N236H-iwPl3mr7CuXZb277IrKO6P5s3VVEZgz
Date: Wed, 24 Aug 2022 03:52:51 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BBB8 0
12 B 47ms
41ms Image
text/html 172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IcoeYx3t5h-3lBWsUGUsRSu9OybWZjNb5848hq3D3YqpsDipwZDIZBMBzv

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6D90
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NjhVRU0xRE0xT3FIckk1&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4BaiBU-fldYMdr4-iJcVx8kYilTq0GGfHwSByp2mLv...

170 B
188 B

39ms
39ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NjhVRU0xRE0xT3FIckk1&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4BaiBU-fldYMdr4-iJcVx8kYilTq0GGfHwSByp2mLvC-75vQNRILefmHJPLKES4esLGvEWwAQkOuNu_dSUcpaFQfLnvNN0

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:49 GMT
Server: PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-01afc7b9ae03f914c@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NjhVRU0xRE0xT3FIckk1&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4BaiBU-fldYMdr4-iJcVx8kYilTq0GGfHwSByp2mLvC-75vQNRILefmHJPLKES4esLGvEWwAQkOuNu_dSUcpaFQfLnvNN0
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6D90
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMYP7uAgJeAGjBVFcd-MwzI&google_cver=1&google_push=AehlK4CYsFXn2kWWHoiUEPSB01HAaRGj-INtrbRSx4o-w44QHZwXQFM5dJ0ArxijGkHiie0lHp985CMOJ1bgqx7ObWan16wwN66l
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2CF04B9E0A0C4AEA833D7AC70E9E9ED7&google_push=AehlK4CYsFXn2kWWHoiUEPSB01HAaRGj-INtrbRSx4o-w44QHZwXQFM5dJ0ArxijGkHiie0lHp985CMOJ1bgqx7...

170 B
188 B

45ms
44ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2CF04B9E0A0C4AEA833D7AC70E9E9ED7&google_push=AehlK4CYsFXn2kWWHoiUEPSB01HAaRGj-INtrbRSx4o-w44QHZwXQFM5dJ0ArxijGkHiie0lHp985CMOJ1bgqx7ObWan16wwN66l

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 24 Aug 2022 03:52:50 GMT
x-content-type-options: nosniff
server: openresty
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2CF04B9E0A0C4AEA833D7AC70E9E9ED7&google_push=AehlK4CYsFXn2kWWHoiUEPSB01HAaRGj-INtrbRSx4o-w44QHZwXQFM5dJ0ArxijGkHiie0lHp985CMOJ1bgqx7ObWan16wwN66l
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 23 Aug 2022 03:52:50 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6D90
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKb-KHc-lMdzUmdD5o9q3Ac&google_cver=1&google_push=AehlK4AlBDltCxFJesxBnCse4BJdeyHtt4sLGxbzYo7Iq8OketK506yG11B_XSRGUnPIICpAVqZhYHgq6ab_PYLXSN...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEKb-KHc-lMdzUmdD5o9q3Ac&google_cver=1&google_push=AehlK4AlBDltCxFJesxBnCse4BJdeyHtt4sLGxbzYo7Iq8OketK506yG11B_XSRGUnPIICpAVqZhYHgq6ab_PYLXSN...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTI0NWFiMjktNTgxMC00YzVhLTk0OGItY2FjNGVkODI5NDhj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1245ab29-5810-4c5a-948b-cac4ed82948c

170 B
188 B

43ms
41ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTI0NWFiMjktNTgxMC00YzVhLTk0OGItY2FjNGVkODI5NDhj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1245ab29-5810-4c5a-948b-cac4ed82948c

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTI0NWFiMjktNTgxMC00YzVhLTk0OGItY2FjNGVkODI5NDhj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1245ab29-5810-4c5a-948b-cac4ed82948c
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 423

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6D90
Redirect Chain

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESECpORWJhJ9UR_ueTKEP2VXY&google_cver=1&google_push=AehlK4CT3nKhgZlpAn9RtiCOG9d9z72UzW5ikKliyW_q_HNfbTpjungld0f4bKZel-7FpN8qhcyXUdR4LAIB02qkWsVMLdzwDfRV
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4CT3nKhgZlpAn9RtiCOG9d9z72UzW5ikKliyW_q_HNfbTpjungld0f4bKZel-7FpN8qhcyXUdR4LAIB02qkWsVMLdzwDfRV&google_hm=NTA4M3FvMDBMQkRHYTAwN2V...

170 B
188 B

98ms
97ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4CT3nKhgZlpAn9RtiCOG9d9z72UzW5ikKliyW_q_HNfbTpjungld0f4bKZel-7FpN8qhcyXUdR4LAIB02qkWsVMLdzwDfRV&google_hm=NTA4M3FvMDBMQkRHYTAwN2VXV0M

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-store, no-cache
Date: Wed, 24 Aug 2022 03:52:50 GMT
Server: nginx
P3P: CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location: //cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4CT3nKhgZlpAn9RtiCOG9d9z72UzW5ikKliyW_q_HNfbTpjungld0f4bKZel-7FpN8qhcyXUdR4LAIB02qkWsVMLdzwDfRV&google_hm=NTA4M3FvMDBMQkRHYTAwN2VXV0M
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
X-SID: 159f32b0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6D90
Redirect Chain

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEMm8dKzz_v66r5xCz1VGVik&google_cver=1&google_push=AehlK4Apb2QTD3szL3y77bGHYlJ87OBsek5QAs-mplRoLqj_50CbSZlhzImDM6BrjzcvWbj1IFD_GF9f...
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEMm8dKzz_v66r5xCz1VGVik%26google_cver%3D1%26google_push%3DAehlK4Apb2QTD3szL3y77b...
https://rtb2-useast.e-volution.ai/sync?adkuid=A1255264988171560387&exchange=193&google_gid=CAESEMm8dKzz_v66r5xCz1VGVik&google_cver=1&google_push=AehlK4Apb2QTD3szL3y77bGHYlJ87OBsek5QAs-mplRoLqj_50Cb...
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTEyNTUyNjQ5ODgxNzE1NjAzODc&google_push=AehlK4Apb2QTD3szL3y77bGHYlJ87OBsek5QAs-mplRoLqj_50CbSZlhzImDM6BrjzcvWbj1IFD_GF9...

170 B
188 B

41ms
40ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTEyNTUyNjQ5ODgxNzE1NjAzODc&google_push=AehlK4Apb2QTD3szL3y77bGHYlJ87OBsek5QAs-mplRoLqj_50CbSZlhzImDM6BrjzcvWbj1IFD_GF9fUoCs4hz9cD0KJ9zOv2Hhjw

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTEyNTUyNjQ5ODgxNzE1NjAzODc&google_push=AehlK4Apb2QTD3szL3y77bGHYlJ87OBsek5QAs-mplRoLqj_50CbSZlhzImDM6BrjzcvWbj1IFD_GF9fUoCs4hz9cD0KJ9zOv2Hhjw
Date: Wed, 24 Aug 2022 03:52:51 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6D90 0
12 B 88ms
84ms Image
text/html 172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IdEHe6KkFxaaPah_6VXukqQr9tDIvBz4bfh04ESmY_8ITjLmRb_iMMYz8K

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 88F6 22 KB
8 KB 6ms
6ms Document
text/html 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 48208
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Aug 2022 14:29:22 GMT
expires: Wed, 23 Aug 2023 14:29:22 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2B12 22 KB
8 KB 4ms
3ms Document
text/html 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 48208
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Aug 2022 14:29:22 GMT
expires: Wed, 23 Aug 2023 14:29:22 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 UCookieSetPug Show response
image6.pubmatic.com/AdServer/ Frame A6E9 24 B
107 B 2ms
2ms Script
text/html 103.231.99.243
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 1b6dfbc0392b3e04e6f10a39a7c097635148b6bc998c13ffbda40d5b3df488c8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
cache-control: private
expires: Mon, 21 Nov 2022 19:38:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 24
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 658B
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eDFsUkZVQzExT3FIckk1&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4C4ONIjtOnLRoHI5d25FUC9KQhmB3wx6GXPTEHTaMz...

170 B
188 B

42ms
42ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eDFsUkZVQzExT3FIckk1&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4C4ONIjtOnLRoHI5d25FUC9KQhmB3wx6GXPTEHTaMzT5_0teLsVj7QUeZt-iH7O4DW_uzhhnQqSLBfvhs8MN35fcb7iuMUPtw

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:49 GMT
Server: PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-01afc7b9ae03f914c@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eDFsUkZVQzExT3FIckk1&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4C4ONIjtOnLRoHI5d25FUC9KQhmB3wx6GXPTEHTaMzT5_0teLsVj7QUeZt-iH7O4DW_uzhhnQqSLBfvhs8MN35fcb7iuMUPtw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 658B
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMYP7uAgJeAGjBVFcd-MwzI&google_cver=1&google_push=AehlK4DzaWgZYsA7bNMzbIMXRsdhk8c_ehN-qe6V-o6u7sZv2fLV3uv7zJdewz4ddbCLq70z7GWwFdkUBzz8QqL7nWqyv3MDVPae3g
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B60E422D7329441D89F5C7753CAD453A&google_push=AehlK4DzaWgZYsA7bNMzbIMXRsdhk8c_ehN-qe6V-o6u7sZv2fLV3uv7zJdewz4ddbCLq70z7GWwFdkUBzz8QqL...

170 B
188 B

84ms
83ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B60E422D7329441D89F5C7753CAD453A&google_push=AehlK4DzaWgZYsA7bNMzbIMXRsdhk8c_ehN-qe6V-o6u7sZv2fLV3uv7zJdewz4ddbCLq70z7GWwFdkUBzz8QqL7nWqyv3MDVPae3g

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 24 Aug 2022 03:52:50 GMT
x-content-type-options: nosniff
server: openresty
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B60E422D7329441D89F5C7753CAD453A&google_push=AehlK4DzaWgZYsA7bNMzbIMXRsdhk8c_ehN-qe6V-o6u7sZv2fLV3uv7zJdewz4ddbCLq70z7GWwFdkUBzz8QqL7nWqyv3MDVPae3g
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 23 Aug 2022 03:52:50 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 658B
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKb-KHc-lMdzUmdD5o9q3Ac&google_cver=1&google_push=AehlK4Bvpsg1bzm7H8vZUhlxeV9x6kZRe6IoAsm9pM8OAegY8AboRat4Dw5D0fOkBj8ampVVFGiCW-EKIo0JgvcqpG...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTI0NWFiMjktNTgxMC00YzVhLTk0OGItY2FjNGVkODI5NDhj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1245ab29-5810-4c5a-948b-cac4ed82948c

170 B
188 B

47ms
46ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTI0NWFiMjktNTgxMC00YzVhLTk0OGItY2FjNGVkODI5NDhj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1245ab29-5810-4c5a-948b-cac4ed82948c

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTI0NWFiMjktNTgxMC00YzVhLTk0OGItY2FjNGVkODI5NDhj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1245ab29-5810-4c5a-948b-cac4ed82948c
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 423

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 658B
Redirect Chain

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESECpORWJhJ9UR_ueTKEP2VXY&google_cver=1&google_push=AehlK4DiJ_NrQVk9kxcwkQTUuDYIwIe7wm7ToDuECpnZMRH2J5DxqN3rukpcqrWxE3UC4enmAz8_yhKdJb6DtcWf8JmYvzeQR2HSUg
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4DiJ_NrQVk9kxcwkQTUuDYIwIe7wm7ToDuECpnZMRH2J5DxqN3rukpcqrWxE3UC4enmAz8_yhKdJb6DtcWf8JmYvzeQR2HSUg&google_hm=NTA4M3FvMDBMQkRHYTAwN...

170 B
188 B

73ms
72ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4DiJ_NrQVk9kxcwkQTUuDYIwIe7wm7ToDuECpnZMRH2J5DxqN3rukpcqrWxE3UC4enmAz8_yhKdJb6DtcWf8JmYvzeQR2HSUg&google_hm=NTA4M3FvMDBMQkRHYTAwN2VXV0M

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-store, no-cache
Date: Wed, 24 Aug 2022 03:52:50 GMT
Server: nginx
P3P: CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location: //cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4DiJ_NrQVk9kxcwkQTUuDYIwIe7wm7ToDuECpnZMRH2J5DxqN3rukpcqrWxE3UC4enmAz8_yhKdJb6DtcWf8JmYvzeQR2HSUg&google_hm=NTA4M3FvMDBMQkRHYTAwN2VXV0M
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
X-SID: 159f32b0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 658B
Redirect Chain

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEMm8dKzz_v66r5xCz1VGVik&google_cver=1&google_push=AehlK4BSADINm9cqDilu2Nan92RpNdXeq95QVrQBtAxVpM1etI25Zmqel_zHKlxoHsTDAwir_JnThvWu...
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEMm8dKzz_v66r5xCz1VGVik%26google_cver%3D1%26google_push%3DAehlK4BSADINm9cqDilu2N...
https://rtb2-useast.e-volution.ai/sync?adkuid=A2508200535676035210&exchange=193&google_gid=CAESEMm8dKzz_v66r5xCz1VGVik&google_cver=1&google_push=AehlK4BSADINm9cqDilu2Nan92RpNdXeq95QVrQBtAxVpM1etI25...
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTI1MDgyMDA1MzU2NzYwMzUyMTA&google_push=AehlK4BSADINm9cqDilu2Nan92RpNdXeq95QVrQBtAxVpM1etI25Zmqel_zHKlxoHsTDAwir_JnThvW...

170 B
188 B

42ms
42ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTI1MDgyMDA1MzU2NzYwMzUyMTA&google_push=AehlK4BSADINm9cqDilu2Nan92RpNdXeq95QVrQBtAxVpM1etI25Zmqel_zHKlxoHsTDAwir_JnThvWuz_ghilTU5lFZE6EC3-MeW7o

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTI1MDgyMDA1MzU2NzYwMzUyMTA&google_push=AehlK4BSADINm9cqDilu2Nan92RpNdXeq95QVrQBtAxVpM1etI25Zmqel_zHKlxoHsTDAwir_JnThvWuz_ghilTU5lFZE6EC3-MeW7o
Date: Wed, 24 Aug 2022 03:52:51 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 658B 0
12 B 52ms
51ms Image
text/html 172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lu3Q5IiMT7m2rCIUVBM_dy8s2_tfXoI-n__CGTXPjuwDPaCJZQl69NC8zr

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 206 video.mp4
cache-ssl.celtra.io/api/videoStream/57dc49a290f73626a30dac4392e3933a230f85fce0508cd8da5c9c8213696a38/x264_inline480p/ Frame AE49 1 MB
1 MB 32ms
3ms Media
video/mp4 13.225.165.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.io/api/videoStream/57dc49a290f73626a30dac4392e3933a230f85fce0508cd8da5c9c8213696a38/x264_inline480p/video.mp4?transform=VideoStream
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.165.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-165-61.nrt12.r.cloudfront.net
Software: Apache /
Resource Hash: a370514bfa699c5f52c085a255fa0192c331b1d363d751d75db5df74d5e210c1

Request headers

Referer: https://s0.2mdn.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 04 Aug 2022 17:33:44 GMT
via: 1.1 varnish (Varnish/6.6), 1.1 35d6a789b7457823b4c67241371ab33e.cloudfront.net (CloudFront)
age: 1682701
x-cache: Hit from cloudfront
Content-Range: bytes 0-1461964/1461965
Content-Length: 1461965
server: Apache
etag: "a370514bfa699c5f52c085a255fa0192c331b1d363d751d75db5df74d5e210c1"
x-ratelimit-remaining: 999
x-varnish: 2662316 2626509
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31556926
access-control-allow-credentials: false
x-ratelimit-reset: 60
x-ratelimit-limit: 1000
x-amz-cf-pop: NRT12-C4
accept-ranges: bytes
content-type: video/mp4
x-amz-cf-id: 2eWFw2oNizSI2dglocQSicw6kGwtsu00HjKfsDR9Uq0Mvi-a83ieLA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E4F5
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eDFsUkZVQzExT3FIckk1&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4DwWxt7e-QiqeFttahqQN95YmQRBILgegpWsQyL-Or...

170 B
188 B

39ms
39ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eDFsUkZVQzExT3FIckk1&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4DwWxt7e-QiqeFttahqQN95YmQRBILgegpWsQyL-OrR8N_OB2HphdzgA2HNXtrVdmJ0CBlEw8HeSkIeTblyMAe9WeJafUE

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:50 GMT
Server: PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-04d2d43691b0ba1ae@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eDFsUkZVQzExT3FIckk1&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4DwWxt7e-QiqeFttahqQN95YmQRBILgegpWsQyL-OrR8N_OB2HphdzgA2HNXtrVdmJ0CBlEw8HeSkIeTblyMAe9WeJafUE
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E4F5
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMYP7uAgJeAGjBVFcd-MwzI&google_cver=1&google_push=AehlK4DInCcs0XeM23WCL6cZBLw_c_mEEn_uDxxuZb-RjH053ivnKRewph2EJROFKjIiELPQdBKn8sooWJihNXRi1Ij3-CmiqNx0
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4DCE09A94AB64A12951ACB38E9CA7A3E&google_push=AehlK4DInCcs0XeM23WCL6cZBLw_c_mEEn_uDxxuZb-RjH053ivnKRewph2EJROFKjIiELPQdBKn8sooWJihNXR...

170 B
188 B

42ms
42ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4DCE09A94AB64A12951ACB38E9CA7A3E&google_push=AehlK4DInCcs0XeM23WCL6cZBLw_c_mEEn_uDxxuZb-RjH053ivnKRewph2EJROFKjIiELPQdBKn8sooWJihNXRi1Ij3-CmiqNx0

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 24 Aug 2022 03:52:50 GMT
x-content-type-options: nosniff
server: openresty
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4DCE09A94AB64A12951ACB38E9CA7A3E&google_push=AehlK4DInCcs0XeM23WCL6cZBLw_c_mEEn_uDxxuZb-RjH053ivnKRewph2EJROFKjIiELPQdBKn8sooWJihNXRi1Ij3-CmiqNx0
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 23 Aug 2022 03:52:50 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E4F5
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKb-KHc-lMdzUmdD5o9q3Ac&google_cver=1&google_push=AehlK4BAu-Hfdbk1rp07yQ_y6i-kvpDFJjhHK7C2RnuY17NQuOyvgHSd4znKEGoERI3ofwoIbz1SZ-WZ4daXbFotMo...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTI0NWFiMjktNTgxMC00YzVhLTk0OGItY2FjNGVkODI5NDhj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1245ab29-5810-4c5a-948b-cac4ed82948c

170 B
188 B

49ms
48ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTI0NWFiMjktNTgxMC00YzVhLTk0OGItY2FjNGVkODI5NDhj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1245ab29-5810-4c5a-948b-cac4ed82948c

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTI0NWFiMjktNTgxMC00YzVhLTk0OGItY2FjNGVkODI5NDhj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1245ab29-5810-4c5a-948b-cac4ed82948c
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 423

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E4F5
Redirect Chain

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESECpORWJhJ9UR_ueTKEP2VXY&google_cver=1&google_push=AehlK4CpecfkozldDqfAmzUs-jDAUoSUhK-FyySfbXceX48jrVqQgJDa1_BZt_AYKJeDsD-cQs_QYYf8mPwah3I5Mre9QflXyALc
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4CpecfkozldDqfAmzUs-jDAUoSUhK-FyySfbXceX48jrVqQgJDa1_BZt_AYKJeDsD-cQs_QYYf8mPwah3I5Mre9QflXyALc&google_hm=NTA4M3FvMDBMQkRHYTAwN2V...

170 B
188 B

43ms
42ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4CpecfkozldDqfAmzUs-jDAUoSUhK-FyySfbXceX48jrVqQgJDa1_BZt_AYKJeDsD-cQs_QYYf8mPwah3I5Mre9QflXyALc&google_hm=NTA4M3FvMDBMQkRHYTAwN2VXV0M

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-store, no-cache
Date: Wed, 24 Aug 2022 03:52:50 GMT
Server: nginx
P3P: CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location: //cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4CpecfkozldDqfAmzUs-jDAUoSUhK-FyySfbXceX48jrVqQgJDa1_BZt_AYKJeDsD-cQs_QYYf8mPwah3I5Mre9QflXyALc&google_hm=NTA4M3FvMDBMQkRHYTAwN2VXV0M
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
X-SID: 159f32b0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E4F5
Redirect Chain

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEMm8dKzz_v66r5xCz1VGVik&google_cver=1&google_push=AehlK4CIQA6BWTZ921sJY1GW2ebPh78srg3Iy6z_owzaI6LNwbOUsiXDh3y8xXAHxxfRSK556ZDC-3dq...
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEMm8dKzz_v66r5xCz1VGVik%26google_cver%3D1%26google_push%3DAehlK4CIQA6BWTZ921sJY1...
https://rtb2-useast.e-volution.ai/sync?adkuid=A9125204465794923084&exchange=193&google_gid=CAESEMm8dKzz_v66r5xCz1VGVik&google_cver=1&google_push=AehlK4CIQA6BWTZ921sJY1GW2ebPh78srg3Iy6z_owzaI6LNwbOU...
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTkxMjUyMDQ0NjU3OTQ5MjMwODQ&google_push=AehlK4CIQA6BWTZ921sJY1GW2ebPh78srg3Iy6z_owzaI6LNwbOUsiXDh3y8xXAHxxfRSK556ZDC-3d...

