lanterman.web.fc2.com Open in urlscan Pro
104.244.99.169 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://lanterman.web.fc2.com/
Submission: On August 13 via api (August 13th 2023, 6:54:05 pm UTC) from US — Scanned from DE

Summary HTTP 160 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 53 IPs in 9 countries across 40 domains to perform 160 HTTP transactions. The main IP is 104.244.99.169, located in United States and belongs to FC2-INC-2, US. The main domain is lanterman.web.fc2.com.

This is the only time lanterman.web.fc2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	104.244.99.169 104.244.99.169	63210 (FC2-INC-2) (FC2-INC-2)
8	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 2	192.104.182.109 192.104.182.109	10668 (LEE-ASN) (LEE-ASN)
1	192.0.72.21 192.0.72.21	2635 (AUTOMATTIC) (AUTOMATTIC)
1 1	2a02:26f0:710... 2a02:26f0:7100::210:110	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:710... 2a02:26f0:7100::210:162	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	92.205.2.206 92.205.2.206	21499 (GODADDY-SXB) (GODADDY-SXB)
1	204.228.68.58 204.228.68.58	209 (CENTURYLI...) (CENTURYLINK-US-LEGACY-QWEST)
1 2	23.227.60.200 23.227.60.200	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.244.99.58 104.244.99.58	63210 (FC2-INC-2) (FC2-INC-2)
1 1	94.229.72.117 94.229.72.117	42831 (UKSERVERS...) (UKSERVERS-AS UK Dedicated Servers)
1	103.224.182.206 103.224.182.206	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
3	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	104.244.99.106 104.244.99.106	63210 (FC2-INC-2) (FC2-INC-2)
2 8	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1 8	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3	2a02:3d0:6:a0... 2a02:3d0:6:a000::3	22822 (LLNW) (LLNW)
4	104.244.99.97 104.244.99.97	63210 (FC2-INC-2) (FC2-INC-2)
1	104.244.99.67 104.244.99.67	63210 (FC2-INC-2) (FC2-INC-2)
5	199.48.209.213 199.48.209.213	63210 (FC2-INC-2) (FC2-INC-2)
4 8	14.0.41.202 14.0.41.202	54994 (QUANTILNE...) (QUANTILNETWORKS)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
4	18.165.227.72 18.165.227.72	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:350... 2a02:26f0:3500:c::5c7b:680f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	202.233.84.9 202.233.84.9	131957 (MICROAD M...) (MICROAD MicroAd)
14	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.67.123.166 3.67.123.166	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:c921:7369:53d4:6471	16509 (AMAZON-02) (AMAZON-02)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:4e4e:de4:976c:6d16	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:1901:0:e... 2600:1901:0:e207::	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
1	104.77.35.11 104.77.35.11	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1 1	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
2	130.211.14.194 130.211.14.194	15169 (GOOGLE) (GOOGLE)
4	202.233.84.10 202.233.84.10	131957 (MICROAD M...) (MICROAD MicroAd)
2	54.199.241.78 54.199.241.78	16509 (AMAZON-02) (AMAZON-02)
2	3.114.87.100 3.114.87.100	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:219... 2600:9000:219c:6a00:c:2040:40c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:224... 2600:9000:2248:4c00:1f:2964:4340:93a1	() ()
2	18.176.196.219 18.176.196.219	() ()
2	2600:9000:218... 2600:9000:218e:d600:1d:4ba6:de80:93a1	() ()
160	53

11 104.244.99.169 (United States)

ASN63210 (FC2-INC-2, US)

lanterman.web.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.104.182.109 (United States) 1 redirects

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com

www.southhaventribune.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.heraldpalladium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.21 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

localtvwqad.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::210:110 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

s3.india.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::210:162 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s3.india.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.205.2.206 (Strasbourg, France) 1 redirects

ASN21499 (GODADDY-SXB, DE)
PTR: 206.2.205.92.host.secureserver.net

www.woodlandsnaturalhealthcentre.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.228.68.58 (Denver, United States)

ASN209 (CENTURYLINK-US-LEGACY-QWEST, US)
PTR: www.cusys.edu

www.cusys.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.227.60.200 (Canada) 1 redirects