170 B
188 B

42ms
41ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTkxMjUyMDQ0NjU3OTQ5MjMwODQ&google_push=AehlK4CIQA6BWTZ921sJY1GW2ebPh78srg3Iy6z_owzaI6LNwbOUsiXDh3y8xXAHxxfRSK556ZDC-3dqUSwpyPYiO2e3rF7IGJYSYQ

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTkxMjUyMDQ0NjU3OTQ5MjMwODQ&google_push=AehlK4CIQA6BWTZ921sJY1GW2ebPh78srg3Iy6z_owzaI6LNwbOUsiXDh3y8xXAHxxfRSK556ZDC-3dqUSwpyPYiO2e3rF7IGJYSYQ
Date: Wed, 24 Aug 2022 03:52:51 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E4F5 0
12 B 51ms
50ms Image
text/html 172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JVaviPUqLW8jPrKuHVTl9WC8jaM_Um_TpqSZWnQENTEKoVZZdcjcearZUZ

Requested by

Host: 9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com
URL: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 206 video.mp4
cache-ssl.celtra.io/api/videoStream/57dc49a290f73626a30dac4392e3933a230f85fce0508cd8da5c9c8213696a38/x264_inline480p/ Frame 7D27 1 MB
1 MB 23ms
3ms Media
video/mp4 13.225.165.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.io/api/videoStream/57dc49a290f73626a30dac4392e3933a230f85fce0508cd8da5c9c8213696a38/x264_inline480p/video.mp4?transform=VideoStream
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8396020733649616896/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.165.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-165-61.nrt12.r.cloudfront.net
Software: Apache /
Resource Hash: a370514bfa699c5f52c085a255fa0192c331b1d363d751d75db5df74d5e210c1

Request headers

Referer: https://s0.2mdn.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 17 Aug 2022 01:43:36 GMT
via: 1.1 varnish (Varnish/6.6), 1.1 35d6a789b7457823b4c67241371ab33e.cloudfront.net (CloudFront)
age: 615627
x-cache: Hit from cloudfront
Content-Range: bytes 0-1461964/1461965
Content-Length: 1461965
server: Apache
etag: "a370514bfa699c5f52c085a255fa0192c331b1d363d751d75db5df74d5e210c1"
x-varnish: 774795 37448
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: NRT12-C4
accept-ranges: bytes
content-type: video/mp4
x-amz-cf-id: eT3RgjbszeTsKjXZ8S8GxWcI6B3HjlNcFtEs4CyRrIfIsdHO1NroBw==

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 0B79 43 B
932 B 251ms
188ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwWgkRkfV1XxQV2lcYMt3AAAA4UAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:50 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: EWX95S7DTDGXND8KRXE5
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0B79
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1245ab29-5810-4c5a-948b-cac4ed82948c&expiration=1663905170&gdpr=0&gdpr_consent=

43 B
914 B

82ms
80ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1245ab29-5810-4c5a-948b-cac4ed82948c&expiration=1663905170&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73f92331ebe3af3d-NRT
pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xT2r5r8%2BMrsX1CXQvapUmP%2FB600nxR%2BrTlVoPpYwXhMjhrWEm4%2F%2FZ2PAnQl9txDygotRLSHhrFKkuMv1e8v6LdpHxnWkshVr8s8ubgrTe%2FI%2B78B8QXbGniapA%2FDI68nhqTPNXs9UOc7Yjg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1245ab29-5810-4c5a-948b-cac4ed82948c&expiration=1663905170&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 0B79
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwWgkRkfV1XxQV2lcYMt3AAAA4UAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECrJA18fFhlMvq7b_m-AYKE&google_cver=1

43 B
947 B

109ms
97ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECrJA18fFhlMvq7b_m-AYKE&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73f9233258791ec4-NRT
pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7H5dXMKVJjq9%2B8%2BZsizpGN3ZiOiWMjH4wg9gMv7yZG1ScUbaicBBy4iRgH5gl7O2%2FHWtDQcj0GHTBkZpPnhE6TpvUImJk%2BYZfSDGQFrixpiPlrCRtS6uLhBUb%2BhRnWrWarP5j5XgAUV9w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECrJA18fFhlMvq7b_m-AYKE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 0B79
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=946538179684156045

43 B
907 B

80ms
80ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=946538179684156045
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73f923342f5baf3d-NRT
pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fiC%2FEAQkmGpEBrfoBFKQIeF8gp6rkkklMsb1WPXThv1rJem4P2iWKF8EsLzJB0gg4VPDPzY51p%2Fz2BfuT4MH0cWUTzPDsVOfHCgiXhplvnLqL09iNjNUFI3RfnM6UDcGSjDPPkUgsbZWAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:50 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4ed71a8d-349a-4739-9c0d-823639fc5e6f
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=946538179684156045
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 0B79
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=080d220402681dc489069399&expiration=[EXPIRATION]

43 B
912 B

82ms
82ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=080d220402681dc489069399&expiration=[EXPIRATION]
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73f923367b7daf3d-NRT
pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a13%2FxCln5aoGP97e0ePX6kUBQ%2FRHly3taGPiMldBYumcIaLeYevRv9qFaFZSZw3GAp5U3%2FKx0txEhgsnsRcKF0giwFjx5wd7NZgmPXG%2BHyIVeUSyuxSJMrNX%2BoQl%2BBArBlicNIaCfw1ldQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=080d220402681dc489069399&expiration=[EXPIRATION]
date: Wed, 24 Aug 2022 03:52:50 GMT
access-control-allow-credentials: true
x-powered-by: Express
content-length: 0
vary: Origin
keep-alive: timeout=5

GET usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 0B79 0
0

GET
H2

200

YwWgkRkfV1XxQV2lcYMt3AAAA4UAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0B79
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YwWgkRkfV1XxQV2lcYMt3AAAA4UAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://pr-bh.ybp.yahoo.com/sync/casale/YwWgkRkfV1XxQV2lcYMt3AAAA4UAAAAB

43 B
994 B

222ms
79ms

Image
image/gif

2406:da18:929:5a03:f124:f729:a44b:bb08
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YwWgkRkfV1XxQV2lcYMt3AAAA4UAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID

Protocol

Server

2406:da18:929:5a03:f124:f729:a44b:bb08 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/YwWgkRkfV1XxQV2lcYMt3AAAA4UAAAAB
date: Wed, 24 Aug 2022 03:52:50 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 0B79 0
353 B 212ms
68ms Image
text/plain 3.1.14.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.1.14.27 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-1-14-27.ap-southeast-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:50 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
X-RealServer-NX: aws-apsoutheast1c-delivery-3
Content-Length: 0
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 0B79 43 B
556 B 423ms
187ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index.com&id=YwWgkRkfV1XxQV2lcYMt3AAAA4UAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:50 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: X3RR6APYQJMHZ7PMJPED
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 206 video.mp4
cache-ssl.celtra.io/api/videoStream/61e8a9343f54743644e4f3a43669f20c9b1ec325278924838cf32f167b1488ee/x264_inline480p/ Frame 8BAD 1 MB
1 MB 18ms
17ms Media
video/mp4 13.225.165.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.io/api/videoStream/61e8a9343f54743644e4f3a43669f20c9b1ec325278924838cf32f167b1488ee/x264_inline480p/video.mp4?transform=VideoStream
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13023750825749512192/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.165.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-165-61.nrt12.r.cloudfront.net
Software: Apache /
Resource Hash: 62aef667fc638cb0a81f38011f9769791cbede8d810e63d2ca0473775d9f740f

Request headers

Referer: https://s0.2mdn.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 09 Aug 2022 00:07:18 GMT
via: 1.1 varnish (Varnish/6.6), 1.1 35d6a789b7457823b4c67241371ab33e.cloudfront.net (CloudFront)
age: 1309532
x-cache: Hit from cloudfront
Content-Range: bytes 0-1490776/1490777
Content-Length: 1490777
server: Apache
etag: "62aef667fc638cb0a81f38011f9769791cbede8d810e63d2ca0473775d9f740f"
x-ratelimit-remaining: 999
x-varnish: 724658
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31556926
access-control-allow-credentials: false
x-ratelimit-reset: 60
x-ratelimit-limit: 1000
x-amz-cf-pop: NRT12-C4
accept-ranges: bytes
content-type: video/mp4
x-amz-cf-id: 9d7guokC2LseVNvAUZL_bRtb-5_R6dT5pyXQpz2nx3zk3WHX3MQeJA==

GET
H3 200 hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response
pagead2.googlesyndication.com/bg/ Frame 391C 36 KB
14 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 01:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 01:46:17 GMT

GET
H3 200 hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response
pagead2.googlesyndication.com/bg/ Frame 2679 36 KB
14 KB 4ms
4ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 01:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 01:46:17 GMT

GET
H3 200 hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response
pagead2.googlesyndication.com/bg/ Frame 88F6 36 KB
14 KB 10ms
8ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 01:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 01:46:17 GMT

GET
H3 200 hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response
pagead2.googlesyndication.com/bg/ Frame 2B12 36 KB
14 KB 11ms
10ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 01:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 01:46:17 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D645 0
26 B 47ms
47ms Ping
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssBYTtRSd7Akgbb-6gOP9Zz1_SlC03_TJnCBLr5hH8Ynur0iZtyJv3RDQsTl32zzi8T4k3hlObb0kztOwf4et-6tAQj8MrU0PqOUAFQYFM8H1u0RuG1gWB36avwqy_B5lzDhO9QRoWTDpeYaD3nz4Us4wm2WjiPbCw1WlQjm9UJx0L2xd0djNQydSnMWuW9IA2e54Kr7hgpYj1ch0bOWALeDFxV0vdJBIFUYPdxV5ZKmR-yUg3lAh6oPh0ixbZwXHpeQRqdRgI1qc8lrLVl0uBXk6lG13AFW7W04g0jD0pSLsgTJ2sX7sjtPj074ADeJNE0uIdfQ9JctLqhIzSOqkCArz1aFU0xWsoAeJcWierlajYJJaIWB2YcADWuXX_dxlJ6w7hxjfEB9cxPRwk518qpJRnM9X05kCimwX746Xny1sg38ALk-bvvrFviUjDs2JJUe8d1N7UTOTrqiC74gEo5y798Iv21v6SYuwFf21JaHBij5rTLLvSK7PJHZXoTdUZf3U73vMBsb5J7-Ur60MJF6Tl4IJeEc3V-qW0FEER_q9vpggFkB-MlZdS35ZO0E9fwSn2DDGi0AymyphmOFyYsju-NCTooNP1yuoJTaNncYIkSGblC9mVSpbuHlUAvgv6y6Kghz2xQoz16g5LQw8LbvA2Ml0mW0ltU1jSUZNgbNYEVoEjnfpkdQEatVUbxJL9fJRmXysIuTio9BTan9K_SQsGIB5SRQ3NxtJgAVtLYzLORpbmZmy6F8cYaAJ74jK8TW8moHklUXoobr6dFT9238bIL2HKaiIW3gPUh9iXdwmlJhMdE4w_BpM1uXihQJbAU0hC3Qk2OktX0TQTRwqZrlDjWMX227laygoMzuYlAzpruM6HbafSkITI-wUejPtRdBgfvNapiJIjXePR0Lk5eoz8yfKrryaOtBv9K-ZBtmu_QDCK6vP8thdKxwzfWnMD7xeNItZvFs-fxmeOpzbdwhjrqay8uDtH9t74YUYY4XXv_gDj0x46BHt16w0UGBEQENglYI9kEQMV9-9A_flf1TToTHo-7U1QxBNLbHDH2ae31C4mA7zvs7SG2EASj6bnkklzGTEfK34JNNX7pI7FFksW41g02QH-oHRMtRi3K2m5a_YDeUlELY13WcFyLOOoF-n2_xFMzHC6CSX156Hkkh7pF6b6ymL7RwXNE8KyEcVmDW57g9o7jVacGDgpmqYDIhanQ6uTTsGntGs8RlL2z3vHrxoelhx0fdoJiC-HN3Zn3_K4JmeJz9U0w3pH7v7DHvfbmIf5TCu6mOcoyeWJR6XLTmAihjHY17Erro1je&sai=AMfl-YRAGC-jPsuFEUDk3yaPavl0kaM4fYtfVD-0aS7tBwPTwNIYol45JONBr48Iua6QeYv1aYoslXJLu6w2BUK71pp8EauuAARQXZcDKsqpn8A1E4ly4HfCJ4GcXVbMNnudE6cEHel8UJ8v8rQrCWiNg-OmoAgt9qiwLf658y4Vb-3ez7zRu0RsWFQN4GFunQLONsAgjQxmXTGxK_jsSaF0yT-IcnoilaXRldfbz57c2vY98Si3&sig=Cg0ArKJSzDE-PFsehinTEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=462&vt=11&dtpt=361&dett=3&cstd=99&cisv=r20220822.51672&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 03:52:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5F95 0
26 B 41ms
41ms Ping
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssR8B8rkNuj8KdTTwEATZ9hyfGKsnVJUfnMrwDkWNiI8DKhicuzRjdowK776EBrsMrwwJyiJZCoylGiaBFyCaZ_PKMH6RSwU6TNek7lL4c0TC5kTohFHpXHbEu0pMtTuG7odKont1MeTNnfgdfEQkGyVQ-_VEAZzTNbMN7lGJzaqaicPC2hvU9hJrflZw3KJipMlAlm83wNmgF1Pc_TUaCohmcCnIkFKMPMXRz4lSRLXptXOUc1yw2X2v9VdnRtLSJmFYf4OSg9e8mfICbduUhMjEJT08qHLwxj9MVGmiOiKlfb3kJsJNvFhvKrDkUvzMBUSJQfAdsDnNrR3Ye8K7qMwVpCDJbiXbMLnXHqh0AZRmmo6l0bzJPZ6ZHKnjDFlQXS6ZDAQKITSRzLLaOVtK_b1_2IxcM1Hd-WmOBxP1rykXL4rZgQWaKD_heh7L3mXocUe-gU4-lGZx_F6F_KO91pX1nBcRYhUtuoErpSkBFHuKDF0rZ-xapfmCgw8adDdTv6vs0l590bLr1UZd9zTvdcIE_hQqlkGdr9TNA5DQ4twEN401B5FLV5tQwuWtxtpA_lobOTgOUGiCeNOzruR6Z6NWtqzmYqik5M7uG6SXnK9c31cBicSC72ribIt2RcCUulKCD6Gjkr-gsKyCxsmrn_OBq_q-v1Vwl8FSwVMEvfKDdPEnybIxSO0wDEhf9uKtivUsQFNmVPtjsTtbl8GF4k8hSf83REGHeBec3szxTdllZ57gF-cKNEH_229xjh0j5QlDfIHMJW4ss25BuFxJ3ZzldkzHjXDjQvMtuOH1eRrLCQZ98r2RA2gu0Mmavq10NkVOVsBWA7owLXoQCqxvkBlBqbI-mzn4I-zftCDXJIAN0b6I_5HHMZSM2-8qNv57fGT_uKxnUt9ouP67znB4QfBqcsv9_cQxJFQE7oubuq4lTlQMLYaNJfnJOTvvt6blkg5-aW6CEVytwtL87333sgzkqJ1GH3cl97DwrclJBcLnOXdopXPnPowJC_yrZXRo0U42U8oLz1CV1IaeByVgzQMorOdcg_sn_iptKauX1-OGGSoChoNK6kXossusssegh9VvOKVP1q4sYAP_KBjsjOCYuBCtn6b5iVIQWCg8ffaeK3pT8QWRNdJnTTFAVL_llOu7U90hesVGUNeDGM_jSfWLpi6FnJnIKywvptQguEaTDPNKz0PpA1FLCOrd_jEb2IoWA2ugNaFiIPubh1DpsR-keK33RXo0eLXpYHvy38ZmmvaMZn6viIrZ_9EQ0yRvJNAF8VSs0rNl6luN_n70ilJ-sNtbxYx0dxYOUTSUYu&sai=AMfl-YSkQt1nME7bMWrWkGXmIcOenBTsL2TL0S1Hjl31iJ-9C_wCQvaMaeUlVgoEQtdpc007DLYqQ-6_QIfNhcLJk4rpzDQ82VSswcFIJBKiCDDquR4nT4LsF13IUhH6zbuty7b3Fzn4MmRxUD_C_WJ1M6RyD2nG-gIJO28Z0RjeK5um_mNej4V-Uq54Z0q4FqMsD8zUVGxOCZNpvbczBwBAAIbdtxFNJIo_teHn9MTNbOlhdQ9i&sig=Cg0ArKJSzN5_yul6IHZ0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=495&vt=11&dtpt=424&dett=3&cstd=70&cisv=r20220822.39045&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 03:52:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C483 0
0 41ms
40ms Fetch
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6jnKWlDX2s0dU_PvoduvWv3dDN4V8Ryuu1RO4JVESZAOJWBQVR3E8-wPQ9iEtMei5-3naM_KThOSYP_xhmc8a8UGxpwV8mqoyDh7YFew-EqrPO33FeqnZ3q_-1UryR8LpnGocg4drfE4zfE6ejC-yK-GvMFtjELjV75Luf69PYRDHzAY8K2FvfLlVXkU6AAvK403zJ1bapPbZwQ5u5PFqLHTIQgrhrpJ-BTmP9cKnzjvNQKhZ4CCBUwjHfgYB9GgEl0e3QRDmp3lu7zRoGntl9mj3Qj_VIZCDbw-Uk26xakNzW7wn9_5xT4GQNwhh_OQM703PLphrbCHJwd7FZ-RO3NsbYDwHa2xtihtOk7y3RqfUwcqi-MFLMT_koUo&sai=AMfl-YQzlPvdLv4bKUEZCFVmuETbqx_NbKlNg8rj-Z4_9jsa8TJDNx6MK-aTJRWB7XSABdhPm26MJIx3lDYzf_Sxw4WONb0t7Z5HX1CC6USQrMvh1w06c-ub7EmgKa_NNA&sig=Cg0ArKJSzKihz4DWVrBUEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 03:52:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 t.js Show response
fantoly.com/ Frame C483 52 KB
15 KB 24ms
3ms Script
application/javascript 13.249.167.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=1230691661313170335
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.167.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-167-8.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f956b62c91583dd5c50d53011a10d365d6d439cad546e62ff93d51bb5dbf9df6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 04:41:36 GMT
content-encoding: gzip
last-modified: Thu, 18 Aug 2022 08:55:05 GMT
server: AmazonS3
age: 83475
etag: W/"914bb3d60941b0ef68b8dd009b705a99"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
x-amz-version-id: IDIun4MnSvyw3bwvcOmDjtggUGfg5UGf
via: 1.1 28aab1224ac6bf0909cf0ce5fe798a2c.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C3
content-type: application/javascript
x-amz-cf-id: t9a0GqyxPFdglqW885voq6HB4olL6iaEoulw6b9gGUrYm8j0-2LW9A==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C483 140 KB
43 KB 59ms
59ms Script
text/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44049
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661168302676581"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 03:52:50 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7FE7 0
26 B 41ms
41ms Ping
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvKoKLreWmB-249b3Ny91HkPfwuQuWoXBi2zuNEw8cxTiyWA-PxFLJCv6Ujl62eRnE1A07IveuzViDimdc2ov8FLGi0DC0F7AnH-1_VpM0GXnal0D49DWBvWbDBWloOf1E7aDqW2tCZh9utroJt_3UzJeRuQaiisHIHtj_RqJKnfUi58Irh37RvXmPd1HJvasAxUZhsiwZJ5rz7eqY2FVUR9zlstgdvSm4qYZkpUoxxF5Rn7PZA-2NdXRBeqKljzMeP-a-nr5dvClyjZ7S1aCtYqyX_T-6XBJZeyyjTOVJMlqxSRLcIjkQrS4CwNQvFmWOnscWScjTOPa8N67n33Ycq_Ex1E2Xk056Np4-etgCcGIRC_ceokWfzgCouTkvMpQdV4S_EuIqSaI3yxx5Nejo9P2OwdwfdpciCIJjIAHxMt6MU8o8exDEuwM0d2SDoTFBnCOwpApAfZ0Ezh3Pdna8LoozqhBGYYe13NTK03x9NoPEfdY6nW4SbH5iJ_-WtUdWTJM2fMgYAABrQBMaLuNw5I2ybZbiRNwQIpJ--AbCLX4hqnIYfRZRYgCFkxwXCrd0NxfCnl6g5Kij24WPjHSZEHGRmhe-vf3kmRHQPuT_uJ-KzCF1zuN9MGXE4h-xq2TkRciJHTPjKraX5Vdi28lIp0-JbfyRAgQYdfqHukuTPKGr5ILEjhfV51rZliWRAYhJlcCEUnleF-MhlCcPYirPqKkvu_okxhgbVuvBocunglaaTYlHewqNdEsZo-MPXY8xQI-F-325UeDVm-y7NbeNnxA75T8fSXCs_2cqLiLU7w6wt2xCs-k_FyfP82zogqbFruoSwEF5xPaN_2XG0vLgO7b_8Icke_qwUDWqj7J9Sep403kxNnQx0REDgrUtRzLhF7FCvd3F-XvzOKfmIx2o4u3d5_1rvS7hVvhAcXJ05xnpYwYuBQ7CQC0YkZ91oW2RHuROfEOORKaS6KV8LdOBNY4roR2GyxioqM_rk1BASatIAnlCEJzEEctdTLOb5SY0Q2IdZAtTvjpQIFRDCWtjJfeAlitNCGaBga_0Ha4aDDDg2Cm5eRz09k-Zl3SzxSQpKWwFK2qj8qU5lxbdtuET0r48fTHzwhub9S58zL9MemzDBKFo_uQPhj7bLwZAP2jFC8phLHHj83vh1FheXlmrxEugwhcwZ4WUsYCBQVvUGhQXWDRQoiK-3SnGnjXLhyAbOH-CtvNZwV44z6EULSnJlqSyC_kL6yRRf3_MlzNSpM9R_0m-ljQIa4GdYgWCOaMLUTQxBdK2EM2fuiN6M8-Tl4GOuO5d6t9ZRv5w6R-5TGy0n5g&sai=AMfl-YTQqH-jaseu1UJaGvDCvj0VPOJ-b_yq1-IejQS-BPcEWaFuWnvJhoeeI2pbC4AQL29GBJcV3VEZXLFg3noPFKImr7j9vrjN8UXivme_4w4CRHNCA7_HP9JmyetU2zeGAtSNnXdtFd9HzTmgHiiyDlsfnAYcdsFV5XjK-SK6fnp25mHDUlXZkzbNfisU7MGe7k9mEgqJegg7xkU_itojEhgAkPQQ_InVgh8-IJsNSeZgR3Ro&sig=Cg0ArKJSzOglacGuq6uyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=510&vt=11&dtpt=437&dett=3&cstd=71&cisv=r20220822.45385&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 03:52:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 ivlloi69yiz903e8suz0m.json Show response
fantoly.com/c/ Frame C483 2 KB
2 KB 33ms
13ms Fetch
application/octet-stream 13.249.167.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/c/ivlloi69yiz903e8suz0m.json
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=1230691661313170335
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.167.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-167-8.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cce00542e20077602250bfb1a108bd9f51bcf47b0bd209d2bc8809fc2042928d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: BvW..GtVzUG8dXupglRON_HxurX0KLib
via: 1.1 2402083883f8d7e887ab58fb56e109ac.cloudfront.net (CloudFront)
etag: "b7b77444fe1fa4836a287f6d07c59c78"
age: 36259
x-cache: Hit from cloudfront
content-length: 1646
last-modified: Thu, 21 Apr 2022 11:16:16 GMT
server: AmazonS3
date: Wed, 24 Aug 2022 03:52:50 GMT
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
x-amz-cf-pop: NRT12-C3
accept-ranges: bytes
x-amz-cf-id: AzUTDEjsGE63WU17EJVc-j6BY786hqrYv6jHGrGVlfgfS_S4Q3AVCg==

GET
DATA 200
OK truncated
/ Frame C483 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ac5b35bc9b09f64cfce84288debd975002758dca1bc4c524720265c25379374

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C483 0
0 42ms
42ms Fetch
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu97p0zQOa7QdRQrrdV85M4EAp0u6JqELj4WQ7HOlNDMUHurkHpCbXYVeKXcMNjDvNbmF1LtJwR3ZlP2O46LCr3aegWMZnbc3MtbmQtSeMow5lXM4NDB4S5ZWCTaSmtdiDALqkBo_AY7e6VxQFEIgzwuNZbSmpRR_TUKY_-LtRqPOTLnAMEQMWeq8XOqBl_Cqulzdd9XRO1zXQ79F_OkboGFokXhDoO7YLb73K4QOOREf4WASpAnFW4W4D2cIrkVgMNuzLj1x4uw3zNRzW2LjHKbbrNs2kJPgq6nD4QW-wvGz7laEsITvLaDMdPCneVw5t9-sIx-dFvI-lWJ4ajU1dLFnUMABT2NdXSH6M0WadeSDfUnxKyaX-EpayvHIWfog&sai=AMfl-YSBplFwa5teo4xffLTTKb6pgIRcjiVHr_39KFWfcbOHrZGGL1TnNTvKrOm0q4ODIU5MADinFjKIi5MGWB4pSSQ8168PRx7xDf4KOirpms6G_zg8M9e6QhH3uCW-_A&sig=Cg0ArKJSzNC5xVJWOfzkEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 03:52:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 24 Aug 2022 03:52:50 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame E901 710 B
589 B 374ms
196ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=c35f75bda4a7ee08e66ea47cd49f0869408ea8b8

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.9d00f3a022654eb8edfbc3190e981f9d.html?origin=https%3A%2F%2Fwww.boxofficeindia.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

aca4ff92368d1e601edc0cb3590be251d5af55460e57f9a61b3d8caffcd27f17

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-response-time: 108
date: Wed, 24 Aug 2022 03:52:50 GMT
content-encoding: gzip
last-modified: Wed, 24 Aug 2022 03:52:50 GMT
server: tsa_m
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 81a4191e52e4d84d25fb3e19c9288cc1e25b25b757fe99ee79aa9ec5d8a0c5c8
content-length: 308

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1121 83 KB
28 KB 69ms
69ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=1230691661313170335

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc6be4e0446cd24ad821174f17712c4656266770325e9f8036343befd4968721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28511
x-xss-protection: 0
server: sffe
etag: "1312 / 997 of 1000 / last-modified: 1661293254"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 24 Aug 2022 03:52:50 GMT

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 1121 368 KB
103 KB 38ms
21ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=1230691661313170335
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160
x-amz-request-id: 9YPEH3XJD2J0JTTK
x-amz-id-2: 4iaKEwzClTY08wY00dqF9LQ0063hGyu/bxtTSefHxPNlKTsMD0zJq7nupvCHWmVKHw1/vZfBrto=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZcYICxzgs5ANNaA4YGypfEIIwM47wUhy48yZPYx%2FKChJoQPbYtzHeVVkNfEhP1GnBKXSTunHlcnmPmMjwZcrBtuWp4e%2BtltYa7I3gn8ArKliU%2Bb09Hy1iG7LOL82DuGNZo75WE0B8Qp4vg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 73f923346e9eafdf-NRT

GET
H2 200 p.html Show response
fantoly.com/r/ Frame 7B11 9 KB
3 KB 3ms
3ms Document
text/html 13.249.167.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=nllkakd&e=1296472663875
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=1230691661313170335
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.167.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-167-8.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 47743
content-encoding: gzip
content-type: text/html
date: Tue, 23 Aug 2022 14:37:26 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 28aab1224ac6bf0909cf0ce5fe798a2c.cloudfront.net (CloudFront)
x-amz-cf-id: kKHnSrkA4kmbfcNLe0B_FTRxfEmreoCxXyxORG-9m55QTtaNJNz-kA==
x-amz-cf-pop: NRT12-C3
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame FB8D 9 KB
3 KB 4ms
4ms Document
text/html 13.249.167.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=oozujn&e=1296472663875
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=1230691661313170335
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.167.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-167-8.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 47743
content-encoding: gzip
content-type: text/html
date: Tue, 23 Aug 2022 14:37:26 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 28aab1224ac6bf0909cf0ce5fe798a2c.cloudfront.net (CloudFront)
x-amz-cf-id: bSLaCFFDpbJ7Y8XaP0_qGoAopwmZqyVjJ2LCzh8aVt5iwRa2Ixh9AQ==
x-amz-cf-pop: NRT12-C3
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame E59D 9 KB
3 KB 4ms
4ms Document
text/html 13.249.167.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=zevlfdldm&e=1296472663875
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=1230691661313170335
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.167.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-167-8.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 47743
content-encoding: gzip
content-type: text/html
date: Tue, 23 Aug 2022 14:37:26 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 28aab1224ac6bf0909cf0ce5fe798a2c.cloudfront.net (CloudFront)
x-amz-cf-id: MPDwfNFIl7Q1epoy5zfff8L1cBY62S5eLLyzev1yHuGmD15KJbFQEw==
x-amz-cf-pop: NRT12-C3
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame B2BC 9 KB
3 KB 7ms
6ms Document
text/html 13.249.167.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=grldhfo&e=1296472663875
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=1230691661313170335
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.167.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-167-8.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 47743
content-encoding: gzip
content-type: text/html
date: Tue, 23 Aug 2022 14:37:26 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 28aab1224ac6bf0909cf0ce5fe798a2c.cloudfront.net (CloudFront)
x-amz-cf-id: K0JayzAjM66FD7h2TTrqaexhrOm9ohwCK8CZtqKb8l6qprEs0EfPnw==
x-amz-cf-pop: NRT12-C3
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame 9F37 9 KB
3 KB 7ms
6ms Document
text/html 13.249.167.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=oxqauh&e=1296472663875
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=1230691661313170335
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.167.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-167-8.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 47743
content-encoding: gzip
content-type: text/html
date: Tue, 23 Aug 2022 14:37:26 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 28aab1224ac6bf0909cf0ce5fe798a2c.cloudfront.net (CloudFront)
x-amz-cf-id: ydKAosW7fVIUs-tFiO572_al32qZNKxmeWq3z4th9OFNo6M3IMvc-A==
x-amz-cf-pop: NRT12-C3
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame FB6F 9 KB
3 KB 5ms
5ms Document
text/html 13.249.167.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=smddbvmpq&e=1296472663875
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=1230691661313170335
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.167.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-167-8.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 47743
content-encoding: gzip
content-type: text/html
date: Tue, 23 Aug 2022 14:37:26 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 28aab1224ac6bf0909cf0ce5fe798a2c.cloudfront.net (CloudFront)
x-amz-cf-id: EUGzMzDLmcarUKdDcosIyXHv6ga5FIQYJd6z4fN9NJxyPaSI2cB5BA==
x-amz-cf-pop: NRT12-C3
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame E3B4 9 KB
3 KB 4ms
3ms Document
text/html 13.249.167.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=btcdeqs&e=1296472663875
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=1230691661313170335
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.167.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-167-8.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 47743
content-encoding: gzip
content-type: text/html
date: Tue, 23 Aug 2022 14:37:26 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 28aab1224ac6bf0909cf0ce5fe798a2c.cloudfront.net (CloudFront)
x-amz-cf-id: dSqXmfmRP2B47nEc0ILQGT0I9niilDX93eA6auIrFPhDNJ_yMyOIIA==
x-amz-cf-pop: NRT12-C3
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame 5D92 9 KB
3 KB 4ms
2ms Document
text/html 13.249.167.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=ojxovd&e=1296472663875
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=1230691661313170335
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.167.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-167-8.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 47743
content-encoding: gzip
content-type: text/html
date: Tue, 23 Aug 2022 14:37:26 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 28aab1224ac6bf0909cf0ce5fe798a2c.cloudfront.net (CloudFront)
x-amz-cf-id: TJRQsjXf2OIf1EWeng2fEZi23iMZC3boW_Mdn2GTPQhA7BjfqSP1Rg==
x-amz-cf-pop: NRT12-C3
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame 35F9 9 KB
3 KB 4ms
4ms Document
text/html 13.249.167.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=zhycxoro&e=1296472663875
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=1230691661313170335
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.167.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-167-8.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 47743
content-encoding: gzip
content-type: text/html
date: Tue, 23 Aug 2022 14:37:26 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 28aab1224ac6bf0909cf0ce5fe798a2c.cloudfront.net (CloudFront)
x-amz-cf-id: EZrgftLhcnZ7Lw9d0HjFI7zSSxW8u2UEE-3o289FyjAPYxR49mZk5A==
x-amz-cf-pop: NRT12-C3
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame E8EE 9 KB
3 KB 3ms
3ms Document
text/html 13.249.167.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=xxsr&e=1296472663875
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=1230691661313170335
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.167.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-167-8.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 47743
content-encoding: gzip
content-type: text/html
date: Tue, 23 Aug 2022 14:37:26 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 28aab1224ac6bf0909cf0ce5fe798a2c.cloudfront.net (CloudFront)
x-amz-cf-id: d7QfLc74LIRJaLEBt3f33t2IKlRcu7Tcnd-vRWckLEwh7CpkQutCuQ==
x-amz-cf-pop: NRT12-C3
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame 87E5 9 KB
3 KB 3ms
3ms Document
text/html 13.249.167.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=sqqozxm&e=1296472663875
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=1230691661313170335
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.167.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-167-8.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 47743
content-encoding: gzip
content-type: text/html
date: Tue, 23 Aug 2022 14:37:26 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 28aab1224ac6bf0909cf0ce5fe798a2c.cloudfront.net (CloudFront)
x-amz-cf-id: jjRcltx6oeHlvzTCsPrlFQydSt6GPavrSvtz0X_6Bpg9enrnh5wA9w==
x-amz-cf-pop: NRT12-C3
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame 3570 9 KB
3 KB 4ms
3ms Document
text/html 13.249.167.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=yoxktmpxc&e=1296472663875
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=1230691661313170335
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.167.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-167-8.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 47743
content-encoding: gzip
content-type: text/html
date: Tue, 23 Aug 2022 14:37:26 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 28aab1224ac6bf0909cf0ce5fe798a2c.cloudfront.net (CloudFront)
x-amz-cf-id: WVta8pxj6YJ2BqadhOGVxy4W9eC_EKmLn4N6eelqz7WvkuKG6h2ttQ==
x-amz-cf-pop: NRT12-C3
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame 3D59 9 KB
3 KB 3ms
2ms Document
text/html 13.249.167.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=viefzcqvsm&e=1296472663875
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=1230691661313170335
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.167.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-167-8.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 47743
content-encoding: gzip
content-type: text/html
date: Tue, 23 Aug 2022 14:37:26 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 28aab1224ac6bf0909cf0ce5fe798a2c.cloudfront.net (CloudFront)
x-amz-cf-id: nNeuuGZFIKTGqBKxnqwGUAEDm8e0KAbEf65-hBGUfdLvdoWF7CkxRA==
x-amz-cf-pop: NRT12-C3
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame 71C2 9 KB
3 KB 4ms
2ms Document
text/html 13.249.167.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=fwfmzsjpj&e=1296472663875
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=1230691661313170335
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.167.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-167-8.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 47743
content-encoding: gzip
content-type: text/html
date: Tue, 23 Aug 2022 14:37:26 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 28aab1224ac6bf0909cf0ce5fe798a2c.cloudfront.net (CloudFront)
x-amz-cf-id: 9UBz2NALgRfy1ShM7viiMrTcQN24PJhhC7DBNkD5nYvfZZ_0cmAuww==
x-amz-cf-pop: NRT12-C3
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 391C 0
20 B 42ms
42ms Image
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BX5e_kaAFY7DiKdWQpt8PvOG9iAgAAAAAOAHgBAI&bg=!_P-l_7vNAAYUOm8VNDo7ACkAdvg8WlQWY1N2AkxdfkomQVeUOZGqt5PHLWU84AuD1zUeJofajS-rqQIAAAFIUgAAAAJoAQeZAyR4aWqTpQxyj28Ij7ByXp1TwH8uS1zyf9qZHqnMcrMinfLrFa2fdraDt1Kbcufr97UXWf8bhSjcwomL1No52VeqJapJZspV35awixUMWhEggAns9fqyXF4uoLhGgQwA1BNwBMXZbrgv46ocBevaLYJlyMe-qx6IiTaPgwiqAM7Yns3zHFKRq1PdUqnP3fnZhCX8HrQNz1KzQs1qWrsP67XKaYZYg-kiK_LV2zoEdWIMwp-W9YG0847DpBDkK4nRx5Y61UkoaQbGjd-OF6ud3MDEK_E5A6zq49ysq3i6sQ_WTO7uMuq8XERIyBSxHwujvTvyqAtH5fveXwWsWovycKkNCJlPaGEDh9ptZzpZ8MQ_m8IRtOqWMJdp6_iUpcDPAQO0KDAh96o0wSQw0GTmycCkstTKv8LUArbgcjOwEcuMwP-BSuaehqrl3_meVERi_3CyMv_-HRigPyPPCbdWB3a8HuPweuJpX7CjfiIk7p4rGcbuf-iSdK28LiQQoDJI9017pYMQ-QRbDA_OGSV8_SrRCcnhnugkf9Ji9WsFH5o1MLgtzm-eey_IqcjSBsQrdHuAMikUXdqKpjEEgh8wGgBBt0U4W-tJFmubySABNIpo_X-hDsdMuvweftehYkJo5wrAp8D7SPb7p_X5dBCf01hdHP2y-Ao8zzvFoxEW_5NUVmitXEodN2KW1yR7nWhyXMTDvyHGSUgDOEcCvumapp607FhrFRbnOCj27ALLjDr1KRj3Hd9kmISP-pM1-fjqiTluDzMLQsqlLWbncdxuRdftjxtNQGHFkuADtHJ5RitqnLMN3t1qrcxnzpEa9W5-XEdBcPu1ZUlk94f7x9fMCbx06s-PEdQngv2o8qEBsPyY8mEXWwyoCOH5oM9rYeLiBqVfFBU0CBfMYatMm273J3Jzrz5alFCtB4lhOPKokQyNfcvOxtx3OT1bFEeB7pYSVkR7xnwGQhyBi3_6eUXdkl8gx8a3FySXb4WHeDWfn1D6Ats5DvPbLd_Nj4Loq1ZUTgyzTMuT8JDJEU4qU_X0izFcyBLPt1ji79b0HlzSlp6j2Q4AyKg

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2679 0
20 B 42ms
41ms Image
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJtNYkaAFY47fKYqOpt8PkLm34AQAAAAAOAHgBAI&bg=!DQ6lDkrNAAYUOm8VNDo7ACkAdvg8Ws4x9A0YvKdxMjqHYdyK4KeSCNY2dHSTvXifG6aSfwJC-EUNawIAAAF6UgAAAAFoAQeZAz_KJDN5LhOxDjjwMYuQIZ2e-CcPYTxpi8fnN_l2Rf2IeRGqMxaeZy9shBLgyxO0DUhV5bHh6QqZ3lk7CUKOzVdMO9Kv6zr5p9kvjXkidZB-J9mZLYm0UhaY7ulXAo7EB9h33Y4Z1evoKypQp5_ObJSjxNVUQLQiarC2KFLUnuTq2oVYL5O4_2tfB-WBNtCSlo1uEiUX0pzkdkbh8rpgIteyE-VxRqgU3SVwDI3RIHNwh7Tk_dv1pYWKh3JPEgdK5OpkF7MKeDRsH8dFIgVYdsPO5p-OizI39UeD8dYGNvElD_Huc5UJTeD7uxtdmpu-kG79kwCt_Oj6Z_li7HKMXBfZSf-s14pOejDy3HPIPZJgHK-atYt-HyThSYW3N69BOnHp_btv79fso450hDKBjsDEftXhX5Ehbt0AoLpRIOSgdzbTbzIq8urcSYcAXDvhOWTxEiOfe_WrdsnA_o3bOz1kjisTlOWIPCmtzXKWIIeoslu9qxIbyoBYMyAEo88T5vk7uTd71lHv_qk_9n2hw10AFX0OfCvQ1YocK-Cl47u1P1KMU-D1s7f85NBVkle1eCYg4wnqt7Jno_GGvLt12oOOrbE1Gxi40bxLMfSgVpTtWlpz_t82lcacBcq5lP3DNCDDPLqECPc5n9ckSBqG3DgwNFNhFTHzn9kvLlTrVfX5XvHETl4odVILQS5v9f1bGPKmmk4yMCUg5fqtuOJF2CNF7PaKTwhQzkWZyYK1g_2rZXZ84f8TwjMdEgFaR2jEejTs2a4UWSw_5w3pPCDJwylN10ouNm_0fn0RqRm5bPiPYaIgUxTTtDBcITaUe6wPDo1y5cB05SP0uYiVcZpp_u_8eF7pF21oFlDzznKfV87uVEDVhvuo4PGQCSY2uDTNNP6_KT3gQ6ruVS-qiZt9Xcr9ziVFEDlKWrMwB4PgMWuL25QXlLS3qmsUxjbbMJlkh5Bj664taDvdkfPpvyNRNkG0wMITs69JKqSWEA0HWjKSJzZeQgJquhfCyk0CUg-G1N6EjIMsSRrRSU_2V555VvzEG7gNE9tLQTTCpzlORSn_S-EsxANzTVFiXzl9sWA2ws2KPfYzUHFvxsfnbF-IAJo

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022081701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1121 384 KB
130 KB 3ms
2ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 14:28:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48247
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133512
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 08:37:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 23 Aug 2023 14:28:43 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 1121 428 B
214 B 39ms
39ms XHR
application/json 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.boxofficeindia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7c9cf5109e2da45f2b85173716454fe04d05d8cc1eb0c01bba0893907ca7307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 03:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0
expires: Wed, 24 Aug 2022 03:52:50 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 88F6 0
20 B 40ms
40ms Image
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bl_XrkaAFY56WKpWRpt8P2vmNgAgAAAAAOAHgBAI&bg=!x8SlxIDNAAYUOm8VNDo7ACkAdvg8WnfeOqDiQXckhZya4np7j6Zt8S3Pwck5SlGM4gP89cr7oT5suQIAAAGrUgAAAAJoAQeZAyau5CGmkW3NWkin0HxHyoyeMyW8PMt7BsT9iVB0M1LyHOL0XpXuQkLk-UGFvERz7D99dKN4ncv2BuN-nbBgaNP-5eUl55wgdjlzGPPYloECXrj0nSOyAPsXRxtJBvnFBDZkrCZnUOD0wUUhswjrDoilfVsKl8HVsnLfJiz30CwrADSWC9ygDcmfwM9gL3v6Qj_j3l9EG4gWXSuzLvTwqWSwcZ4LyZOAC0S0Kz5ED27GHf5uUx3lRR3jUtcR3CrnKIRle6Pw9O4PlpdlEHovBJ5e3ue90_UuexOdoIXb8OczcJRZ3fCRqu7x-ierDEw6E36ylGRYDaRR24Yl2KKRjD4tCsdYFQWYKcZ3VfrNb73312jXU4urIFYe3N5MmaLrlZpx6pzK6ROSWm-rvFtWHO6SZIZP2p_JiHfMdaZOMdVSqBMPFleYPW2QSQdEmGho2IjeKD8d1-j1drlYZwqt9_GpLGEaVGH9TL-r88YfssXVN7ujLX8bA1mFoDqzaOKw9QWQZ8LQHiTDI3izmOCaDPWVi4uwxpClX5ee-1zuZYmer5aajX5A57JuFDbeQdYChLlpgfc9TLVvEjvuqmzKskmML6AIJzkLTguWQEMGuUDxM0iShbmvJj7LU7gr-g13eaJ1vsO3CdcbrEepSiEx6Cxtk7rrrf4dJymAm1OMNbKjj3JSRssRQdvxOjX2y4jXpobY5r3n3s_XBH4NHvYm1iTa3x6cXbgzaZd9RL4oZuK7xFNan9GqE-qjRY58zvb7jeYUvWNvT0jYccaKBeR83sQnngSFDqgm4KfWg8qAVU8jfNfgPD5b6A7TgLFoRObxOWNDf37ewfwmv59qfeVvu40SdZJNFveqPZ8rEbJzg3aFJyRNu8_XUMO6jgL7lPwNL_1L93b97FOwpI5YREA2JxSiKK7kUlSS5IZiKORfHX_jw65CN-jRV17GwPW7zgxeYCN5nHKJpvwRS5W2spID86Dd48ANXX5egPuPRNheQvxfZBaPqyvZldlYG460KAAlHLhgKFxdXBCndQcK2ZTmf-pvRnRHvCnPTvcQoyX9VgJ4jAiNVqAqcQ

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 719ms
235ms Preflight 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.boxofficeindia.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.boxofficeindia.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Wed, 24 Aug 2022 03:52:51 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 1121 24 B
651 B 124ms
124ms XHR
application/json 209.191.163.209
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: 0e0d3eed2e1e393556fff145cc9eba123cb7c269777330831c1c35dbbaffdb3e

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 24 Aug 2022 03:52:50 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.boxofficeindia.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 1121 0
121 B 182ms
172ms XHR
text/plain 103.231.99.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.boxofficeindia.com
date: Wed, 24 Aug 2022 03:52:50 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 1121 364 B
1 KB 403ms
172ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.ref=https%3A%2F%2Fwww.boxofficeindia.com%2F&tg_i.pbadslot=%2F21671350435%2C22684505004%2F300x250-data-boxofficeindia.com_._t1&tk_flint=pbjs_lite_v6.15.0&x_source.tid=cd5fe821-67df-4439-9d60-9947dacd14f8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5386141808260985
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b6c7025f073e4f0ba7c730aa099d25057e9a5aa49043d50d282266c901cebb52

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.boxofficeindia.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 364
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 1121 0
413 B 1116ms
615ms XHR
text/plain 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.boxofficeindia.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 1121 0
224 B 9ms
2ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=70783704491

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.boxofficeindia.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 1121 173 B
357 B 90ms
85ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.boxofficeindia.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cd5fe821-67df-4439-9d60-9947dacd14f8&nocache=1661313170835&schain=1.0%2C1!adpone.com%2C17b4a2aeebc4bbeea831%2C1%2C%2C%2C&aus=300x250&divids=%252F21671350435%252C22684505004%252F300x250-data-boxofficeindia.com_._t1&aucs=%252F21671350435%252C22684505004%252F300x250-data-boxofficeindia.com_._t1&auid=557079286
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: af9ed5029b6698cfe855df2166c845885c43f4b4be87906b52d78e6349afbce6

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.boxofficeindia.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 1121 0
344 B 711ms
234ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.boxofficeindia.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1121 19 B
874 B 114ms
114ms XHR
application/json 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.boxofficeindia.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:50 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f4e44439-a8ec-44bf-a6ce-7b353874cfab
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.boxofficeindia.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B12 0
20 B 42ms
42ms Image
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjklYkaAFY4fjK5WRpt8P2vmNgAgAAAAAOAHgBAI&bg=!LC-lL2vNAAYUOm8VNDo7ACkAdvg8WnKT7HY6e1yXjjrOPHA3oTv-8RmnejFViDmqvlKpZd053U6xmwIAAAGhUgAAAAJoAQeZAxtGa9YBfniXY9QdW4W7DY4Un6QYQfxOonr_s103FtLObRu-UqBzsvbdQY9kpxYRT3ZCTp-koGXrHFvjiBebslAApV924h7FTdGzrX36-9Hu3XR7flbP8NHKc7f0yfQoJg3sNotgH0n40UlK5N7LEPgZiqY302ugXUYu8wOjTKQh4X3Bnfb1Jx9s3u7f90OLF5LmPbf1ZZ-Hlt7CWzxTwjZ6T4KKe0NWCEiN8SBH7t5T4Z7ZGnYNY7lEEdcN-GlcZJCnWbrmAJ3lVCrEwlsikRlRxmhx9FlIAyzw7bH99cagEOkpzg7On0eFu5bZHrrDtWWrc9eIO6FmFdpWnm2l5GDRz9I4XRfPFyMJ2t5OPV_vG16-iiJrpGapz2rChiHz42mP4l6dRFi9AUWejMygrfF5FgxF2lBrl-SNcUu7qgD4ORF7KZKzZmiRMl8OWxOud7BglWkKU4NXLhQXBlaLoENd3pjxej6WVdKusUeG2ypPVLnLB1y94dqf_uoBDVtXwlTqNIcvdNO7mH0DN2Pg5X9DFah4fH6lwGBTvBQthJP5l7GmvQdgk-G5ouMmGX9mo8MXx0UI5GMFyDI1ulWNpb_-f53AlmgPDjVJf27TquJ3J_HB1f6fUxmJUWF62mYjMYgwtowLKALXU7Y_e_7-04tD0N_qaJXTfcoILLrlZymQ49ikPOBMC6P-gIf9hgRo5jTHGYr16KuvhmGb2KobpeSdSu2Z_qY9FNekbWrBARpNDjxSeWQwMweHovIBAtKGswdKefNcfdhbNbHsuw2asGKjqCzB-1LBjcExe7bf3rlcqGYxNF5vr1Hz-mJSjbCQ1Bs1XzyAzJnpfqDTlWbZA9y6mUea1PlBknCAaGwhWQv5SMxy2E5Jvw_I4a5lJMYWIXW3oaJqkAlBKRmXdj8cYfhHGlODhgAW84tIy_V5UbfLbZUDGsfiN6aG_pyxgq0s-l1GVeHa_8r3m8jrRF3zxd8kwSvJMU9qeLhVm4UuI0GzyTueZnNlxxmHFuWBh6awW2dGRkyhm2PnO75k1Wu3gOO4KW5r6jDtIZEQ5oU

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 7B11 368 KB
103 KB 21ms
21ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=nllkakd&e=1296472663875
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160
x-amz-request-id: 9YPEH3XJD2J0JTTK
x-amz-id-2: 4iaKEwzClTY08wY00dqF9LQ0063hGyu/bxtTSefHxPNlKTsMD0zJq7nupvCHWmVKHw1/vZfBrto=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BME6ZMJ9%2BID4%2Fo%2BwVMuOXLHlXKs1HW2FViayQnB41pCytDFXGvbnWcxyjfwqI%2BqVQJSgFpbD4faaWF2Mz7Jbvqn8Fu9D0lVpn0SrPP2VWymakTEF6MTLdJcgRBe8%2Fg8RhCrcNWdKwmWQLhY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 73f92335c8c9afdf-NRT

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame FB8D 368 KB
103 KB 19ms
19ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=oozujn&e=1296472663875
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160
x-amz-request-id: 9YPEH3XJD2J0JTTK
x-amz-id-2: 4iaKEwzClTY08wY00dqF9LQ0063hGyu/bxtTSefHxPNlKTsMD0zJq7nupvCHWmVKHw1/vZfBrto=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eus6YYkgnFpIunkXG1wXbSqPa%2BkbWRXfuufSvlEZsv4GDxUr57zL5%2BHZ%2BgmKxEogR2wZ8Qyqcip%2BLfjfUHQSInT7lAgCZmp1%2BdCok5gBYaJMrwJfbttS175ACegAmU5bNWR8SCT8DUTey%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 73f92335d8d4afdf-NRT