ASN13335 (CLOUDFLARENET, US)
PTR: cdn.shopify.com

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.99.58 (United States)

ASN63210 (FC2-INC-2, US)

media.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.229.72.117 (London, United Kingdom) 1 redirects

ASN42831 (UKSERVERS-AS UK Dedicated Servers, Hosting and Co-Location, GB)
PTR: no.rdns.ukservers.com

secularcoalition.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.224.182.206 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com

ifigent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.99.106 (United States)

ASN63210 (FC2-INC-2, US)

vip.chps-api.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.34 (Grosse Pointe, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:3d0:6:a000::3 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)

static.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.244.99.97 (United States)

ASN63210 (FC2-INC-2, US)

media5.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.99.67 (United States)

ASN63210 (FC2-INC-2, US)

textad.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.48.209.213 (United States)

ASN63210 (FC2-INC-2, US)

storage1000-textad.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 14.0.41.202 (Osaka, Japan) 4 redirects

ASN54994 (QUANTILNETWORKS, CA)

j.microad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jgl.microad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.165.227.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-227-72.lhr61.r.cloudfront.net

cache.send.microadinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:c::5c7b:680f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 202.233.84.9 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

s-rtb.send.microadinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.67.123.166 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-123-166.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:c921:7369:53d4:6471 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:4e4e:de4:976c:6d16 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:e207:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.77.35.11 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-35-11.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.230 (Grosse Pointe, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Ismaning, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.130 (Valence, France) 1 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.14.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.14.211.130.bc.googleusercontent.com

cdn-fluct.sh.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 202.233.84.10 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

ssp.send.microadinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.199.241.78 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-199-241-78.ap-northeast-1.compute.amazonaws.com

sh.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.114.87.100 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-87-100.ap-northeast-1.compute.amazonaws.com

i.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:219c:6a00:c:2040:40c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

spdeliver.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
spcdnpc.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2248:4c00:1f:2964:4340:93a1 (United States)

ASN- ()

ssp-bidder.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.176.196.219 (None, )

ASN- ()

ssp-bidapi-n1.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:218e:d600:1d:4ba6:de80:93a1 (None, )

ASN- ()

spsvcpc-tls.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	fc2.com lanterman.web.fc2.com media.fc2.com — Cisco Umbrella Rank: 548216 vip.chps-api.fc2.com static.fc2.com — Cisco Umbrella Rank: 303427 media5.fc2.com — Cisco Umbrella Rank: 910219 textad.fc2.com storage1000-textad.fc2.com	447 KB
21	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 151	289 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 30452 ad4m.at — Cisco Umbrella Rank: 10726 assets.ad4m.at — Cisco Umbrella Rank: 40955	449 KB
14	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 239 ad.doubleclick.net — Cisco Umbrella Rank: 194	104 KB
12	microadinc.com cache.send.microadinc.com — Cisco Umbrella Rank: 188348 s-rtb.send.microadinc.com — Cisco Umbrella Rank: 147918 ssp.send.microadinc.com — Cisco Umbrella Rank: 151970	21 KB
11	i-mobile.co.jp spdeliver.i-mobile.co.jp — Cisco Umbrella Rank: 466042 ssp-bidder.i-mobile.co.jp — Cisco Umbrella Rank: 848442 ssp-bidapi-n1.i-mobile.co.jp spsvcpc-tls.i-mobile.co.jp spcdnpc.i-mobile.co.jp	113 KB
8	microad.net 4 redirects j.microad.net — Cisco Umbrella Rank: 135145 jgl.microad.net — Cisco Umbrella Rank: 187598	120 KB
8	google.com cse.google.com — Cisco Umbrella Rank: 3436 www.google.com — Cisco Umbrella Rank: 3 clients1.google.com — Cisco Umbrella Rank: 630	174 KB
6	adingo.jp cdn-fluct.sh.adingo.jp — Cisco Umbrella Rank: 188506 sh.adingo.jp — Cisco Umbrella Rank: 73272 i.adingo.jp — Cisco Umbrella Rank: 98365	11 KB
5	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 27309 audiencedata.im-apps.net — Cisco Umbrella Rank: 29725	11 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	93 KB
5	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1216 www.googleadservices.com — Cisco Umbrella Rank: 150	599 B
4	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1053 syndication.twitter.com — Cisco Umbrella Rank: 1269	135 KB
3	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608 gum.criteo.com — Cisco Umbrella Rank: 425	936 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	169 KB
2	ad4mat.net static-de.ad4mat.net — Cisco Umbrella Rank: 154708 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 127321	4 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 841 s.tribalfusion.com — Cisco Umbrella Rank: 1914	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 921 r.turn.com — Cisco Umbrella Rank: 3853	869 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	2 KB
2	shopify.com 1 redirects cdn.shopify.com — Cisco Umbrella Rank: 2221	169 KB
2	woodlandsnaturalhealthcentre.co.uk 1 redirects www.woodlandsnaturalhealthcentre.co.uk	387 B
2	india.com 1 redirects s3.india.com — Cisco Umbrella Rank: 859928	38 KB
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 43976	606 B
1	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 44292	692 B
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 69872	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 64810	435 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 64401	261 B
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 17077	703 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 7426	671 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1864	296 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 465	760 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 354	146 B
1	ifigent.com ifigent.com
1	secularcoalition.info 1 redirects secularcoalition.info	2 KB
1	cusys.edu www.cusys.edu	8 KB
1	wordpress.com localtvwqad.files.wordpress.com
1	heraldpalladium.com www.heraldpalladium.com — Cisco Umbrella Rank: 982602
1	southhaventribune.net 1 redirects www.southhaventribune.net	248 B
0	xosnetwork.com Failed image.cdnllnwnl.xosnetwork.com Failed
0	indiana.edu Failed mcnair.indiana.edu Failed
160	40