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame E59D 368 KB
103 KB 18ms
18ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=zevlfdldm&e=1296472663875
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160
x-amz-request-id: 9YPEH3XJD2J0JTTK
x-amz-id-2: 4iaKEwzClTY08wY00dqF9LQ0063hGyu/bxtTSefHxPNlKTsMD0zJq7nupvCHWmVKHw1/vZfBrto=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEb9o%2Fifyp7%2BIrNGqu27xNTWkrwbIU0521i6EeEovj9rYwCw5M1OVjyzeycGee%2BDjXAQwjoblxVn7KXBOf2f7NRNpt45MguWtx%2BffMAiMvoWz8uhSQQ0vL4Tf0rXyvD24JYqs81q%2BYtdSCc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 73f92335e8e6afdf-NRT

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame B2BC 368 KB
103 KB 19ms
19ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=grldhfo&e=1296472663875
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160
x-amz-request-id: 9YPEH3XJD2J0JTTK
x-amz-id-2: 4iaKEwzClTY08wY00dqF9LQ0063hGyu/bxtTSefHxPNlKTsMD0zJq7nupvCHWmVKHw1/vZfBrto=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=He0dxT7snjVWLUrRZnq726B0%2BHm08OGG309DwrWYiqW9ZY8yStNiAD4qwiJe5GBv7AoPE1QCV6HSLRGYoqfwBvN7BOdxCJoNDq7PqjF3Duiu0eop2Q%2Bb8ohw4QSw%2Bdjs2FyvotDLCIBSLQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 73f92335e8f4afdf-NRT

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 9F37 368 KB
103 KB 17ms
16ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=oxqauh&e=1296472663875
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160
x-amz-request-id: 9YPEH3XJD2J0JTTK
x-amz-id-2: 4iaKEwzClTY08wY00dqF9LQ0063hGyu/bxtTSefHxPNlKTsMD0zJq7nupvCHWmVKHw1/vZfBrto=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8q8fPFSmspQPhsFCbjA44Y%2Fv8PV04C3wkwDh0eXXx%2BsgYEsyMFwHp7wYD0lzPWMESVwgcPFj4rReQ8UL2xcnXoOVXXwjVLUvAa6vYjX8%2FslZx5rSFSkaOeF0mATNhrIaVrhDntciRJsvtc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 73f92335f909afdf-NRT

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame FB6F 368 KB
103 KB 22ms
21ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=smddbvmpq&e=1296472663875
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160
x-amz-request-id: 9YPEH3XJD2J0JTTK
x-amz-id-2: 4iaKEwzClTY08wY00dqF9LQ0063hGyu/bxtTSefHxPNlKTsMD0zJq7nupvCHWmVKHw1/vZfBrto=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPdzrj2qtEyGpWaim3zWIIK7jZKCnVVt89INUu5fsrWJGzvW5SDy2d70Rry3XF9LTV2kA3r%2B96zErkxKu%2B3yyLN5wwkbMnyUI2AznPNkB9NLIAtT0LNWdaMpnYeiEh3z%2BtJoUnSn9uaIvPk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 73f923360915afdf-NRT

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame E3B4 368 KB
103 KB 20ms
20ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=btcdeqs&e=1296472663875
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160
x-amz-request-id: 9YPEH3XJD2J0JTTK
x-amz-id-2: 4iaKEwzClTY08wY00dqF9LQ0063hGyu/bxtTSefHxPNlKTsMD0zJq7nupvCHWmVKHw1/vZfBrto=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RW792Ow4W7F%2BHvpy6kMT9EBiRpTElb33hiEFx%2BSuM9lAVbIunbKLrBX2Oj%2BeVss%2F%2FkUPSZzbh%2F%2BAU8ewfWFSw9%2BCImZnX9UOsTN7VfoX9UCEImxeCzjyLri2lQf8OJjXu4rS1Ar8ZP1eUUE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 73f923360932afdf-NRT

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 5D92 368 KB
103 KB 20ms
20ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=ojxovd&e=1296472663875
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160
x-amz-request-id: 9YPEH3XJD2J0JTTK
x-amz-id-2: 4iaKEwzClTY08wY00dqF9LQ0063hGyu/bxtTSefHxPNlKTsMD0zJq7nupvCHWmVKHw1/vZfBrto=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8i8vUTRWiqrtJfUNTxJ7y21FY5qdlTeD674pgicyqeQu7Vqh0WPP%2FyvugMnOpL%2BHvsQaiBYCMU6oj%2Fe5QnPeyjn%2FB%2BzHbupFTTaBGFc8UQBLGTjfaTR3bb%2BZMq7BU4J%2FPH8I1TxkoNzaiI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 73f923361942afdf-NRT

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 35F9 368 KB
103 KB 24ms
24ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=zhycxoro&e=1296472663875
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160
x-amz-request-id: 9YPEH3XJD2J0JTTK
x-amz-id-2: 4iaKEwzClTY08wY00dqF9LQ0063hGyu/bxtTSefHxPNlKTsMD0zJq7nupvCHWmVKHw1/vZfBrto=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sz83u25%2BNJxenTNsTZrASP%2BxmP9%2F8swzF7xUsZaV1pHl1r3fh7BVa25VTmThkY9yrdtrar%2BFzfry3rLr34v%2FzeMdXWcGMTKwgui4%2FVh8Nu%2BoLemgKheUUdMMbNAQl9ZQUBOR897vplaBhfA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 73f923362952afdf-NRT

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame E8EE 368 KB
103 KB 18ms
17ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=xxsr&e=1296472663875
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160
x-amz-request-id: 9YPEH3XJD2J0JTTK
x-amz-id-2: 4iaKEwzClTY08wY00dqF9LQ0063hGyu/bxtTSefHxPNlKTsMD0zJq7nupvCHWmVKHw1/vZfBrto=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2hLu4HMy0W0sjLew%2F7yK85Kgujc5GS7bloOCN2sfqIP%2FN8RdCbOusKm0ro7sUlKnyUZ5%2FH3chbu%2BAPW7tSWiMWAjeRdY71T6terJsy3uDmT5u9763JkWpBxmaJnGkYoIJxwC3OcxKBCc7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 73f923363963afdf-NRT

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 87E5 368 KB
103 KB 16ms
16ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=sqqozxm&e=1296472663875
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160
x-amz-request-id: 9YPEH3XJD2J0JTTK
x-amz-id-2: 4iaKEwzClTY08wY00dqF9LQ0063hGyu/bxtTSefHxPNlKTsMD0zJq7nupvCHWmVKHw1/vZfBrto=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2Fy5orvkPvL0ysGz5yMhnIkz8akft8zgN7jGBxjrYeBa1wsj%2FHluhYF6BQ7t9YXcU4DMHH5Gr4GUnCLvLGvz2GziMmLXNKJZFUBZMwe9vWllMbRhfIdi4uL%2Fdj5NYM0uVpeBkpX578V5C8g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 73f923363973afdf-NRT

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 3570 368 KB
103 KB 21ms
20ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=yoxktmpxc&e=1296472663875
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160
x-amz-request-id: 9YPEH3XJD2J0JTTK
x-amz-id-2: 4iaKEwzClTY08wY00dqF9LQ0063hGyu/bxtTSefHxPNlKTsMD0zJq7nupvCHWmVKHw1/vZfBrto=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7pF8WUWYpvZ6f3iIFhBqXnPwMiBPjyfQ8irwQ%2BFX1jGamY9yKxcl9DrP6%2FyGLd1m%2FM1XjAcRjDmfgj8aK2qHJqx3ep57kAWAU5t0yatu%2BZrEtjQ7%2BgtM3RJZN7ZeGwXNJu5xO2QMZDFiAM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 73f92336498fafdf-NRT

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 3D59 368 KB
103 KB 19ms
18ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=viefzcqvsm&e=1296472663875
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160
x-amz-request-id: 9YPEH3XJD2J0JTTK
x-amz-id-2: 4iaKEwzClTY08wY00dqF9LQ0063hGyu/bxtTSefHxPNlKTsMD0zJq7nupvCHWmVKHw1/vZfBrto=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6HMqj%2FLDoMSHqSoYc7dT0BLtXm%2FvByN783PAZ%2BGHO%2BGO8wMVyDzUVVwoadtrim1lupoq%2B2gd0BVQKBHBuA1QwqRjnFfFnDVe0JymfV4lSBkEkEStt7HPw%2FBu%2B4L6Rns1YnpwCx%2FHNVw7B8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 73f9233659b1afdf-NRT

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 71C2 368 KB
103 KB 25ms
24ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=fwfmzsjpj&e=1296472663875
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160
x-amz-request-id: 9YPEH3XJD2J0JTTK
x-amz-id-2: 4iaKEwzClTY08wY00dqF9LQ0063hGyu/bxtTSefHxPNlKTsMD0zJq7nupvCHWmVKHw1/vZfBrto=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aoJlZ0OUYFjOZLs7FzbkmL1l78oMqc5XnphD%2Fc4pIe1fcN3iWESj2l3LSkD68jardMEVTpFxqtqTWxVl8XZqhsLvkDyPwZsOzZ4qUSgeSMuE66pSQTRQAstmgr%2Bmv04xhFurekZtJrk4Efk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 73f9233669c5afdf-NRT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D645 42 B
64 B 46ms
46ms Fetch
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_Q3OmCryxNQCwM7zEmuJPNfinqM-EftY4hzP-KlRugznbQwytn3E0gNyG38tj_zKfUJIw7HuqgHqOETndKKf6fgDP1Uv1VXtgDtqfKjjt8hMkkZBB_kRjpiR2TyNCqZxbO-FrYIyf7Q&sai=AMfl-YRLc8BiDNQx9UQCS0cfDrPg3gk-RV2w3L0rKT5LpuGDlpJp8PQr5QYF2qFYwowebycFJ8kuR_npMNDQLZRJd_KnchVnHHp95j_StuLrE_zLf0VrguHhDm2SS1k&sig=Cg0ArKJSzARjAtNKta3xEAE&cid=CAASJORoQCS5229_t9cglNpVZ-nRBUEzP-5rC62kH9HbLdpErGM6Ag&id=lidar2&mcvt=1017&p=119,64,719,224&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20220822&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1991902033&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661313169579&rpt=361&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BA95 42 B
64 B 50ms
50ms Fetch
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst33A2ROU8wN-vY0bNAVYWhepF4iTS1lEJ4_zaGDJVfYfIQAFwvqvpGG6fhCBP0ND5kzhBK2KuwlNPOq9BKfZGvac6fXLxMRz8RfaiPkTxOTaTTgJdpTEcU8wabaM1K5KdrUduDuh88jw&sai=AMfl-YRZdrXPqRGd3cHIEK6CM0mPoGzIGTdoRZiQZaEg8bZFAqX28MkiFhZW9uFSPmwcrRt_flMX2anBkS6VeVu8Xmejqxnn2fEHnLh9NI1wmXzSoIIL6qG8FLJXwOI&sig=Cg0ArKJSzKj12YlcOyCcEAE&cid=CAASJORo0LCFX0d7_GDQDCj6UVA3V9ZSwgBFKb0u9rzPUXPxoYL3-w&id=lidar2&mcvt=1019&p=1110,436,1200,1164&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20220822&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3051531470&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661313169568&rpt=346&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 542ms
236ms Preflight 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fantoly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://fantoly.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Wed, 24 Aug 2022 03:52:51 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame FB8D 0
57 B 63ms
63ms XHR
text/plain 103.231.99.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Wed, 24 Aug 2022 03:52:51 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame FB8D 138 B
983 B 115ms
115ms XHR
application/json 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

3f1dd122dba4290e9b5c2b9934b45b2f11b2b36331d7ca03c67b622b52d1c409

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 084caa8e-675a-436b-ab0e-aba00217c775
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame FB8D 0
212 B 2ms
2ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=13163514711

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame FB8D 321 B
1 KB 382ms
173ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.ref=https%3A%2F%2Fwww.boxofficeindia.com%2F&tg_i.pbadslot=adpn-adtag-1661313170855&tk_flint=pbjs_lite_v6.15.0&x_source.tid=8ce053c1-eef0-4a97-af47-d33b2b4af1ab&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9029533676559904
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: cc5b1534e4a1008fad07d9162e3d0b1192a770fc381420e9f4ea97a4d3253c8b

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 321
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame FB8D 24 B
640 B 126ms
126ms XHR
application/json 209.191.163.209
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: 22664347cfc29addf0b2bd5095e75ce990acaff87898db256a131564a2778ec2

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 24 Aug 2022 03:52:51 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame FB8D 174 B
187 B 158ms
158ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.boxofficeindia.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=8ce053c1-eef0-4a97-af47-d33b2b4af1ab&nocache=1661313171010&schain=1.0%2C1!adpone.com%2C17b4a2aeebc4bbeea831%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1661313170855&aucs=adpn-adtag-1661313170855&auid=557079286
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 53fbde168884383576eac2701f2bcfe08e2757d8a9b1586726f0bc0edcee2bb4

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://fantoly.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame FB8D 0
405 B 1091ms
590ms XHR
text/plain 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame FB8D 0
333 B 673ms
220ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 520ms
236ms Preflight 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fantoly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://fantoly.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Wed, 24 Aug 2022 03:52:51 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame E59D 0
212 B 3ms
2ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=12723024328

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame E59D 0
57 B 55ms
55ms XHR
text/plain 103.231.99.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Wed, 24 Aug 2022 03:52:50 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame E59D 0
333 B 687ms
221ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E59D 19 B
863 B 110ms
109ms XHR
application/json 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 01eb6b17-0aaa-473f-b1fc-15afd0c0eb13
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame E59D 24 B
640 B 226ms
123ms XHR
application/json 209.191.163.209
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: a4a9e776cf45ef2af2b5331c2d94cb01d5c757bc417a3ddc26a1ea3d6b54219c

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 24 Aug 2022 03:52:51 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame E59D 0
405 B 1095ms
595ms XHR
text/plain 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame E59D 321 B
1 KB 360ms
159ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.ref=https%3A%2F%2Fwww.boxofficeindia.com%2F&tg_i.pbadslot=adpn-adtag-1661313170862&tk_flint=pbjs_lite_v6.15.0&x_source.tid=e7e98414-867c-4925-b379-c22b120f8327&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5499258654335197
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 359028704d6053e7d1f311ed4d07ba6ed5675c78ac480d61b75a8941591eb75b

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 321
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame E59D 173 B
187 B 177ms
177ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.boxofficeindia.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=e7e98414-867c-4925-b379-c22b120f8327&nocache=1661313171036&schain=1.0%2C1!adpone.com%2C17b4a2aeebc4bbeea831%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1661313170862&aucs=adpn-adtag-1661313170862&auid=557079286
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: f621b7c65670ae0bc3066b227b159c13c255ed8b8a9486144ea7d7f0e802a54f

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://fantoly.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 734ms
469ms Preflight 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fantoly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://fantoly.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Wed, 24 Aug 2022 03:52:51 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 9F37 0
405 B 863ms
594ms XHR
text/plain 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 9F37 173 B
188 B 132ms
132ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.boxofficeindia.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=0d868915-6433-4c35-9b14-870be81dd419&nocache=1661313171053&schain=1.0%2C1!adpone.com%2C17b4a2aeebc4bbeea831%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1661313170875&aucs=adpn-adtag-1661313170875&auid=557079286
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 320d0db3c6936365dca3f2936e9c8d0a97d524054dc9592395a8bff948d6374c

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://fantoly.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 9F37 0
57 B 65ms
65ms XHR
text/plain 103.231.99.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Wed, 24 Aug 2022 03:52:50 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 9F37 24 B
640 B 325ms
121ms XHR
application/json 209.191.163.209
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: 24542955a35feeae5acc24f4ba3a5c27a44fdd99f1ecc25f1db3803bbbf68e72

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 24 Aug 2022 03:52:51 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 9F37 0
333 B 691ms
247ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 9F37 321 B
1 KB 391ms
191ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.ref=https%3A%2F%2Fwww.boxofficeindia.com%2F&tg_i.pbadslot=adpn-adtag-1661313170875&tk_flint=pbjs_lite_v6.15.0&x_source.tid=0d868915-6433-4c35-9b14-870be81dd419&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.19916514983806732
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 22889c8b399bf23044965eb78f2b77669fe596cce3c2ab987620729cb26dc023

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 321
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9F37 19 B
863 B 107ms
107ms XHR
application/json 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ba677957-0eda-4ede-813d-8c7866e9d31a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 9F37 0
212 B 3ms
2ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=15887822020

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 451ms
236ms Preflight 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fantoly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://fantoly.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Wed, 24 Aug 2022 03:52:51 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame B2BC 24 B
640 B 284ms
119ms XHR
application/json 209.191.163.209
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: b1a0dfeed00543625a3f0b67f9fd472048af50e82db3fcda60b5db615db0696a

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 24 Aug 2022 03:52:51 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame B2BC 174 B
189 B 171ms
171ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.boxofficeindia.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=a41a856a-1fdb-4896-b3d9-c4a1560baef2&nocache=1661313171098&schain=1.0%2C1!adpone.com%2C17b4a2aeebc4bbeea831%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1661313170868&aucs=adpn-adtag-1661313170868&auid=557079286
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 6b18864cc72479f765742ed27d85cec9eeb6979bfbd8864896a0cd35f7aed4ae

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://fantoly.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame B2BC 0
57 B 56ms
56ms XHR
text/plain 103.231.99.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Wed, 24 Aug 2022 03:52:49 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B2BC 19 B
863 B 104ms
104ms XHR
application/json 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: aa664485-59ec-4e65-8a92-3ba04036979e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame B2BC 0
405 B 1102ms
601ms XHR
text/plain 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame B2BC 0
212 B 2ms
2ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=37217080539

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame B2BC 0
333 B 678ms
234ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame B2BC 321 B
1 KB 346ms
179ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.ref=https%3A%2F%2Fwww.boxofficeindia.com%2F&tg_i.pbadslot=adpn-adtag-1661313170868&tk_flint=pbjs_lite_v6.15.0&x_source.tid=a41a856a-1fdb-4896-b3d9-c4a1560baef2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.47892389621639087
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f97a7b9efccaaa492600efae0bc353964177733670dd0c18938d1051166131ed

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 321
Expires: Wed, 17 Sep 1975 21:32:10 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 420ms
235ms Preflight 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fantoly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://fantoly.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Wed, 24 Aug 2022 03:52:51 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame FB6F 19 B
863 B 115ms
115ms XHR
application/json 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 01cfdc3b-3f03-4738-b819-206c4ad832c0
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame FB6F 173 B
188 B 143ms
143ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.boxofficeindia.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=67c873ff-b93c-465c-9b0b-9fd3b481e507&nocache=1661313171126&schain=1.0%2C1!adpone.com%2C17b4a2aeebc4bbeea831%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1661313170883&aucs=adpn-adtag-1661313170883&auid=557079286
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 3acdeae6ca982984d4b7368083bcbe09574d65f5ba561e99b284cbca2baa2379

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://fantoly.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame FB6F 24 B
640 B 279ms
121ms XHR
application/json 209.191.163.209
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: 0ca45f5be84d930ee16a89a5326a0b43ec525adafaf3750991525b7230c6c554

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 24 Aug 2022 03:52:51 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame FB6F 0
333 B 671ms
234ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:50 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame FB6F 0
57 B 124ms
123ms XHR
text/plain 103.231.99.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Wed, 24 Aug 2022 03:52:51 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame FB6F 0
405 B 1114ms
612ms XHR
text/plain 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame FB6F 0
212 B 5ms
5ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=78216795518

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame FB6F 321 B
1 KB 361ms
180ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.ref=https%3A%2F%2Fwww.boxofficeindia.com%2F&tg_i.pbadslot=adpn-adtag-1661313170883&tk_flint=pbjs_lite_v6.15.0&x_source.tid=67c873ff-b93c-465c-9b0b-9fd3b481e507&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7813420184434916
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e556cadf9c2d3ac80c7dbc5432e2a86b7d801fbae7e71f8f31588379aff9072f

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 321
Expires: Wed, 17 Sep 1975 21:32:10 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 402ms
237ms Preflight 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fantoly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://fantoly.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Wed, 24 Aug 2022 03:52:51 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame E3B4 0
212 B 7ms
6ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=12278518139

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame E3B4 0
405 B 1114ms
614ms XHR
text/plain 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame E3B4 0
57 B 60ms
59ms XHR
text/plain 103.231.99.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Wed, 24 Aug 2022 03:52:51 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E3B4 138 B
983 B 100ms
100ms XHR
application/json 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

5ab1ad72360b9625606299e11f7da1dcb73d20972a1a1c1a63cd8f10af8f3439

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7e9e1204-a6bf-4ad6-b25e-0a0f5ff18a8a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame E3B4 0
333 B 710ms
248ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame E3B4 24 B
640 B 301ms
123ms XHR
application/json 209.191.163.209
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: 212d8c5750f42c79d94a5b8843cc6fc487c4fd859c50ccdc87504dc841d80fe2

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 24 Aug 2022 03:52:51 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame E3B4 173 B
187 B 143ms
143ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.boxofficeindia.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=aaf74c15-adc6-43d7-8ef7-8c9b48c7d9ae&nocache=1661313171156&schain=1.0%2C1!adpone.com%2C17b4a2aeebc4bbeea831%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1661313170890&aucs=adpn-adtag-1661313170890&auid=557079286
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 7beb514faa771daa827148c8a5ce4db83a32370b639c26ef331ecc6d37a02b65

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://fantoly.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame E3B4 321 B
1 KB 409ms
209ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.ref=https%3A%2F%2Fwww.boxofficeindia.com%2F&tg_i.pbadslot=adpn-adtag-1661313170890&tk_flint=pbjs_lite_v6.15.0&x_source.tid=aaf74c15-adc6-43d7-8ef7-8c9b48c7d9ae&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7556618471923031
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c96f0527560ab57b9f53f7cd926bc1fc3f91590127631b97857ace8c91182c8f

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 321
Expires: Wed, 17 Sep 1975 21:32:10 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 379ms
236ms Preflight 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fantoly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://fantoly.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Wed, 24 Aug 2022 03:52:51 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 5D92 0
405 B 1115ms
614ms XHR
text/plain 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 5D92 24 B
640 B 315ms
129ms XHR
application/json 209.191.163.209
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: 2b9eca46be876dfd6c77a20d0b836b16f92161166ed04de09c2b3cd6e175a7af

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 24 Aug 2022 03:52:51 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 5D92 0
57 B 60ms
60ms XHR
text/plain 103.231.99.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Wed, 24 Aug 2022 03:52:50 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 5D92 321 B
1 KB 377ms
162ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.ref=https%3A%2F%2Fwww.boxofficeindia.com%2F&tg_i.pbadslot=adpn-adtag-1661313170898&tk_flint=pbjs_lite_v6.15.0&x_source.tid=db15a272-2fa1-4632-a99b-6a7491fbf6b1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9146272203310317
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: bd3a97e517d0c2001cee4acbcca4d9a53e6033678c94f26b3d2e851cd98de173

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 321
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 5D92 173 B
188 B 134ms
134ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.boxofficeindia.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=db15a272-2fa1-4632-a99b-6a7491fbf6b1&nocache=1661313171178&schain=1.0%2C1!adpone.com%2C17b4a2aeebc4bbeea831%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1661313170898&aucs=adpn-adtag-1661313170898&auid=557079286
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 8f798e99d599d36e80f666b306e8a358515b2f8842d01e4dd20b5524ed63f136

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://fantoly.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5D92 19 B
863 B 130ms
130ms XHR
application/json 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5db3ecaf-b175-45f6-b452-9af4ba5ae030
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 5D92 0
212 B 2ms
2ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=68002948609

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 5D92 0
333 B 726ms
221ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 588ms
470ms Preflight 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fantoly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://fantoly.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Wed, 24 Aug 2022 03:52:51 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 35F9 0
333 B 743ms
221ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 35F9 174 B
187 B 171ms
171ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.boxofficeindia.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=33910058-fbe9-436a-ab4a-8ae1df4461b1&nocache=1661313171198&schain=1.0%2C1!adpone.com%2C17b4a2aeebc4bbeea831%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1661313170904&aucs=adpn-adtag-1661313170904&auid=557079286
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: bdbdc3fca78f4a63270ba5342f8b9517bd6eb991012f33f5fc96d926eac1763b

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://fantoly.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 35F9 0
405 B 879ms
612ms XHR
text/plain 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 35F9 19 B
863 B 111ms
111ms XHR
application/json 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 53a11d44-4a28-40bd-b848-bba228c1d858
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 35F9 0
212 B 6ms
6ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=14528940781

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 35F9 24 B
640 B 307ms
127ms XHR
application/json 209.191.163.209
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: 5c01c30b44d1456e0a6a01f59de63a69b43c73c408b8e1f87cacbbc369e13c0f

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 24 Aug 2022 03:52:51 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 35F9 0
57 B 74ms
74ms XHR
text/plain 103.231.99.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Wed, 24 Aug 2022 03:52:51 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 35F9 321 B
1 KB 377ms
185ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.ref=https%3A%2F%2Fwww.boxofficeindia.com%2F&tg_i.pbadslot=adpn-adtag-1661313170904&tk_flint=pbjs_lite_v6.15.0&x_source.tid=33910058-fbe9-436a-ab4a-8ae1df4461b1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.653525629477437
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8f20bf10037c612462d87b75c239693397366410280b9e269e8454ad203c06b0

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 321
Expires: Wed, 17 Sep 1975 21:32:10 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 564ms
469ms Preflight 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fantoly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://fantoly.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Wed, 24 Aug 2022 03:52:51 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 87E5 24 B
640 B 281ms
120ms XHR
application/json 209.191.163.209
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: eea5fc738906b753f609409b900b24e601a19d28bfdf37284c8365dc1392a07b

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 24 Aug 2022 03:52:51 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 87E5 0
406 B 847ms
578ms XHR
text/plain 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 87E5 174 B
188 B 236ms
235ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.boxofficeindia.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=1d73d92f-d723-4d65-bb2b-5e9a548655d5&nocache=1661313171222&schain=1.0%2C1!adpone.com%2C17b4a2aeebc4bbeea831%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1661313170917&aucs=adpn-adtag-1661313170917&auid=557079286
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: d18dfd87a985a6c07af1d0a5d322d0b33c942a849303800ff72f5bd5fac4e481

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://fantoly.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 87E5 0
57 B 77ms
77ms XHR
text/plain 103.231.99.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Wed, 24 Aug 2022 03:52:50 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 87E5 321 B
1 KB 398ms
175ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.ref=https%3A%2F%2Fwww.boxofficeindia.com%2F&tg_i.pbadslot=adpn-adtag-1661313170917&tk_flint=pbjs_lite_v6.15.0&x_source.tid=1d73d92f-d723-4d65-bb2b-5e9a548655d5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9741333949027722
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 896a6761bc70aed487a41767795421fcdcb9fed239fec1b6de57c574f6cf2687

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 321
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 87E5 0
333 B 768ms
247ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 87E5 0
212 B 2ms
2ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=92074148611

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 87E5 19 B
863 B 194ms
193ms XHR
application/json 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2a5210a9-50c8-4792-b8ec-7f590453b56b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 539ms
471ms Preflight 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fantoly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://fantoly.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Wed, 24 Aug 2022 03:52:51 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame E8EE 0
405 B 861ms
594ms XHR
text/plain 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame E8EE 321 B
796 B 358ms
156ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.ref=https%3A%2F%2Fwww.boxofficeindia.com%2F&tg_i.pbadslot=adpn-adtag-1661313170911&tk_flint=pbjs_lite_v6.15.0&x_source.tid=086fb71b-fbf5-4f6b-b20a-ae227dbbdd3a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2553209023130014
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e8dd74c4f1050a2cb0106c9b81b4186e47a8e349fffa00e3a98ac61dad69fec7

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 321
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame E8EE 0
333 B 764ms
233ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame E8EE 0
57 B 91ms
91ms XHR
text/plain 103.231.99.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Wed, 24 Aug 2022 03:52:50 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame E8EE 0
212 B 3ms
2ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=3737904784

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Aug 2022 03:52:51 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame E8EE 173 B
188 B 142ms
142ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.boxofficeindia.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=086fb71b-fbf5-4f6b-b20a-ae227dbbdd3a&nocache=1661313171253&schain=1.0%2C1!adpone.com%2C17b4a2aeebc4bbeea831%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1661313170911&aucs=adpn-adtag-1661313170911&auid=557079286
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 04d49de1eab0c8fd0fba725280762e3541e7f1bde006bb90bfadca6923d384a4

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://fantoly.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E8EE 19 B
863 B 106ms
106ms XHR
application/json 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c05238ea-88f2-4bb5-92db-bc18279f1287
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame E8EE 24 B
640 B 249ms
119ms XHR
application/json 209.191.163.209
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: fc12f24b29374728ebd4b35891b03de0f245a08ad3e1f623fa3708c8ffd0d3b6

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 24 Aug 2022 03:52:51 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 513ms
470ms Preflight 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fantoly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://fantoly.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Wed, 24 Aug 2022 03:52:51 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 7B11 0
212 B 2ms
2ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=50297540150

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 7B11 0
405 B 881ms
614ms XHR
text/plain 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 7B11 0
57 B 68ms
68ms XHR
text/plain 103.231.99.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Wed, 24 Aug 2022 03:52:50 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 7B11 0
333 B 759ms
236ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 7B11 24 B
640 B 253ms
123ms XHR
application/json 209.191.163.209
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: b54019055ffef8025fa47dc17529ee3237eda83bd51c6190a124277fbdc6828d

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 24 Aug 2022 03:52:51 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 7B11 139 B
984 B 119ms
119ms XHR
application/json 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

240d79fcf8bd7c2f7144dd402112a6c9419b6dbabc74ee077c0e77c752350615

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 906e4c16-7f4e-4611-85f2-6788539ee1cb
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 7B11 321 B
796 B 378ms
161ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.ref=https%3A%2F%2Fwww.boxofficeindia.com%2F&tg_i.pbadslot=adpn-adtag-1661313170849&tk_flint=pbjs_lite_v6.15.0&x_source.tid=6d714c70-b570-4154-8c3b-a7f8361d7282&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.95943042717731
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ec7bc0927621536530e88b0ec193a83634b49215c4717f1699bac41d57688ca6

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 321
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 7B11 173 B
189 B 133ms
133ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.boxofficeindia.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=6d714c70-b570-4154-8c3b-a7f8361d7282&nocache=1661313171281&schain=1.0%2C1!adpone.com%2C17b4a2aeebc4bbeea831%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1661313170849&aucs=adpn-adtag-1661313170849&auid=557079286
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 9bb6ab59dd80cef5f96e2d4931cfd46ff6ab1d8e007b5c0352ba60e18179bc54

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://fantoly.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 249ms
237ms Preflight 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fantoly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://fantoly.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Wed, 24 Aug 2022 03:52:51 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 3570 0
212 B 3ms
2ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=92760390158

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Aug 2022 03:52:51 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 3570 0
333 B 815ms
248ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 3570 0
57 B 63ms
62ms XHR
text/plain 103.231.99.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Wed, 24 Aug 2022 03:52:50 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 3570 24 B
640 B 281ms
124ms XHR
application/json 209.191.163.209
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: 60e6a6e6b02fe80a09dfe2af3c36e3db0957fdbfd0ffe8203fb7231eea49e724

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 24 Aug 2022 03:52:51 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 3570 321 B
796 B 419ms
166ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.ref=https%3A%2F%2Fwww.boxofficeindia.com%2F&tg_i.pbadslot=adpn-adtag-1661313170925&tk_flint=pbjs_lite_v6.15.0&x_source.tid=3d25cf29-4ae6-4e32-86a2-b55f7b38f8a0&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9569896053045364
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c60ce519826225fb520162cbce2a743779d16e5eae865e412947ad8bb101412e

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 321
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3570 19 B
863 B 115ms
115ms XHR
application/json 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8f59c36a-ad9a-4b90-ac1e-f943d447ac9c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 3570 0
405 B 1088ms
588ms XHR
text/plain 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 3570 173 B
188 B 126ms
126ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.boxofficeindia.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=3d25cf29-4ae6-4e32-86a2-b55f7b38f8a0&nocache=1661313171306&schain=1.0%2C1!adpone.com%2C17b4a2aeebc4bbeea831%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1661313170925&aucs=adpn-adtag-1661313170925&auid=557079286
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: ee4e8c81122a2d4c08a6f9a950fe315d4770ddd3a6a82997a2b2dcdbfaa1581d

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://fantoly.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK button.b1b167848c287659f2a6ccf2f75db0b5.js Show response
platform.twitter.com/js/ 7 KB
3 KB 199ms
199ms Script
application/javascript 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.b1b167848c287659f2a6ccf2f75db0b5.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nwa/E791) /
Resource Hash: a9729002880774b272306f1cc58eab97d1121239e882419538e5e6548ccc260e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 24 Aug 2022 03:52:51 GMT
Content-Encoding: gzip
Age: 637279
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 2359
x-tw-cdn: VZ
Last-Modified: Mon, 15 Aug 2022 23:01:06 GMT
Server: ECS (nwa/E791)
Etag: "ab91dc5840dfa6af606ebfda8f434b51+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5F95 42 B
64 B 47ms
46ms Fetch
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKGealBo5HTXQfzwqJvz9ngnUOVaXFiKPTWrIOWNl7-zHu_ONjY0u-2D28eeFS3iBg7ZR98zUWLk5fxrI4SLRkBlaHvrY3SXfKSJDvEyhf_sp99Rj96QM-MfaW-64eLUu7X7ksKUfbFg&sai=AMfl-YTDqgcDu730orqKRErhH57Jd6Z-X6hnv1aMLI9saDaBo62dt9vIV8q-ZVr9rRhEmoxHmX9ZL9FmhJDGmzBtIpS88CJECTxG0VG60o87WFCERE5R_OL4dhYejx4&sig=Cg0ArKJSzNX9OX3dqtFIEAE&cid=CAASJORoC5rj247FTM2Ebh3wn5B-UbOkBkjpYnc8kIXBpl8H95f-PA&id=lidar2&mcvt=1306&p=119,1376,719,1536&mtos=1306,1306,1306,1306,1306&tos=1306,0,0,0,0&v=20220822&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1935449629&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661313169597&rpt=388&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7FE7 42 B
64 B 45ms
44ms Fetch
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBGql9D7-a0G8DFW_BAZVSovgdaFwPu1mBHMXgT0wTKq4DSTJbbQOXeLNnpa2MWWjebGEkjFVG6isMhgKfN_XqEBUY9Yrez6YjIqywg9GQR31XKCq6hStYGOjf3yetMvF_F8jg6Xl6og&sai=AMfl-YQA8aQhpCY3LFYX9XfjOUyS_HZaH5b2Pt64BcPNmlMblv4Gnl_2MRfZyt--CHQHyn50iceji5C7KSJooJ2Gr6Shfj4sPM-j41i7UZun6xcE_aBOW1co7q9TK4I&sig=Cg0ArKJSzJSdXBSLQPHoEAE&cid=CAASJORo1HVm0U_ujIOJO4j8pUOiIJdvoOsHebt-OAXxqFLdIo0pvQ&id=lidar2&mcvt=1279&p=838,305,1088,605&mtos=1279,1279,1279,1279,1279&tos=1279,0,0,0,0&v=20220822&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1904640850&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661313169613&rpt=423&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://9025af3eb842a6ee2e4816677f2cb4bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 416ms
416ms Preflight 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fantoly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://fantoly.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Wed, 24 Aug 2022 03:52:51 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 3D59 173 B
188 B 134ms
134ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.boxofficeindia.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=e0a0fca7-9d20-4cab-a32e-b7905dd39b28&nocache=1661313171365&schain=1.0%2C1!adpone.com%2C17b4a2aeebc4bbeea831%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1661313170936&aucs=adpn-adtag-1661313170936&auid=557079286
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 9aa8312eddb2e1fc080363f08c0aa3152978b10ef3c0ef270e9813345aee9002

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://fantoly.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3D59 19 B
863 B 102ms
102ms XHR
application/json 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 61496bed-2cf3-4575-940b-e7a00cd71db9
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 3D59 321 B
796 B 365ms
167ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.ref=https%3A%2F%2Fwww.boxofficeindia.com%2F&tg_i.pbadslot=adpn-adtag-1661313170936&tk_flint=pbjs_lite_v6.15.0&x_source.tid=e0a0fca7-9d20-4cab-a32e-b7905dd39b28&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.013922847376090397
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1d553f4b9e6bb37b68f40746893e341b629667a37f8729a7e930e2e160135286

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 321
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 3D59 0
57 B 63ms
63ms XHR
text/plain 103.231.99.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Wed, 24 Aug 2022 03:52:51 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 3D59 0
212 B 2ms
2ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=74395358303

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Aug 2022 03:52:50 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 3D59 0
333 B 759ms
222ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 3D59 0
405 B 852ms
585ms XHR
text/plain 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 3D59 24 B
640 B 246ms
128ms XHR
application/json 209.191.163.209
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: c82f9168fefbf76291106c682def72ec1dd6b9bdccca0932e3995800342bd665

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 24 Aug 2022 03:52:51 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 391ms
391ms Preflight 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fantoly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://fantoly.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Wed, 24 Aug 2022 03:52:51 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 71C2 0
333 B 773ms
220ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 71C2 0
212 B 3ms
2ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=12602619822

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Aug 2022 03:52:51 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 71C2 321 B
796 B 351ms
161ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.ref=https%3A%2F%2Fwww.boxofficeindia.com%2F&tg_i.pbadslot=adpn-adtag-1661313170942&tk_flint=pbjs_lite_v6.15.0&x_source.tid=b653e0f7-d719-4f78-adbd-5b4bbe80eab7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.47882346211934657
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 945977f247efe72de80119cf4d650edf39e9771a0e97894408c9d9b5e51059b2

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 321
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 71C2 0
57 B 58ms
57ms XHR
text/plain 103.231.99.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Wed, 24 Aug 2022 03:52:50 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 71C2 173 B
189 B 163ms
162ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.boxofficeindia.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=b653e0f7-d719-4f78-adbd-5b4bbe80eab7&nocache=1661313171394&schain=1.0%2C1!adpone.com%2C17b4a2aeebc4bbeea831%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1661313170942&aucs=adpn-adtag-1661313170942&auid=557079286
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 7186a8a6aedacd20caa4990f132a15a6bc3f4bd58facc393445aec9393ca84c7

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://fantoly.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 71C2 19 B
863 B 103ms
103ms XHR
application/json 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:51 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ee82ff29-861d-4c01-a040-32d499648369
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 71C2 0
405 B 854ms
587ms XHR
text/plain 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://fantoly.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 71C2 24 B
640 B 224ms
119ms XHR
application/json 209.191.163.209
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: fdcb4eda869e605f5456996004e11c8d38415ab4ce223f264bdec001109fc6ab

Request headers

Referer: https://fantoly.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 24 Aug 2022 03:52:51 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C483 42 B
64 B 37ms
36ms Fetch
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8NP7-Io3M2DXzaOYn5jJUZJ-WfgwH1oCKdOm3creWWkJFZemQV8sljml-uDXzdsOAkrMZQmAwynJK1XrRhD9JNTaTvMItCfCW3co3eFAC17lTpGSb&sig=Cg0ArKJSzMfPjZ0Gv8t8EAE&id=lidar2&mcvt=1000&p=253,980,503,1280&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220822&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=210909084&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661313170330&rpt=158&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tweet_button.9d00f3a022654eb8edfbc3190e981f9d.en.html Show response
platform.twitter.com/widgets/ Frame FBF1 37 KB
14 KB 200ms
199ms Document
text/html 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.9d00f3a022654eb8edfbc3190e981f9d.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nwa/E791) /
Resource Hash: 9886e9c9284d915916906d857b9d2045318ae29bba7d360b2cad9758deb8a292

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 637279
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13751
Content-Type: text/html; charset=utf-8
Date: Wed, 24 Aug 2022 03:52:51 GMT
Etag: "648fcdf5ca106424a58df2f0cdc5dab8+gzip"
Last-Modified: Mon, 15 Aug 2022 23:01:10 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nwa/E791)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.9d00f3a022654eb8edfbc3190e981f9d.en.html Show response
platform.twitter.com/widgets/ Frame 6978 37 KB
14 KB 399ms
199ms Document
text/html 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.9d00f3a022654eb8edfbc3190e981f9d.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nwa/E791) /
Resource Hash: 9886e9c9284d915916906d857b9d2045318ae29bba7d360b2cad9758deb8a292

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 637279
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13751
Content-Type: text/html; charset=utf-8
Date: Wed, 24 Aug 2022 03:52:51 GMT
Etag: "648fcdf5ca106424a58df2f0cdc5dab8+gzip"
Last-Modified: Mon, 15 Aug 2022 23:01:10 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nwa/E791)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
134 B 198ms
196ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.boxofficeindia.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1661313171536%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2231f0cdc1eaa0f%3A1660602114609%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=c35f75bda4a7ee08e66ea47cd49f0869408ea8b8

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-response-time: 107
date: Wed, 24 Aug 2022 03:52:51 GMT
last-modified: Wed, 24 Aug 2022 03:52:51 GMT
server: tsa_m
vary: Origin
content-type: image/gif
cache-control: must-revalidate, max-age=600
x-connection-hash: 81a4191e52e4d84d25fb3e19c9288cc1e25b25b757fe99ee79aa9ec5d8a0c5c8
strict-transport-security: max-age=631138519
content-length: 43

GET
DATA 200
OK truncated
/ Frame FBF1 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 visitormatch Show response
bh.contextweb.com/ Frame E48E 4 KB
5 KB 117ms
110ms Document
text/html 74.214.196.131
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL

https://bh.contextweb.com/visitormatch

Requested by

Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.214.196.131 Sunnyvale, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

a9f1d18d8c3b69afb0d743185fbbd7b61e535b59ce2d5a54f0b2eb30cedb57da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: private, max-age=0, no-cache, no-store
content-language: jp-JP
content-length: 3879
content-type: text/html;charset=utf-8
cw-server: bh-deployment-685644dfdb-xw84f
expires: -1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame CF22 52 KB
17 KB 16ms
5ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 83078
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 24 Aug 2022 03:52:52 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 118335
X-Served-By: cache-lga21933-LGA, cache-nrt-rjtf7700032-NRT
X-Timer: S1661313172.026667,VS0,VE0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 4E0A
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=Ghh1wcsVdh9rrn1XCQj8&pi=gumgum&tc=1

35 B
250 B

6ms
6ms

Document
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=Ghh1wcsVdh9rrn1XCQj8&pi=gumgum&tc=1
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Wed, 24 Aug 2022 03:52:52 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Wed, 24 Aug 2022 03:52:52 GMT Wed, 24 Aug 2022 03:52:52 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=Ghh1wcsVdh9rrn1XCQj8&pi=gumgum&tc=1
pragma: no-cache

GET
H2 200 index.html Show response
cdn.districtm.io/ids/ Frame 6165 116 B
430 B 28ms
6ms Document
text/html 13.225.165.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.165.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-165-63.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 83915
content-length: 116
content-type: text/html
date: Tue, 23 Aug 2022 04:34:18 GMT
etag: "517f2062d883c0ee35479a2da0c50b8c"
last-modified: Thu, 20 May 2021 02:18:27 GMT
server: AmazonS3
via: 1.1 839de761badea2aa0a28c5970b81514c.cloudfront.net (CloudFront)
x-amz-cf-id: aKIph6xlLgF65Ajiqe6IeChf_Cn_RXjI2JJhWtlkoJ6ZXp75_lcrow==
x-amz-cf-pop: NRT12-C4
x-cache: Hit from cloudfront

GET URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame EB45 0
0

GET
H2 200 pd Show response
jp-u.openx.net/w/1.0/ Frame D1EC 532 B
635 B 44ms
42ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=7af00930-8c4b-4b53-a1b4-753df1d29f4f&gdpr=0
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 0c820ab00f5aa187c473ff261cc8f2433d87503d3102d656a010060152b0fb5f

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 323
content-type: text/html
date: Wed, 24 Aug 2022 03:52:52 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 0E4C 9 KB
4 KB 369ms
119ms Document
text/html 13.225.142.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.142.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-142-2.lax3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 16115
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Tue, 23 Aug 2022 23:24:18 GMT
etag: W/"3b058e9cd661ca6990301a82cf5d448f"
last-modified: Wed, 17 Aug 2022 23:23:08 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 eaf5cf20e530df46eabc6f43f9564604.cloudfront.net (CloudFront)
x-amz-cf-id: gBX9_hRUfK_NRgBavidptQ3NuydCxF1bX1AKLAQn5h5wVUeeDdz6_g==
x-amz-cf-pop: LAX3-C4
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:049b4e88-3480-44ce-bc71-9207efe847a1
x-amz-meta-codebuild-content-md5: 77e8f986028c7819a018b65a51e4d1c5
x-amz-meta-codebuild-content-sha256: 4cf0411e60b9185dacd3ae0196e3adabe45eed1b64ea27e89ed58c43c33d4297
x-cache: Hit from cloudfront

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CF22 0
746 B 102ms
101ms Script
text/html 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:52 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1439acdb-7dc6-4959-bb27-217afeee21b0
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 idsync.d5cb6b96.js Show response
cdn.districtm.io/ids/ Frame 6165 3 KB
4 KB 3ms
3ms Script
application/javascript 13.225.165.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by: Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.165.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-165-63.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 196b425485c119046eada45bc1a473e6c35f7f8c5a94824873535de823af517f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.districtm.io/ids/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 01:07:33 GMT
via: 1.1 839de761badea2aa0a28c5970b81514c.cloudfront.net (CloudFront)
last-modified: Thu, 20 May 2021 02:18:27 GMT
server: AmazonS3
age: 9926
etag: "74ede07ef946dc2316f86b2661cf2dd3"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: NRT12-C4
accept-ranges: bytes
content-length: 3302
x-amz-cf-id: -h2kV0UQjmqgBxEitxBmW2enEmd4MmEXvNg3m4UaU-C7EBGhqBBe7A==

GET buyers
dmx.districtm.io/s/v1/ Frame 6165 0
0

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame D1EC
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8707339851561806265&gdpr=0&gdpr_consent=&us_privacy=

43 B
61 B

62ms
62ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=8707339851561806265&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=7af00930-8c4b-4b53-a1b4-753df1d29f4f&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=8707339851561806265&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Wed, 24 Aug 2022 03:52:51 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame D1EC
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=dcaa27ae-4089-3087-64b0-b1e05886dfd5&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=1245ab29-5810-4c5a-948b-cac4ed82948c&ttd_puid=dcaa27ae-4089-3087-64b0-b1e05886dfd5&gdpr=0&gdpr_consent=

43 B
62 B

45ms
45ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=1245ab29-5810-4c5a-948b-cac4ed82948c&ttd_puid=dcaa27ae-4089-3087-64b0-b1e05886dfd5&gdpr=0&gdpr_consent=
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=7af00930-8c4b-4b53-a1b4-753df1d29f4f&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=1245ab29-5810-4c5a-948b-cac4ed82948c&ttd_puid=dcaa27ae-4089-3087-64b0-b1e05886dfd5&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 335

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame D1EC
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YwWglMCo5tIAAFOKJYAAAAAA

43 B
61 B

47ms
47ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YwWglMCo5tIAAFOKJYAAAAAA
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=7af00930-8c4b-4b53-a1b4-753df1d29f4f&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 62
Date: Wed, 24 Aug 2022 03:52:52 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":62,"gdpr":false,"ipv4":"217.138.252.170","key":"YwWglMCo5tIAAFOKJYAAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40212"}
X-SO-Ads-Time: 2
X-SO-Key: YwWglMCo5tIAAFOKJYAAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40212
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YwWglMCo5tIAAFOKJYAAAAAA
Cache-Control: private
X-SO-HostName: a-ad40212.dc2p.scaleout.jp
Connection: keep-alive
Content-Length: 0
X-SO-LB-Hostname: a-tgng40014.dc2p.scaleout.jp
X-SO-IP: 217.138.252.170