	Domain	Requested by
13	tpc.googlesyndication.com	googleads.g.doubleclick.net
11	lanterman.web.fc2.com	lanterman.web.fc2.com
8	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
8	pagead2.googlesyndication.com	lanterman.web.fc2.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
6	assets.ad4m.at	as.ad4m.at
5	storage1000-textad.fc2.com	lanterman.web.fc2.com
5	www.google.com	cse.google.com www.google.com lanterman.web.fc2.com
4	spdeliver.i-mobile.co.jp	j.microad.net spdeliver.i-mobile.co.jp
4	ssp.send.microadinc.com	media5.fc2.com
4	ad4m.at	as.ad4m.at ad4m.at
4	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	s-rtb.send.microadinc.com	j.microad.net
4	dmp.im-apps.net	j.microad.net
4	cache.send.microadinc.com	j.microad.net
4	jgl.microad.net	media5.fc2.com
4	j.microad.net	4 redirects
4	media5.fc2.com	static.fc2.com lanterman.web.fc2.com media5.fc2.com
4	www.googleadservices.com	lanterman.web.fc2.com
3	static.fc2.com	vip.chps-api.fc2.com static.fc2.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	platform.twitter.com	lanterman.web.fc2.com platform.twitter.com
3	media.fc2.com	lanterman.web.fc2.com static.fc2.com
2	spsvcpc-tls.i-mobile.co.jp	spdeliver.i-mobile.co.jp spsvcpc-tls.i-mobile.co.jp
2	ssp-bidapi-n1.i-mobile.co.jp	ssp-bidder.i-mobile.co.jp
2	ssp-bidder.i-mobile.co.jp	spdeliver.i-mobile.co.jp
2	i.adingo.jp	media5.fc2.com
2	sh.adingo.jp	cdn-fluct.sh.adingo.jp
2	cdn-fluct.sh.adingo.jp	j.microad.net
2	ad.doubleclick.net	2 redirects
2	gum.criteo.com	cache.send.microadinc.com
2	www.gstatic.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	cse.google.com	lanterman.web.fc2.com www.google.com
2	cdn.shopify.com	1 redirects lanterman.web.fc2.com
2	www.woodlandsnaturalhealthcentre.co.uk	1 redirects lanterman.web.fc2.com
2	s3.india.com	1 redirects lanterman.web.fc2.com
1	spcdnpc.i-mobile.co.jp	spsvcpc-tls.i-mobile.