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame D1EC
Redirect Chain

https://cr-p3.ladsp.jp/cookiesender/3
https://cr-pall.ladsp.com/cookiesender/3
https://cr-pall.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AW4q-BjEsFNsks8ADsaW3yXg_88AAAGCzftCpA

43 B
61 B

40ms
39ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AW4q-BjEsFNsks8ADsaW3yXg_88AAAGCzftCpA
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=7af00930-8c4b-4b53-a1b4-753df1d29f4f&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
via: 1.1 9997742b01c06cc7d58bb07736bc8a28.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: NRT12-C4
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AW4q-BjEsFNsks8ADsaW3yXg_88AAAGCzftCpA
cache-control: no-cache
content-length: 0
x-amz-cf-id: GNRKFFudtFUJVadroYO-wPdJM3xGFpHgXQHZY2WqzY6qf-S5DrtlOA==
expires: -1

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame D1EC 170 B
188 B 40ms
40ms Image
image/png 172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjBjNWY0NjQtODlmZS02ZTIzLTcxNTAtZWI1OTkyNjQxMWI1

Requested by

Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=7af00930-8c4b-4b53-a1b4-753df1d29f4f&gdpr=0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-18-178-22-21.ap-northeast-1.compute.amazonaws.com

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame D1EC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC0DXS00iu585nebeDO37cU&google_cver=1

43 B
61 B

43ms
43ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC0DXS00iu585nebeDO37cU&google_cver=1
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=7af00930-8c4b-4b53-a1b4-753df1d29f4f&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC0DXS00iu585nebeDO37cU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rtset
bh.contextweb.com/bh/ Frame E48E
Redirect Chain

https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=3db529f75a14226d&is_secure=true&networkId=14200&version=1&nuid=
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAMOwe98iOBlwN1nV-RAAAAAAA&expiration=1661399572&nuid=&is_secure=true

49 B
901 B

111ms
110ms

Image
image/gif

74.214.196.131
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAMOwe98iOBlwN1nV-RAAAAAAA&expiration=1661399572&nuid=&is_secure=true

Requested by

Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch

Protocol

Server

74.214.196.131 Sunnyvale, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: jp-JP
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif
cw-server: bh-deployment-685644dfdb-xw84f
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAMOwe98iOBlwN1nV-RAAAAAAA&expiration=1661399572&nuid=&is_secure=true
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H/1.1

200
OK

epx.gif
px.owneriq.net/fr/ Frame E48E
Redirect Chain

https://px.owneriq.net/eucm/p/cwc
https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q7145995721007602681&ref=%2Feucm%2Fp%2Fcwc
https://px.owneriq.net/fr/epx.gif

43 B
402 B

71ms
67ms

Image
image/gif

23.34.105.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/fr/epx.gif
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: HTTP/1.1
Server: 23.34.105.210 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-34-105-210.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 24 Aug 2022 03:52:52 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: max-age=382219
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 28 Aug 2022 14:03:11 GMT

Redirect headers

Date: Wed, 24 Aug 2022 03:52:52 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://px.owneriq.net/fr/epx.gif
Cache-Control: max-age=54954
Connection: keep-alive
Content-Type: text/html
Content-Length: 154

GET
H2

200

rtset
bh.contextweb.com/bh/ Frame E48E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=QlhxSlNGOEs2ajVlcW56ZVh5WnNXUQ&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEGIRiMzizdx7jljH_UZ2dBk&google_cver=1

49 B
808 B

113ms
112ms

Image
image/gif

74.214.196.131
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEGIRiMzizdx7jljH_UZ2dBk&google_cver=1

Requested by

Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch

Protocol

Server

74.214.196.131 Sunnyvale, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: jp-JP
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif
cw-server: bh-deployment-685644dfdb-xw84f
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEGIRiMzizdx7jljH_UZ2dBk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 335
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rtset
bh.contextweb.com/bh/ Frame E48E
Redirect Chain

https://x.bidswitch.net/sync?ssp=pulsepoint
https://x.bidswitch.net/ul_cb/sync?ssp=pulsepoint
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpulse...
https://x.bidswitch.net/sync?dsp_id=354&user_id=692c187ba4c240b6906068095f79f699&ssp=pulsepoint&bsw_param=dd5ee5f5-8a47-45bd-b4bc-be5be747ea6d&gdpr=&consent=&gdpr_pd=&expires=7
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=dd5ee5f5-8a47-45bd-b4bc-be5be747ea6d

49 B
873 B

110ms
110ms

Image
image/gif

74.214.196.131
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=dd5ee5f5-8a47-45bd-b4bc-be5be747ea6d

Requested by

Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch

Protocol

Server

74.214.196.131 Sunnyvale, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: jp-JP
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif
cw-server: bh-deployment-685644dfdb-xw84f
expires: -1

Redirect headers

Location: //bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=dd5ee5f5-8a47-45bd-b4bc-be5be747ea6d
Date: Wed, 24 Aug 2022 03:52:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55972/ Frame E48E 0
324 B 16ms
11ms Image
text/plain 18.178.22.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55972/sync?uid=6as43YLsCpxp&_origin=1&gdpr=0&gdpr_consent=

Requested by

Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.178.22.21 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
server: ATS/9.1.10.25
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

xuid
eb2.3lift.com/ Frame E48E
Redirect Chain

https://eb2.3lift.com/xuid?mid=2636&xuid=6as43YLsCpxp&dongle=8bee
https://eb2.3lift.com/xuid?ld=1&mid=2636&xuid=6as43YLsCpxp&dongle=8bee&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

74ms
72ms

Image
image/gif

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2636&xuid=6as43YLsCpxp&dongle=8bee&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2636&xuid=6as43YLsCpxp&dongle=8bee&gdpr=0&cmp_cs=&us_privacy=
date: Wed, 24 Aug 2022 03:52:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 v1
match.sharethrough.com/sync/ Frame E48E 68 B
279 B 227ms
76ms Image
image/png 52.220.82.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=790d3e0174b12a86f1cbebf4&source_user_id=6as43YLsCpxp
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.220.82.81 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-220-82-81.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

GET
H/1.1 200
OK pp
match.prod.bidr.io/cookie-sync/ Frame E48E 43 B
430 B 20ms
3ms Image
image/gif 18.176.162.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/pp

Requested by

Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.176.162.247 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-176-162-247.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:52 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cs
cs.lkqd.net/ Frame E48E
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001299&dspCookie=6as43YLsCpxp
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=d0c18034

43 B
309 B

517ms
161ms

Image
image/gif

146.20.128.135
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=109&partnerUserId=d0c18034
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Server: 146.20.128.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

date: Wed, 24 Aug 2022 03:52:52 GMT
via: 1.1 234e9be7d7243ea51bdddd284d99c552.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: NRT12-C5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cs.lkqd.net/cs?partnerId=109&partnerUserId=d0c18034
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: d1lCGLW25hxHeMeywyA8lfVPe02_rvg5fXCZnxGpTc6dsyj2IPWKSQ==

GET
H2

200

rtset
bh.contextweb.com/bh/ Frame E48E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pulsepoint_inc_&google_cm&google_hm=6as43YLsCpxp
https://bh.contextweb.com/bh/rtset?pid=559960&ev=1&google_gid=CAESEI1CeZKnd0BkR-auo6ZUvsI&google_cver=1

49 B
836 B

114ms
114ms

Image
image/gif

74.214.196.131
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?pid=559960&ev=1&google_gid=CAESEI1CeZKnd0BkR-auo6ZUvsI&google_cver=1

Requested by

Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch

Protocol

Server

74.214.196.131 Sunnyvale, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: jp-JP
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif
cw-server: bh-deployment-685644dfdb-xw84f
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://bh.contextweb.com/bh/rtset?pid=559960&ev=1&google_gid=CAESEI1CeZKnd0BkR-auo6ZUvsI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
trc.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/ Frame E48E 0
287 B 82ms
72ms Image
text/plain 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?taboola_hm=6as43YLsCpxp
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-vcl-time-ms: 70
date: Wed, 24 Aug 2022 03:52:52 GMT
via: 1.1 varnish
server: nginx
x-timer: S1661313172.163005,VS0,VE70
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-tyo11973-TYO

GET
H2 200 sync
partners.tremorhub.com/ Frame E48E 43 B
182 B 191ms
187ms Image
image/gif 2600:1f18:612b:4232:40ff:2de3:a398:119a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?uipp=6as43YLsCpxp
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:40ff:2de3:a398:119a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 UserMatch.ashx
atemda.com/ Frame E48E 43 B
1 KB 201ms
184ms Image
image/gif 35.190.113.31
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atemda.com/UserMatch.ashx?bidderid=97&bidderuid=6as43YLsCpxp
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.113.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 31.113.190.35.bc.googleusercontent.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
via: 1.1 google
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
p3p: CP="NOI DSP NID BUS UNI COM NAV INT STA OTC CURa ADMa DEVa PSAa PSDa OUR"
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Wed, 24 Aug 2022 03:52:52 GMT

GET
H2 200 um
sync.teads.tv/ Frame E48E 23 B
172 B 11ms
7ms Image
image/gif 23.45.61.118
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=142&uid=6as43YLsCpxp&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.61.118 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-45-61-118.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 24 Aug 2022 03:52:52 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame E48E 43 B
556 B 195ms
191ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=6as43YLsCpxp&ex=Pulsepoint

Requested by

Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:52 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: BEVCMTMTTZAXGWK5Q98G
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame E48E 42 B
702 B 126ms
123ms Image
image/gif 8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=6as43YLsCpxp
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Content-Type: image/gif

GET
H2 200 usersync
sync.springserve.com/ Frame E48E 43 B
206 B 239ms
78ms Image
image/gif 52.74.109.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.springserve.com/usersync?aid=849&uuid=6as43YLsCpxp
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.74.109.78 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-109-78.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 24 Aug 2022 03:52:52 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 rum
dsum.casalemedia.com/ Frame E48E 43 B
946 B 109ms
89ms Image
image/gif 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=189&external_user_id=6as43YLsCpxp&expiration=[EXPIRATION]
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73f9233e9be78a57-NRT
pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8iVY8rvyAX0cWOXc1ZP0qYfzqUDX76O4iIfP8RMn%2BxAMx1Z6y1IK%2Bppz5wC7KfBx%2FNRyGkqxpQYMMAHuDHpj2kep5EFpJ6SravKgfTORDVzjWvyni2G9naTe1JsMMWlRiHXFJi5%2B"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

GET
H2

200

redirect
exchange.mediavine.com/usersync/ Frame E48E
Redirect Chain

https://sync.colossusssp.com/pp.gif?puid=6as43YLsCpxp
https://exchange.mediavine.com/usersync/redirect?partner=huddled_masses&uuid=[MediavineId]&partnerId=f175d852-426a-4654-8f25-20cb4344f0c3

36 B
36 B

463ms
151ms

Image
text/html

54.244.160.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/redirect?partner=huddled_masses&uuid=[MediavineId]&partnerId=f175d852-426a-4654-8f25-20cb4344f0c3
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Server: 54.244.160.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-244-160-5.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:53 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

Redirect headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:52 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Location: https://exchange.mediavine.com/usersync/redirect?partner=huddled_masses&uuid=[MediavineId]&partnerId=f175d852-426a-4654-8f25-20cb4344f0c3
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: 0

GET
H2 204 /
trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame E48E 0
56 B 78ms
78ms Image
text/plain 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=6as43YLsCpxp
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-vcl-time-ms: 69
date: Wed, 24 Aug 2022 03:52:52 GMT
via: 1.1 varnish
server: nginx
x-timer: S1661313172.268281,VS0,VE69
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-tyo11973-TYO

GET
H/1.1

200
OK

55660
i6.liadm.com/s/ Frame E48E
Redirect Chain

https://i.liadm.com/s/55660?bidder_id=98251&bidder_uuid=6as43YLsCpxp
https://i.liadm.com/s/55660?bidder_id=98251&bidder_uuid=6as43YLsCpxp&_li_chk=true&previous_uuid=af988b8e3e554962b3a39919f5949c20
https://i6.liadm.com/s/55660?bidder_id=98251&bidder_uuid=6as43YLsCpxp

43 B
419 B

540ms
179ms

Image
image/gif

2600:1f18:ed:550a:d1f3:ae88:6e00:a5d2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/55660?bidder_id=98251&bidder_uuid=6as43YLsCpxp

Requested by

Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch

Protocol

HTTP/1.1

Server

2600:1f18:ed:550a:d1f3:ae88:6e00:a5d2 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 24 Aug 2022 03:52:53 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/55660?bidder_id=98251&bidder_uuid=6as43YLsCpxp
Date: Wed, 24 Aug 2022 03:52:52 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H3

200

m
cm.mgid.com/ Frame E48E
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=400&user_id=6as43YLsCpxp&expires=30&user_group=[NUMERICAL_VALUE]
https://cm.mgid.com/m?cdsp=433145&c=dd5ee5f5-8a47-45bd-b4bc-be5be747ea6d&gdpr=&consentData=&uspString=
https://cm.mgid.com/m?c=dd5ee5f5-8a47-45bd-b4bc-be5be747ea6d&cdsp=433145&consentData=&gdpr=&uspString=&sct=1

43 B
387 B

177ms
171ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?c=dd5ee5f5-8a47-45bd-b4bc-be5be747ea6d&cdsp=433145&consentData=&gdpr=&uspString=&sct=1
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H3
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 73f923408aab781f-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
location: https://cm.mgid.com/m?c=dd5ee5f5-8a47-45bd-b4bc-be5be747ea6d&cdsp=433145&consentData=&gdpr=&uspString=&sct=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 73f9233f6c3480cb-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H2 204 bid
cs.chocolateplatform.com/ Frame E48E 0
68 B 827ms
159ms Image
text/plain 159.203.145.121
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.chocolateplatform.com/bid?advid=5771&bcid=6as43YLsCpxp
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Chocolate Cookie Sync Powered by Vdopia /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
server: Chocolate Cookie Sync Powered by Vdopia

GET
H/1.1 200
OK setuid
ib.adnxs.com/ Frame E48E 43 B
1 KB 101ms
101ms Image
image/gif 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=494&code=6as43YLsCpxp

Requested by

Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

a23-45-56-26.deploy.static.akamaitechnologies.com

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:52 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3f131c8f-6014-4dfc-8be4-5a7b100a096c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sd
us-u.openx.net/w/1.0/ Frame E48E 43 B
61 B 49ms
47ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=545637763&val=6as43YLsCpxp
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame E48E 42 B
420 B 23ms
7ms Image
image/gif 103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTkmdGw9MTI5NjAw&piggybackCookie=6as43YLsCpxp
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 cksync.php
hbx.media.net/ Frame E48E 45 B
609 B 111ms
45ms Image
image/gif 23.45.56.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hbx.media.net/cksync.php?cs=3&type=ppt&ovsid=6as43YLsCpxp&redirect=http://adnetwork.com/redirect/link

Requested by

Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Wed, 24 Aug 2022 03:52:52 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Wed, 24 Aug 2022 03:52:52 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame E48E 0
308 B 444ms
109ms Image
text/plain 66.225.223.191
NTTA-3946

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid=6as43YLsCpxp&obUid=&gdpr=&gdpr_consent=
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.225.223.191 , United States, ASN3949 (NTTA-3946, US),
Reverse DNS: sa.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 24 Aug 2022 03:52:52 GMT
Cache-Control: no-cache
X-TraceId: 26c0d6146876331612136e6547b37b4c
Content-Length: 0

GET
H2

200

like.php Show response
www.facebook.com/v2.6/plugins/ Frame 798A
Redirect Chain

https://web.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df52f4391c12fd4%26do...
https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df52f4391c12fd4%26do...

48 KB
15 KB

203ms
186ms

Document
text/html

2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df52f4391c12fd4%26domain%3Dwww.boxofficeindia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.boxofficeindia.com%252Ff1dc83673a5259c%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.boxofficeindia.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90&_rdc=1&_rdr

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=ee1106a12264a17f3cb037a9f70c8c05

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

84185fd1258d251effbbe6e677ea2a992092dfbf5460b136b80194a5f150218e

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Wed, 24 Aug 2022 03:52:52 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v8.0
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: RrXhz8poWoIt6Oc7gses7QUOJJx65EMiCH5NGo18tH6OcEjQplZ24mWvv63ak7/hnPDs2mkVJs8tTOPr3u/Itw==
x-fb-rlafr: 0
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Wed, 24 Aug 2022 03:52:52 GMT
location: https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df52f4391c12fd4%26domain%3Dwww.boxofficeindia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.boxofficeindia.com%252Ff1dc83673a5259c%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.boxofficeindia.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90&_rdc=1&_rdr
strict-transport-security: max-age=15552000; preload
x-fb-debug: FLLEKLlLpc/pDjBhe53sCAATxG5iKdpHOwB8hgHIvju/lWva0/N6KWW7Ngba5WXeYYlHXfFcDMoxOKUGHKwlXQ==
x-fb-zr-redirect: 02|1661399572|

GET
H2

200

like.php Show response
www.facebook.com/v2.6/plugins/ Frame B23C
Redirect Chain

https://web.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df122bb73614c694%26d...
https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df122bb73614c694%26d...

48 KB
18 KB

203ms
181ms

Document
text/html

2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df122bb73614c694%26domain%3Dwww.boxofficeindia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.boxofficeindia.com%252Ff1dc83673a5259c%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.boxofficeindia.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90&_rdc=1&_rdr

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=ee1106a12264a17f3cb037a9f70c8c05

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

19163587da781eda277eebe9d325fc46e0d0bdc1056f21e1223852e13b09b45d

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Wed, 24 Aug 2022 03:52:52 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v8.0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: gGPTikyFqV+E48scIAjDeaY5AJfBPzUl0R2YAxEIUBMpv+5xXTaUo5SI+eUyiB4gBZTQ4vr+MKaHe0+Q8WrSHg==
x-fb-rlafr: 0
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Wed, 24 Aug 2022 03:52:52 GMT
location: https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df122bb73614c694%26domain%3Dwww.boxofficeindia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.boxofficeindia.com%252Ff1dc83673a5259c%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.boxofficeindia.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90&_rdc=1&_rdr
strict-transport-security: max-age=15552000; preload
x-fb-debug: z8+ypk5MQWO4XMSpzPaPRI2M2TY+x/pVrMpj7fLoVZ5rnf11c/yF6cE4OFXxwskDSlXFEfMdYDWmJaGUg3I+ew==
x-fb-zr-redirect: 02|1661399572|

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 231C 15 KB
6 KB 4ms
3ms Document
text/html 23.44.52.240
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-52-240.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=159238
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 24 Aug 2022 03:52:52 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 26 Aug 2022 00:06:50 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 5E11 4 KB
2 KB 9ms
9ms Document
text/html 54.64.204.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.204.44 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-204-44.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e8c701759c63671abd80e683b0a0405cfda2827b5ff65e6aef61e30cc00dcc8

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 24 Aug 2022 03:52:52 GMT
etag: W/"05b0f6c6bc9756b04f64497fb77c30242"
server: nginx
timing-allow-origin: *

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame D857 2 KB
863 B 234ms
234ms Document
text/html 51.79.234.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip100.ip-51-79-234.net

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK sync Show response
ssbsync.smartadserver.com/api/ Frame 8A29 582 B
832 B 773ms
226ms Document
text/html 185.86.137.107
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 2f9a1b26443d54d556ff032ee78eeba8257af133f0aa73bbbdf690b03e7c188c

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-length: 582
content-type: text/html
date: Wed, 24 Aug 2022 03:52:52 GMT

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 1C19 2 KB
2 KB 93ms
89ms Document
text/html 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5c4c9a650181e0bee9a69bc7038747aa32a3c5a230171cb681ba1cc9bfd791d

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 73f9233fac691ec4-NRT
content-encoding: br
content-type: text/html
date: Wed, 24 Aug 2022 03:52:52 GMT
dropped-udsids: 73|88|4|3|176|17|241|230
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2a3YjIgLjwHP%2FlF29rJjRqB8MBasKenbKgSLj6sNCqFcy6rRm6fr8flUg%2BjaGI%2Fngge0OOrgo54yR7sZhzHHM3vbnd77iWZJZczYwFHwh1tn7UzjjuNPHyNN2SRfL96Lt1f%2BH2s8L8KBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 0786
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
554 B

2ms
2ms

Document
text/html

23.207.98.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.98.70 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-98-70.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 24 Aug 2022 03:52:52 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 24 Aug 2022 03:52:52 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H/1.1

200
OK

setuid
x.yieldlift.com/ Frame 0E4C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L772YV4V-W-23GL&gdpr=0&us_privacy=1YN-

0
570 B

732ms
184ms

Image
application/json

52.71.232.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.yieldlift.com/setuid?bidder=rubicon&uid=L772YV4V-W-23GL&gdpr=0&us_privacy=1YN-
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Server: 52.71.232.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-232-26.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Accept: application/json
Pragma: no-cache
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: application/json;charset=utf-8

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://x.yieldlift.com/setuid?bidder=rubicon&uid=L772YV4V-W-23GL&gdpr=0&us_privacy=1YN-
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Expires: 0

GET
H2

200

sync
ads.servenobid.com/ Frame 0E4C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=946538179684156045

0
344 B

133ms
133ms

Image
image/avif

44.236.161.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=946538179684156045
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 44.236.161.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-161-59.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:52 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4129a5bd-e9a0-4879-97eb-5d516dabbf6a
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ads.servenobid.com/sync?pid=312&uid=946538179684156045
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 0E4C
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ads.servenobid.com/sync?pid=310&uid=FMooDBZHjj-SffxaTfOA-VXs

0
350 B

149ms
149ms

Image
image/avif

44.236.161.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=FMooDBZHjj-SffxaTfOA-VXs
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 44.236.161.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-161-59.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:52 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=FMooDBZHjj-SffxaTfOA-VXs
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2sfo1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 0E4C
Redirect Chain

https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=310&uid=FMooDBZHjj-SffxaTfOA-VXs

0
350 B

137ms
134ms

Image
image/avif

44.236.161.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=FMooDBZHjj-SffxaTfOA-VXs
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 44.236.161.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-161-59.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Date: Wed, 24 Aug 2022 03:52:52 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ads.servenobid.com/sync?pid=310&uid=FMooDBZHjj-SffxaTfOA-VXs
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

sync
ads.servenobid.com/ Frame 0E4C
Redirect Chain

https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiN2VmZTdhNTEtMWE1MC00YWQ2LWE3OTUtOTA0OTk4YmVhNWI5IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yNFQwMzo1Mjo1My4wNDQ0NjJaIn0=

0
431 B

135ms
134ms

Image
image/avif

44.236.161.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiN2VmZTdhNTEtMWE1MC00YWQ2LWE3OTUtOTA0OTk4YmVhNWI5IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yNFQwMzo1Mjo1My4wNDQ0NjJaIn0=
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 44.236.161.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-161-59.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:53 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiN2VmZTdhNTEtMWE1MC00YWQ2LWE3OTUtOTA0OTk4YmVhNWI5IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yNFQwMzo1Mjo1My4wNDQ0NjJaIn0=
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 0E4C
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1661313172603
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=194953402
https://sync.1rx.io/usersync/tradedesk/1245ab29-5810-4c5a-948b-cac4ed82948c
https://sync.targeting.unrulymedia.com/csync/RX-b63ab76e-7c82-4b1f-8f3f-d6b0cd20892b-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-b63ab76e-7c82-4b1f-8f3f-d6b0cd20892b-004
https://usersync.gumgum.com/usersync?b=rhy&i=RX-b63ab76e-7c82-4b1f-8f3f-d6b0cd20892b-004

35 B
250 B

6ms
5ms

Image
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=rhy&i=RX-b63ab76e-7c82-4b1f-8f3f-d6b0cd20892b-004
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:53 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=rhy&i=RX-b63ab76e-7c82-4b1f-8f3f-d6b0cd20892b-004
date: Wed, 24 Aug 2022 03:52:52 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXb63ab76e7c824b1f8f3fd6b0cd20892b004
content-type: text/html

GET
H2

200

sync
ads.servenobid.com/ Frame 0E4C
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=1975461764906759562

0
344 B

133ms
132ms

Image
image/avif

44.236.161.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=1975461764906759562
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 44.236.161.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-161-59.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=1975461764906759562
Date: Wed, 24 Aug 2022 03:52:52 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

sync
ads.servenobid.com/ Frame 0E4C
Redirect Chain

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
https://ads.servenobid.com/sync?pid=332&uid=efa47180-8807-4c47-9e7c-a77686bac818

0
356 B

135ms
134ms

Image
image/avif

44.236.161.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=332&uid=efa47180-8807-4c47-9e7c-a77686bac818
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 44.236.161.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-161-59.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:53 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:53 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-lax-1-5-32
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://ads.servenobid.com/sync?pid=332&uid=efa47180-8807-4c47-9e7c-a77686bac818
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

ImgSync
image8.pubmatic.com/AdServer/ Frame 0E4C
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F51%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D92ae906c-01da-48eb-b52d-c9e02ea5b9b6%26bidder%3Dappnexus%26cbx%3Da...
https://prebid.a-mo.net/cchain/0/51?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=92ae906c-01da-48eb-b52d-c9e02ea5b9b6&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&ui...
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....

0
42 B

14ms
2ms

Image
text/plain

103.231.99.242
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F1%252F51%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253D92ae906c-01da-48eb-b52d-c9e02ea5b9b6%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 103.231.99.242 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:53 GMT
content-length: 0

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F1%252F51%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253D92ae906c-01da-48eb-b52d-c9e02ea5b9b6%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
date: Wed, 24 Aug 2022 03:52:53 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy
content-length: 0

GET
H2

200

sync
ads.servenobid.com/ Frame 0E4C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58559/occ
https://ads.servenobid.com/sync?pid=337&uid=y-Hmr4NWlE2uFHNZlJipOhT9dUvR2HlPLxOGRp35Q-~A

0
367 B

134ms
133ms

Image
image/avif

44.236.161.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=337&uid=y-Hmr4NWlE2uFHNZlJipOhT9dUvR2HlPLxOGRp35Q-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 44.236.161.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-161-59.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=337&uid=y-Hmr4NWlE2uFHNZlJipOhT9dUvR2HlPLxOGRp35Q-~A
date: Wed, 24 Aug 2022 03:52:52 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 redirectuser
ssp.disqus.com/ Frame 0E4C 0
218 B 680ms
310ms Image
text/plain 54.210.168.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.210.168.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-210-168-223.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:53 GMT
cache-control: no-store
vary: origin
expires: 0

GET
H2

200

sync
ads.servenobid.com/ Frame 0E4C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58632/occ
https://ads.servenobid.com/sync?pid=339&uid=y-Hmr4NWlE2uFHNZlJipOhT9dUvR2HlPLxOGRp35Q-~A

0
367 B

134ms
134ms

Image
image/avif

44.236.161.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=339&uid=y-Hmr4NWlE2uFHNZlJipOhT9dUvR2HlPLxOGRp35Q-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 44.236.161.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-161-59.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=339&uid=y-Hmr4NWlE2uFHNZlJipOhT9dUvR2HlPLxOGRp35Q-~A
date: Wed, 24 Aug 2022 03:52:52 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 5E11
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=946538179684156045

35 B
250 B

5ms
4ms

Image
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=946538179684156045
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:52 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:52 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f56c6a1f-f65c-4131-9397-9e8c02e7cefd
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://usersync.gumgum.com/usersync?b=apn&i=946538179684156045
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 5E11
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_eded0877-758f-44f1-a009-c9572ea5e2c5&gdpr=0&gdpr_consent=&us_privacy=1---
https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=HVoMiEpZBYkGUFmJH1gRhRoMBI4GWQ6KTl2iUIZq
https://usersync.gumgum.com/usersync?b=bsw&i=dd5ee5f5-8a47-45bd-b4bc-be5be747ea6d

35 B
250 B

7ms
6ms

Image
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=bsw&i=dd5ee5f5-8a47-45bd-b4bc-be5be747ea6d
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:52 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Location: //usersync.gumgum.com/usersync?b=bsw&i=dd5ee5f5-8a47-45bd-b4bc-be5be747ea6d
Date: Wed, 24 Aug 2022 03:52:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 5E11
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28E3Uc1XFfx2tvLplH1IuKNCmupMoSOX9f2Li17nqf33wbdMmfRhpy_lhnQ9Y47Wxi%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_eded0877-758f-44f1-a009-c9572ea5e2c5&obuid=ENC(E3Uc1XFfx2tvLplH1IuKNCmupMoSOX9f2Li17nqf33wbdMmfRhpy_lhnQ9Y47Wxi)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DE3Uc1XFfx2tvLplH1IuKNCmupMoSOX9f2Li17nqf33wbdMmfRhpy_lhnQ9Y47Wxi
https://sync.outbrain.com/cookie-sync?p=smaato&uid=d0c18034&obUid=E3Uc1XFfx2tvLplH1IuKNCmupMoSOX9f2Li17nqf33wbdMmfRhpy_lhnQ9Y47Wxi

0
145 B

415ms
414ms

Image
text/plain

66.225.223.191
NTTA-3946

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=smaato&uid=d0c18034&obUid=E3Uc1XFfx2tvLplH1IuKNCmupMoSOX9f2Li17nqf33wbdMmfRhpy_lhnQ9Y47Wxi
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 66.225.223.191 , United States, ASN3949 (NTTA-3946, US),
Reverse DNS: sa.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 24 Aug 2022 03:52:53 GMT
Cache-Control: no-cache
X-TraceId: a5a83f21e765d8a0c679e2837f770d14
Content-Length: 0

Redirect headers

date: Wed, 24 Aug 2022 03:52:53 GMT
via: 1.1 234e9be7d7243ea51bdddd284d99c552.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: NRT12-C5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.outbrain.com/cookie-sync?p=smaato&uid=d0c18034&obUid=E3Uc1XFfx2tvLplH1IuKNCmupMoSOX9f2Li17nqf33wbdMmfRhpy_lhnQ9Y47Wxi
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: crkg8sNJtc098_HIi0q2FWneuojE6cMCilrQ-r8nJJAK3EoCG7CLjQ==

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 5E11
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=2b9783de-689c-08d1-03cb-a10d90d6de93

35 B
250 B

10ms
9ms

Image
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=2b9783de-689c-08d1-03cb-a10d90d6de93
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:52 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

date: Wed, 24 Aug 2022 03:52:52 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://usersync.gumgum.com/usersync?b=opx&i=2b9783de-689c-08d1-03cb-a10d90d6de93
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 5E11
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-71219d1c-f5e3-4888-6042-2239082a3e5f$ip$217.138.252.170

35 B
250 B

7ms
6ms

Image
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-71219d1c-f5e3-4888-6042-2239082a3e5f$ip$217.138.252.170
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:53 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-71219d1c-f5e3-4888-6042-2239082a3e5f$ip$217.138.252.170
Date: Wed, 24 Aug 2022 03:52:53 GMT
Connection: keep-alive
Content-Length: 129
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 5E11
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-1tknwEJE2pe0ALg.Fep5A5i9Z1.P6hzoYVby~A

35 B
250 B

7ms
6ms

Image
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-1tknwEJE2pe0ALg.Fep5A5i9Z1.P6hzoYVby~A
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:52 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

date: Wed, 24 Aug 2022 03:52:52 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://usersync.gumgum.com/usersync?b=oth&i=y-1tknwEJE2pe0ALg.Fep5A5i9Z1.P6hzoYVby~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 5E11
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
https://usersync.gumgum.com/usersync?b=vnt&i=108b88de-78de-4544-957a-e4adb3ae4be2

35 B
250 B

7ms
7ms

Image
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=108b88de-78de-4544-957a-e4adb3ae4be2
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:53 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=108b88de-78de-4544-957a-e4adb3ae4be2
Date: Wed, 24 Aug 2022 03:52:53 GMT
X-CI-RTID: 2ad0ed43-5c9c-4ab8-a351-29bd59febd06
Connection: keep-alive
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H2 204 services
sync.technoratimedia.com/ Frame 5E11 0
293 B 471ms
154ms Image
text/plain 193.122.174.27
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 904664060
access-control-allow-origin: https://g2.gumgum.com/
access-control-allow-credentials: true

GET
H2 200 142
match.deepintent.com/usersync/ Frame 5E11 0
44 B 538ms
176ms Image
text/plain 38.91.45.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
content-length: 0
server: c

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 5E11
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=a_eded0877-758f-44f1-a009-c9572ea5e2c5&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://stags.bluekai.com/site/23178?id=_kB5siN-kRx1oTajYr3z&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2X3LII2XG2KOFVVVE6BRN5KGC2SZOIZXU...
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=_kB5siN-kRx1oTajYr3z&us_privacy=1---

35 B
250 B

4ms
4ms

Image
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=_kB5siN-kRx1oTajYr3z&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:53 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:53 GMT
P3p: CP="We do not support P3P header."
Location: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=_kB5siN-kRx1oTajYr3z&us_privacy=1---
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 123
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 5E11
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://usersync.gumgum.com/usersync?b=idi&i=09abe07e-0fc9-413d-bdb8-ece6a460388f

35 B
250 B

7ms
7ms

Image
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=idi&i=09abe07e-0fc9-413d-bdb8-ece6a460388f
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:52 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=idi&i=09abe07e-0fc9-413d-bdb8-ece6a460388f
date: Wed, 24 Aug 2022 03:52:52 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 5E11
Redirect Chain

https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1661313172603
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4107321429
https://sync.1rx.io/usersync/tradedesk/1245ab29-5810-4c5a-948b-cac4ed82948c
https://sync.targeting.unrulymedia.com/csync/RX-b63ab76e-7c82-4b1f-8f3f-d6b0cd20892b-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-b63ab76e-7c82-4b1f-8f3f-d6b0cd20892b-004
https://usersync.gumgum.com/usersync?b=rhy&i=RX-b63ab76e-7c82-4b1f-8f3f-d6b0cd20892b-004

35 B
250 B

4ms
3ms

Image
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=rhy&i=RX-b63ab76e-7c82-4b1f-8f3f-d6b0cd20892b-004
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:53 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=rhy&i=RX-b63ab76e-7c82-4b1f-8f3f-d6b0cd20892b-004
date: Wed, 24 Aug 2022 03:52:52 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXb63ab76e7c824b1f8f3fd6b0cd20892b004
content-type: text/html

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 5E11
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=6as43YLsCpxp&ev=1&pid=558355

35 B
250 B

6ms
6ms

Image
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=6as43YLsCpxp&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:52 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: jp-JP
location: https://usersync.gumgum.com/usersync?b=pln&i=6as43YLsCpxp&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-685644dfdb-xw84f
expires: -1

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 5E11
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=5902453871690295319

35 B
250 B

6ms
5ms

Image
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=5902453871690295319
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:53 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=5902453871690295319
date: Wed, 24 Aug 2022 03:52:52 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 5E11 0
357 B 141ms
132ms Image
image/avif 44.236.161.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=a_eded0877-758f-44f1-a009-c9572ea5e2c5
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.161.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-161-59.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 231C 0
39 B 5ms
0ms Script
text/plain 103.231.99.243
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=7161486&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
content-length: 0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame F800
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://usersync.gumgum.com/usersync?b=mmh&i=963d6305-a091-4f00-a404-fe3f6aab10e4&gdpr=0&gdpr_consent=

35 B
250 B

5ms
5ms

Document
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=mmh&i=963d6305-a091-4f00-a404-fe3f6aab10e4&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Wed, 24 Aug 2022 03:52:52 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Wed, 24 Aug 2022 03:52:52 GMT
Expires: Wed, 24 Aug 2022 03:52:51 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4494 7cf1da7 master hkg-pixel-x21 config:1.0.0
location: https://usersync.gumgum.com/usersync?b=mmh&i=963d6305-a091-4f00-a404-fe3f6aab10e4&gdpr=0&gdpr_consent=

GET URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame AFBF 0
0

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame 8DA0 170 B
188 B 51ms
44ms Document
image/png 172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9lZGVkMDg3Ny03NThmLTQ0ZjEtYTAwOS1jOTU3MmVhNWUyYzU=&gdpr=0&gdpr_consent=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 03:52:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C4B3 15 KB
6 KB 9ms
2ms Document
text/html 23.44.52.240
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-52-240.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=159238
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 24 Aug 2022 03:52:52 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 26 Aug 2022 00:06:50 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 1879
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=ttd&i=1245ab29-5810-4c5a-948b-cac4ed82948c

35 B
250 B

32ms
11ms

Document
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=ttd&i=1245ab29-5810-4c5a-948b-cac4ed82948c
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Wed, 24 Aug 2022 03:52:52 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: private,no-cache, must-revalidate
content-length: 193
content-type: text/html
date: Wed, 24 Aug 2022 03:52:52 GMT
location: https://usersync.gumgum.com/usersync?b=ttd&i=1245ab29-5810-4c5a-948b-cac4ed82948c
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 um Show response
cs.emxdgt.com/ Frame 90FC 0
67 B 551ms
181ms Document
text/plain 54.156.87.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.87.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-87-203.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 24 Aug 2022 03:52:52 GMT
server: awselb/2.0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 544C
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=YwWglMCo5tIAAFOKJcoAAAAA

35 B
250 B

21ms
9ms

Document
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=YwWglMCo5tIAAFOKJcoAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Wed, 24 Aug 2022 03:52:52 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Wed, 24 Aug 2022 03:52:52 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=YwWglMCo5tIAAFOKJcoAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 2
X-SO-Cluster-ID: 47
X-SO-HostName: m-ad29.dc4p.scaleout.jp
X-SO-IP: 217.138.252.170
X-SO-Key: YwWglMCo5tIAAFOKJcoAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":47,"gdpr":false,"ipv4":"217.138.252.170","key":"YwWglMCo5tIAAFOKJcoAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad29"}
X-SO-LB-Hostname: a-tgng40014.dc2p.scaleout.jp
X-SO-Upstream-ID: m-ad29

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 2259
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
https://usersync.gumgum.com/usersync?b=iex&i=YwWgkRkfV1XxQV2lcYMt3AAA%26901

35 B
250 B

5ms
5ms

Document
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=iex&i=YwWgkRkfV1XxQV2lcYMt3AAA%26901
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Wed, 24 Aug 2022 03:52:52 GMT
Expires: 0
Pragma: no-cache

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 73f9233fec8f1ec4-NRT
content-length: 0
date: Wed, 24 Aug 2022 03:52:52 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
location: https://usersync.gumgum.com/usersync?b=iex&i=YwWgkRkfV1XxQV2lcYMt3AAA%26901
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BmxGlvjCfukzL9VEsCbRotDiHPaAGr6nWc9gJkkV4sEaDZyB5AB9SnJ9Qlw0%2BuwU8cfoAEug1OGUgeDcoSGVZiUuE7tp8RnWTjEswqxEHXuQwdl2LAgauyKpptIIhDkBIM98whIi1D%2B3A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame DFB0
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=Ghh1wcsVdh9rrn1XCQj8&pi=gumgum&tc=1

35 B
250 B

4ms
4ms

Document
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=Ghh1wcsVdh9rrn1XCQj8&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Wed, 24 Aug 2022 03:52:52 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Wed, 24 Aug 2022 03:52:52 GMT Wed, 24 Aug 2022 03:52:52 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=Ghh1wcsVdh9rrn1XCQj8&pi=gumgum&tc=1
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 7700
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

4ms
2ms

Document
text/html

23.207.98.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.98.70 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-98-70.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 24 Aug 2022 03:52:52 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 24 Aug 2022 03:52:52 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0786 31 KB
10 KB 2ms
2ms Script
text/html 23.207.98.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.98.70 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-98-70.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0c1faf7fff157dbff7978866f662396ae2dcc90ece68ea0b78c556b2331cb84b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 24 Aug 2022 03:52:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Aug 2022 13:55:35 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=38695
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9442
Expires: Wed, 24 Aug 2022 14:37:47 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 0786
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L772YV4V-W-23GL
https://ads.servenobid.com/sync?pid=323&uid=L772YV4V-W-23GL

0
343 B

135ms
134ms

Image
image/avif

44.236.161.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=323&uid=L772YV4V-W-23GL
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: H2
Server: 44.236.161.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-161-59.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:53 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://ads.servenobid.com/sync?pid=323&uid=L772YV4V-W-23GL
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 636a4452fa95aad32992c06634d4089f
Expires: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7700 31 KB
10 KB 9ms
9ms Script
text/html 23.207.98.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.98.70 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-98-70.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0c1faf7fff157dbff7978866f662396ae2dcc90ece68ea0b78c556b2331cb84b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 24 Aug 2022 03:52:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Aug 2022 13:55:35 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=38695
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9442
Expires: Wed, 24 Aug 2022 14:37:47 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 7700
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L772YV4V-W-23GL
https://usersync.gumgum.com/usersync?b=mag&i=L772YV4V-W-23GL

35 B
250 B

6ms
6ms

Image
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=mag&i=L772YV4V-W-23GL
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:52 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://usersync.gumgum.com/usersync?b=mag&i=L772YV4V-W-23GL
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Expires: 0

GET
H2 200 YwWgkRkfV1XxQV2lcYMt3AAAA4UAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1C19 43 B
993 B 73ms
73ms Image
image/gif 2406:da18:929:5a03:f124:f729:a44b:bb08
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YwWgkRkfV1XxQV2lcYMt3AAAA4UAAAAB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2406:da18:929:5a03:f124:f729:a44b:bb08 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1C19
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YwWglAAIr33XswAK
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YwWglAAIr33XswAK&_test=YwWglAAIr33XswAK

43 B
908 B

84ms
84ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YwWglAAIr33XswAK&_test=YwWglAAIr33XswAK
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73f92341ac7baf3d-NRT
pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PFkCtLDIFZi%2BmdWM3klIma4BVTVSLGl%2BhHBaGGuQqCwaFyv1mpXOXrTuY8AUrQ2nVglXJa9QdeuNB0nPoOwFXDC0Qa%2BTtxz7FAfmRy7NF7Eij7V6UKmc8IrnlevZ34u2tbeQW6GJ0Zmpg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1661313173.734906,VS0,VE0
x-served-by: cache-nrt-rjtf7700043-NRT
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YwWglAAIr33XswAK&_test=YwWglAAIr33XswAK
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1C19
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8707339851561806265

43 B
910 B

84ms
84ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8707339851561806265
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73f92340cb44af3d-NRT
pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gc1jkag3MR2kV4%2BWJ3Y5AMDfEUDsZO28KINJpk33GxGUXfqvpopfTZo4HIBHn77pn70gU%2FW9a2v%2BNCx34TLhSJzcigYM%2FV1PpM0Ytdh6XrV1rzKGxippB9ix5gjIHU6KBRQuYAZl9MKjbg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8707339851561806265
pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 1C19
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=963d6305-a091-4f00-a404-fe3f6aab10e4

43 B
920 B

97ms
96ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=963d6305-a091-4f00-a404-fe3f6aab10e4
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73f92340bb39af3d-NRT
pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIzWoxj2y3f%2BJ%2BC5%2Bw92%2BE9rLacQXQWSFOT%2FYyt20o2YDGgLL72q9gxD1rsKIZb33sq6%2BMMrbl%2BPDfOx%2BtuTtTEOmpNdN9B4C7XrJRmXgEvmxYOHFs%2Bw5I5xH847UHJ21%2FK%2F4tCC3XLRxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Date: Wed, 24 Aug 2022 03:52:52 GMT
Server: MT3 4494 7cf1da7 master hkg-pixel-x17 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=963d6305-a091-4f00-a404-fe3f6aab10e4
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 24 Aug 2022 03:52:51 GMT

GET
H2 200 113
match.deepintent.com/usersync/ Frame 1C19 0
16 B 451ms
177ms Image
text/plain 38.91.45.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
content-length: 0
server: c

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 1C19
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
https://stags.bluekai.com/site/23178?id=LyngVMjr8wl97kuM_Ce3&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2TDZNZTVM...
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=LyngVMjr8wl97kuM_Ce3

43 B
915 B

82ms
81ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=LyngVMjr8wl97kuM_Ce3
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73f92345bac0af3d-NRT
pragma: no-cache
date: Wed, 24 Aug 2022 03:52:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97tMEe3Ixm9YEHOnQ4K%2BhReN88YxYW6orvOBBBY7daxGJ7wUT%2FXaE4TRYSnhnPz9LvBfRkhFnUH3JS5eNpy0r7%2F%2BZwYKdRxV9Nf3bxIKFMp9%2BUBWON6NFonoGrczYbZUMCk8zVm7%2BX6Uqw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:53 GMT
P3p: CP="We do not support P3P header."
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=LyngVMjr8wl97kuM_Ce3
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 115
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 1C19 43 B
932 B 188ms
187ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwWgkRkfV1XxQV2lcYMt3AAAA4UAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:52 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZJ5TB0XB9YZCQ0KAGYBD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 1C19
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwWgkRkfV1XxQV2lcYMt3AAAA4UAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECrJA18fFhlMvq7b_m-AYKE&google_cver=1

43 B
917 B

77ms
77ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECrJA18fFhlMvq7b_m-AYKE&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73f92340bd4e1ec4-NRT
pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qc%2BCRG9oeZna0EJ8T8tygmAFKtIBi5rWcxIelASvrLj%2FlkX23B%2FrwcOKbnneBS9%2BM7JnTPRpO2IVMZA7W4OOWeexS%2B%2BFSnnRv8w0Svd9jevHU%2FxnK3D6kCHF5nepeKuYrn%2FUInqZr%2F7UHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECrJA18fFhlMvq7b_m-AYKE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
ads.servenobid.com/ Frame 1C19 0
356 B 136ms
135ms Image
image/avif 44.236.161.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=YwWgkRkfV1XxQV2lcYMt3AAAA4UAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.161.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-161-59.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 798A 299 B
571 B 3ms
2ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df52f4391c12fd4%26domain%3Dwww.boxofficeindia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.boxofficeindia.com%252Ff1dc83673a5259c%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.boxofficeindia.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90&_rdc=1&_rdr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 299
x-fb-rlafr: 0
x-fb-debug: 5FCoPVYb9hs0KFij3WLlr8akB3nUtJcjuXtNczqCC5RH6kaPbTuBhhh5UJ6pWmzEajKuEUX3ZBxl4OI9urf8CA==
x-fb-trip-id: 382461245
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts: 1661295330169
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 23 Aug 2023 22:55:30 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 0786
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L772YV4V-W-23GL

0
571 B

169ms
151ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L772YV4V-W-23GL
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:53 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: DB911790DF164C89B2A07B886E483C43 Ref B: TYAEDGE0910 Ref C: 2022-08-24T03:52:53Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXm9J2LaZCpSGRo5JJuag==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L772YV4V-W-23GL
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5daa34953a867809056448757b76591b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0786
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK8XN7z01lW1gm8tjGWYtKE&google_cver=1

42 B
710 B

181ms
123ms

Image
image/gif

8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK8XN7z01lW1gm8tjGWYtKE&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK8XN7z01lW1gm8tjGWYtKE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0786
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc3MllWNFYtVy0yM0dM

170 B
188 B

39ms
39ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc3MllWNFYtVy0yM0dM

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc3MllWNFYtVy0yM0dM
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: dbbc2dbf689859fb5870b364473d5441
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0786
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=mFifrdryRdiAK_v7kzxUlA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=mFifrdryRdiAK_v7kzxUlA

43 B
556 B

184ms
184ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=mFifrdryRdiAK_v7kzxUlA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:53 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: TCTDVV7C5ZDSSZCY97RX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=mFifrdryRdiAK_v7kzxUlA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0786
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2E0YmRiMDZkYWFmY2FjZDk2NTMwODNhYzhkZWE3NGNlOWYwYjE0Mg

170 B
188 B

44ms
44ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2E0YmRiMDZkYWFmY2FjZDk2NTMwODNhYzhkZWE3NGNlOWYwYjE0Mg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2E0YmRiMDZkYWFmY2FjZDk2NTMwODNhYzhkZWE3NGNlOWYwYjE0Mg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5daa34953a867809056448757b76591b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0786
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/fGIwId4yEwMRayfIQp-Xyg?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2473978532262687344

42 B
710 B

124ms
123ms

Image
image/gif

8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2473978532262687344
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Content-Type: image/gif

Redirect headers

date: Wed, 24 Aug 2022 03:52:53 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2473978532262687344
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 0786 43 B
932 B 1091ms
326ms Image
image/gif 52.95.115.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:53 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: QJYH8CN1NBJD4JECJPXN
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 0786
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L772YV4V-W-23GL&sigv=1&esig=2~3dbc69cf9e4d60ee6e17a44b18ee505231e6166a

0
194 B

25ms
7ms

Image
text/plain

2406:2000:a4:9fe::1
YAHOO-SG internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L772YV4V-W-23GL&sigv=1&esig=2~3dbc69cf9e4d60ee6e17a44b18ee505231e6166a

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Protocol

Server

2406:2000:a4:9fe::1 , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:53 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L772YV4V-W-23GL&sigv=1&esig=2~3dbc69cf9e4d60ee6e17a44b18ee505231e6166a
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: dbbc2dbf689859fb5870b364473d5441
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 0Jr9FGjN-cC.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/y1/l/en_US/ Frame 798A 536 KB
139 KB 3ms
2ms XHR
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/y1/l/en_US/0Jr9FGjN-cC.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e453f7538f312c47e24edf527a539238e064485b5dc779cda9d6c33d35c4e9f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: NH9ZAb/cQBRGsXNLiHi7dA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 142751
x-fb-rlafr: 0
x-fb-debug: ikN1fpw2Z6qSvZH878DAQA40iOY4PESj+atDO6/rAB9j92MiQ10I10JvFjl5mA7aJx7pLkNAEOPP3tQnn86LhA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts: 1661261325272
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 23 Aug 2023 13:28:45 GMT

GET
H3 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame B23C 299 B
355 B 10ms
2ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df122bb73614c694%26domain%3Dwww.boxofficeindia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.boxofficeindia.com%252Ff1dc83673a5259c%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.boxofficeindia.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90&_rdc=1&_rdr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 299
x-fb-rlafr: 0
x-fb-debug: UTP2e10STDJlQh24nhEv1SCjJP1Ri9K/ZL5HrJWS8/BzMy/qI39Tlospjt4RqN44ifS1OUdkGkOjIUrwWydFUA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts: 1661295330180
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 23 Aug 2023 22:55:30 GMT

GET
H3 200 0Jr9FGjN-cC.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/y1/l/en_US/ Frame B23C 536 KB
139 KB 3ms
2ms XHR
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/y1/l/en_US/0Jr9FGjN-cC.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df122bb73614c694%26domain%3Dwww.boxofficeindia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.boxofficeindia.com%252Ff1dc83673a5259c%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.boxofficeindia.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90&_rdc=1&_rdr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e453f7538f312c47e24edf527a539238e064485b5dc779cda9d6c33d35c4e9f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: NH9ZAb/cQBRGsXNLiHi7dA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 142751
x-fb-rlafr: 0
x-fb-debug: ikN1fpw2Z6qSvZH878DAQA40iOY4PESj+atDO6/rAB9j92MiQ10I10JvFjl5mA7aJx7pLkNAEOPP3tQnn86LhA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts: 1661261325272
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 23 Aug 2023 13:28:45 GMT

GET
H3 200 0Jr9FGjN-cC.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/y1/l/en_US/ Frame B23C 536 KB
139 KB 3ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/y1/l/en_US/0Jr9FGjN-cC.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df122bb73614c694%26domain%3Dwww.boxofficeindia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.boxofficeindia.com%252Ff1dc83673a5259c%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.boxofficeindia.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90&_rdc=1&_rdr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e453f7538f312c47e24edf527a539238e064485b5dc779cda9d6c33d35c4e9f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: NH9ZAb/cQBRGsXNLiHi7dA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 142751
x-fb-rlafr: 0
x-fb-debug: ikN1fpw2Z6qSvZH878DAQA40iOY4PESj+atDO6/rAB9j92MiQ10I10JvFjl5mA7aJx7pLkNAEOPP3tQnn86LhA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts: 1661261325272
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 23 Aug 2023 13:28:45 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ Frame 1121 107 B
122 B 37ms
36ms Script
application/javascript 2404:6800:4004:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=www.boxofficeindia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 03:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1121 107 B
122 B 41ms
40ms Script
application/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.boxofficeindia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 03:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1121 70 KB
34 KB 609ms
609ms XHR
text/plain 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4391653401298964&correlator=3503482705382142&eid=31068929%2C31069105%2C31062931&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fifs&iu_parts=21671350435%3A22684505004%2C300x250-data-boxofficeindia.com_._t1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1830339753&sfv=1-0-38&fsfs=1&fsapi=false&eri=1&sc=1&cookie=ID%3D4eebd6e511a664e1%3AT%3D1661313168%3AS%3DALNI_MYF_jgPaPyA1nWK2rDl1Fef5VvCGg&cdm=www.boxofficeindia.com&gpic=UID%3D000008f88bd85ef5%3AT%3D1661313168%3ART%3D1661313168%3AS%3DALNI_MZC43xI-n1ra-ISYGrfeabGGb9gmA&abxe=1&dt=1661313172713&lmt=1661313172&dlt=1661313170599&idt=375&adxs=980&adys=253&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=3s15bxdjl4ng&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=4&url=https%3A%2F%2Fwww.boxofficeindia.com%2F&top=https%3A%2F%2Fwww.boxofficeindia.com%2F&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=449757693.1661313168&ga_sid=1661313173&ga_hid=2100877089&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1bd8b6918076d42e01a2be0d91a516bca1b1c5c84b0b3fdabc61ce7d1980a8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34716
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.boxofficeindia.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1121 14 KB
11 KB 57ms
57ms XHR
application/json 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

218ac4da865f186f41bba9136139e766c92a010dc3b7de6f6ba09216c95f31ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 03:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10946
x-xss-protection: 0

GET
H2 200 container.html Show response
7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 26F2 6 KB
3 KB 76ms
39ms Document
text/html 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 03:52:52 GMT
expires: Thu, 24 Aug 2023 03:52:52 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1121 17 KB
6 KB 49ms
48ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 03:52:52 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3674 13 KB
5 KB 4ms
3ms Document
text/html 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 7598
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 01:46:14 GMT
expires: Thu, 24 Aug 2023 01:46:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8420 783 B
534 B 83ms
82ms Document
text/html 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0ee05bec79ee9f885399b7f6e705e9f22d774f141eba56dbd853b3eec2c359ed

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fsWFr2Ivbq-dy59zwb8AMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-fsWFr2Ivbq-dy59zwb8AMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 03:52:52 GMT
expires: Wed, 24 Aug 2022 03:52:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Show response
pagead2.googlesyndication.com/bg/ Frame 3674 36 KB
14 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 18:29:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 18:29:07 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3674 0
10 B 3ms
2ms Image
text/plain 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9uF6CQ
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8420 0
0 39ms
38ms Image
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081701&jk=4391653401298964&rc=
Requested by: Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CF22 0
746 B 100ms
100ms Script
text/html 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:53 GMT
X-Proxy-Origin: 217.138.252.170; 217.138.252.170; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9e67152c-73ac-4ef0-85d7-3a91f8acd15a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
ads.servenobid.com/ Frame 8A29 0
344 B 135ms
133ms Image
image/avif 44.236.161.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=4587569828956121164&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.161.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-161-59.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:53 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET

/
rtb-csync.smartadserver.com/redir/ Frame 8A29
Redirect Chain

https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMOzGHWC-1EhYpFWNNnuC7VPyUS7U8Vuwix6rR3IA&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_...

0
0

GET

/
rtb-csync.smartadserver.com/redir/ Frame 8A29
Redirect Chain

https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=871XxKS-XsXotwLF8b9KyfTrX8LovlXGoLpu-1G6

0
0

GET

/
rtb-csync.smartadserver.com/redir/ Frame 8A29
Redirect Chain

https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=smartadserver&ssp_user_id=dd5ee5f5-8a47-45bd-b4bc-be5be747ea6d&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=74&&user_id=171250307&expires=5&ssp=smartadserver
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=dd5ee5f5-8a47-45bd-b4bc-be5be747ea6d&gdpr=&gdpr_consent=

0
0

GET

/
rtb-csync.smartadserver.com/redir/ Frame 8A29
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=963d6305-a091-4f00-a404-fe3f6aab10e4&gdpr=0&gdpr_consent=

0
0

GET
H3 200 container.html Show response
7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 652B 6 KB
3 KB 39ms
38ms Document
text/html 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 03:52:53 GMT
expires: Thu, 24 Aug 2023 03:52:53 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2BDF 466 B
305 B 42ms
41ms Document
text/html 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-8UhCOol4Y07O90AEwAQ&v=APEucNV8ZARsOqAb8n0msN4UTK-brUPBXN2BdBmGIp-7DK-La2cGmVhXSjv-nMaSTbJ5cgTKghREes7wsJJmHbGGtCAqEnmPDA

Requested by

Host: 7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com
URL: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 280
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 03:52:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 652B 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 03:49:32 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 652B 6 KB
3 KB 4ms
4ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d4f6e28cf855271fabcd5fccb24e71ef842e3ffa3c33795d9ddd9d3a1e3a46b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2640
x-xss-protection: 0
server: cafe
etag: 4024001306453174559
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Sep 2022 22:10:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 652B 0
27 B 53ms
53ms Ping
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuZlZII6VjS3qz8hVexgTH8NU8AFFP9z1FyCf2799xV1gfcCQ2rXizp_GX0k_PL89B2UEzGYo6Pu6cvZ-XCF7g0MFgIC96TLtkBvAOPW68E9VAVeLtPBDblT6hdJJyOhG7uiba5dMdFcX6sZJkzD7ZbRPQMfZc_9PQ2C6vZBucgxXix9Q30tgVxNgJwpjYN_0FJ8TxReE7pvPb5LEYVF7CHh36sn3evL_AQKnK2j8eNKOcCLWObKUrfVVaY5tovreWXq9r35c9EVyi5rPlHrFiTBse2yY71He3zQDtaiiEKOQ-ZH51ZHEBYhEwjymiRPuMzUlq20RlkufD7mBEO5M7th1626aRjb2fxhuZXZvGtzhiYx4T2MCycvBMeNOIwKYxg2zues0-P3laNbZ9YeIOi_Dk6XFY-r7-Gsu-nwCo1V_MHp8cYTldhTtWkQQV6T9ZP-2_b4niFMV3QLrQ2j6KowcvD4_xgabZLh4-UPSuI09jp9GBSivuk5hYmxVIeE4EpR012W6-gfosov6noV9ouDBiSH_AY7P-brVuEwvSseVYa6OvOA3JQ8TgFu9qYbdJlf0Yxpb62Jnqh7Xd6eQ2C3aNS0nHGd2xGMgwGA6Cmnj-PRjY9mggw59NS3Wi08URZ2vkp6T7pXHTWxpdy_5RhNskPnoLfO0Fonv2mo8hZ2tQXf65ESVxWDzu08wEyPrCk0v1mvGM4QjrHb_TAhYsFIRH8aD4iitn2nuZcaYVrDkSJHrtH-Zgk7H96yh1tp3EwSkSCAqf_DXEJ9_8aPQrylj7MRRcRm179uChDgsjUiU5CfKToD165PIAoi4FvcMnyN1JoPKZh84mamGvjvStuLOs-UT9OAAABH4e0U4BomGfIUia0bmbBSD5aW7-iRgBessYeGmZi64AgTUZKq-jkJNmlPcwFWSkOXSXFsgOglBre_W99E2T5o__66y4sRnwNmE6KYGmbGUs3GSbF9vogfJJ0x3rv2CfzdwmY5xwFCPmylW_iYf6tk67x3BXsMeEVXqPRU1FhH5tRr0ZvL1B7O_M6d-cgxjH3hkCm9W66wNPzT7V-W1jDyaD1ypAJ_rzXh4dF-rHAKAqD-RVuAHe9sAu0PDZPrcUHbBukL-keLVlR-K7wKORztRu8vTM0wIVNutEAg9jtMPtgDorkeG0_tZPQweiBX6MzoRc8wC8QJYZwxn3_a0fjCPHuSRAXUITa5Q-kmpMYiavu4Wx9nngOpiYl7w9kVpv0_4aUFVAYcmxdGtLpvxkBqYDTVA&sai=AMfl-YR5LDPYZzc6ftGSpXPlPOThoKBNn9rUmunxKR9VlpINylHShD5FbCG35RoXeDvshqnnmuV4uNlD9FKjTuvKybkyUf556pT2WD1Ma-PJsYiP9N4Fi2l6o8P2lfeqo99klvjKIv9YYoGrDxSHMKall5gI1IyppTHKsothyVis-mHRkzLTOqtzRaRhpYB-SxbPgemNC71_NaHV9MryMOqky2KIS2obS7wpVg4hgGu-XtKpXNu8NULNz_3o5lvaakY4xp7_a9Rbv2Ru2vHo3jjZejYCUFZ1CKloUL_nWag&sig=Cg0ArKJSzAc3iBcrcRGNEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220822.08355&adurl=

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 24 Aug 2022 03:52:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 652B 41 KB
15 KB 5ms
2ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:36:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141375
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 12:36:38 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 652B 42 B
63 B 41ms
39ms Image
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CGKjecUf5uG_bcgnqW8IyhXw9cWr9jhkdtSFqkfvYue_GUkx29NbEnegtxWu7GMhplVvd9-RT7-K8TFR9ke7k5oKh6WiN1F-NpQXIFPQ3kyHYdR4U

Requested by

Host: 7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com
URL: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 652B 3 KB
1 KB 6ms
4ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com
URL: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 398
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 03:46:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 652B 17 KB
7 KB 7ms
4ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com
URL: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:44:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 479
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 03:44:54 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 652B 0
0 40ms
38ms Image
text/html 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTpnDVg0IBgqSZk9jLeduXTQFxQu-zCPMS-zmIFu8sbc58rPshiSda-2-MFxxn03j2QhD66s0zBDqA13zl2r0TiX3EvWA
Requested by: Host: 7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com
URL: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 652B 140 KB
43 KB 47ms
45ms Script
text/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com
URL: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44049
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661168302676581"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 03:52:53 GMT

GET
H3 200 25947742346680974
s0.2mdn.net/simgad/ Frame 652B 81 KB
81 KB 8ms
6ms Image
image/jpeg 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/25947742346680974

Requested by

Host: 7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com
URL: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

168386310f713f7d730b06ce29695d55f73228b94b32ce6bee5e548ce88ef28c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 15:36:50 GMT
x-content-type-options: nosniff
age: 130563
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83340
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 06:52:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 15:36:50 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 745C 1 KB
749 B 2ms
2ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com
URL: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1654
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 03:25:19 GMT
etag: 48472445140208031
expires: Thu, 25 Aug 2022 03:25:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 652B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60a279ea27f915fe1f903ec5b32f9cf74fbec92b374c1283f2b9b5da9416cf43

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 652B 0
26 B 40ms
39ms Ping
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.boxofficeindia.com
URL: https://www.boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 03:52:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B701 22 KB
8 KB 3ms
3ms Document
text/html 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 48211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Aug 2022 14:29:22 GMT
expires: Wed, 23 Aug 2023 14:29:22 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 745C
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eDFsUkZVQzExT3FIckk1&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4CS7ylcQXcrTSusNbcF08q7nFD9S7XFSpqsVhvJc45...

170 B
188 B

39ms
39ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eDFsUkZVQzExT3FIckk1&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4CS7ylcQXcrTSusNbcF08q7nFD9S7XFSpqsVhvJc45EsF2iD52OPKsjIwO47Vzbj2ZDTEGBFAKJJdgsuGKUe4cYxMlvlCRf

Requested by

Host: 7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com
URL: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 03:52:53 GMT
Server: PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-04d2d43691b0ba1ae@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eDFsUkZVQzExT3FIckk1&google_gid=CAESEBhNHTIsk32OoI08EzeG_gc&google_cver=1&google_push=AehlK4CS7ylcQXcrTSusNbcF08q7nFD9S7XFSpqsVhvJc45EsF2iD52OPKsjIwO47Vzbj2ZDTEGBFAKJJdgsuGKUe4cYxMlvlCRf
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 745C
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMYP7uAgJeAGjBVFcd-MwzI&google_cver=1&google_push=AehlK4A3MiDwYZNoujbOHN6RAuIAjt1869-23OOxzFyiEvPCtGMV-C9EGyRROaQ9YFz9v85t7hN9zzEQA4dEl2Sc0Toao921bX7hvw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B60E422D7329441D89F5C7753CAD453A&google_push=AehlK4A3MiDwYZNoujbOHN6RAuIAjt1869-23OOxzFyiEvPCtGMV-C9EGyRROaQ9YFz9v85t7hN9zzEQA4dEl2S...

170 B
188 B

42ms
42ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B60E422D7329441D89F5C7753CAD453A&google_push=AehlK4A3MiDwYZNoujbOHN6RAuIAjt1869-23OOxzFyiEvPCtGMV-C9EGyRROaQ9YFz9v85t7hN9zzEQA4dEl2Sc0Toao921bX7hvw

Requested by

Host: 7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com
URL: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 24 Aug 2022 03:52:53 GMT
x-content-type-options: nosniff
server: openresty
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B60E422D7329441D89F5C7753CAD453A&google_push=AehlK4A3MiDwYZNoujbOHN6RAuIAjt1869-23OOxzFyiEvPCtGMV-C9EGyRROaQ9YFz9v85t7hN9zzEQA4dEl2Sc0Toao921bX7hvw
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 23 Aug 2022 03:52:53 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 745C
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKb-KHc-lMdzUmdD5o9q3Ac&google_cver=1&google_push=AehlK4BOlYfqXnzzBNPwWdEs1KbwvBOgH14E6jIOlcANnSsLGZ8wg1GNuyQ_YjW83n8Rt3IQgy8NA_rj2uL2QNsBBu...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTI0NWFiMjktNTgxMC00YzVhLTk0OGItY2FjNGVkODI5NDhj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1245ab29-5810-4c5a-948b-cac4ed82948c

170 B
188 B

45ms
44ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTI0NWFiMjktNTgxMC00YzVhLTk0OGItY2FjNGVkODI5NDhj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1245ab29-5810-4c5a-948b-cac4ed82948c

Requested by

Host: 7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com
URL: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:53 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTI0NWFiMjktNTgxMC00YzVhLTk0OGItY2FjNGVkODI5NDhj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1245ab29-5810-4c5a-948b-cac4ed82948c
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 423

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 745C
Redirect Chain

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESECpORWJhJ9UR_ueTKEP2VXY&google_cver=1&google_push=AehlK4Dt_aGWmpbQAArkG5tO6r2QvQ7e1n1vLyi2lUW9B9FcNEoKcF6cd9JrXvBJ0AeEczLb03idhEOAXwUefFKTSP0oDF_cYav1
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4Dt_aGWmpbQAArkG5tO6r2QvQ7e1n1vLyi2lUW9B9FcNEoKcF6cd9JrXvBJ0AeEczLb03idhEOAXwUefFKTSP0oDF_cYav1&google_hm=NTA4M3FvMDBMQkRHYTAwN2V...

170 B
188 B

45ms
45ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4Dt_aGWmpbQAArkG5tO6r2QvQ7e1n1vLyi2lUW9B9FcNEoKcF6cd9JrXvBJ0AeEczLb03idhEOAXwUefFKTSP0oDF_cYav1&google_hm=NTA4M3FvMDBMQkRHYTAwN2VXV0M

Requested by

Host: 7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com
URL: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-store, no-cache
Date: Wed, 24 Aug 2022 03:52:53 GMT
Server: nginx
P3P: CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location: //cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4Dt_aGWmpbQAArkG5tO6r2QvQ7e1n1vLyi2lUW9B9FcNEoKcF6cd9JrXvBJ0AeEczLb03idhEOAXwUefFKTSP0oDF_cYav1&google_hm=NTA4M3FvMDBMQkRHYTAwN2VXV0M
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
X-SID: 159f32b0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 745C
Redirect Chain

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEMm8dKzz_v66r5xCz1VGVik&google_cver=1&google_push=AehlK4CWJUB7I6FB2bkfgcAYGcmQ6jcXqlIQAIJvZXy1jmhiVg39QIQjGRgjxsNiHHwXCTOsyGSNWBFJ...
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTI1MDgyMDA1MzU2NzYwMzUyMTA&google_push=AehlK4CWJUB7I6FB2bkfgcAYGcmQ6jcXqlIQAIJvZXy1jmhiVg39QIQjGRgjxsNiHHwXCTOsyGSNWBF...

170 B
188 B

39ms
39ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTI1MDgyMDA1MzU2NzYwMzUyMTA&google_push=AehlK4CWJUB7I6FB2bkfgcAYGcmQ6jcXqlIQAIJvZXy1jmhiVg39QIQjGRgjxsNiHHwXCTOsyGSNWBFJiZcc4LN5rmbEs6YZOL0MOoI

Requested by

Host: 7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com
URL: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTI1MDgyMDA1MzU2NzYwMzUyMTA&google_push=AehlK4CWJUB7I6FB2bkfgcAYGcmQ6jcXqlIQAIJvZXy1jmhiVg39QIQjGRgjxsNiHHwXCTOsyGSNWBFJiZcc4LN5rmbEs6YZOL0MOoI
Date: Wed, 24 Aug 2022 03:52:53 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 745C 0
12 B 39ms
38ms Image
text/html 172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K7cTrJVNjB4S_gBgrelgtH_gQzWNJGu7eqxjrmkYXMVYX75WBotdPr79ts

Requested by

Host: 7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com
URL: https://7d72ff9f9ec3b4959ed05a17f6783fed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:52:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 2BDF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMimT_HnQAc8WHLjGTAOQiQ&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMimT_HnQAc8WHLjGTAOQiQ&google_cver=1&__user_check__=1&sync_id=3b55bb9e-2360-11ed-9658-140b6c3a0507

43 B
548 B

75ms
74ms

Image
image/gif

103.71.26.125
SPOTX-AS-AP SpotX...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMimT_HnQAc8WHLjGTAOQiQ&google_cver=1&__user_check__=1&sync_id=3b55bb9e-2360-11ed-9658-140b6c3a0507
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-8UhCOol4Y07O90AEwAQ&v=APEucNV8ZARsOqAb8n0msN4UTK-brUPBXN2BdBmGIp-7DK-La2cGmVhXSjv-nMaSTbJ5cgTKghREes7wsJJmHbGGtCAqEnmPDA
Protocol: HTTP/1.1
Server: 103.71.26.125 Singapore, Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 24 Aug 2022 03:52:53 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 61
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 24 Aug 2022 03:52:53 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESEMimT_HnQAc8WHLjGTAOQiQ&google_cver=1&__user_check__=1&sync_id=3b55bb9e-2360-11ed-9658-140b6c3a0507
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 43
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2BDF
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=M2I0Y2QwZGYtMjM2MC0xMWVkLWI2ZjUtMTIzYTI4ODUwMTA3

170 B
188 B

42ms
41ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=M2I0Y2QwZGYtMjM2MC0xMWVkLWI2ZjUtMTIzYTI4ODUwMTA3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-8UhCOol4Y07O90AEwAQ&v=APEucNV8ZARsOqAb8n0msN4UTK-brUPBXN2BdBmGIp-7DK-La2cGmVhXSjv-nMaSTbJ5cgTKghREes7wsJJmHbGGtCAqEnmPDA

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 03:52:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 24 Aug 2022 03:52:53 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=M2I0Y2QwZGYtMjM2MC0xMWVkLWI2ZjUtMTIzYTI4ODUwMTA3
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 40
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2BDF
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1lX3g3bzdwRTJ1RjlsOERmVDdfUEtuRWRJQTFmdC5TcH5B

170 B
188 B

40ms
40ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1lX3g3bzdwRTJ1RjlsOERmVDdfUEtuRWRJQTFmdC5TcH5B

Requested by

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS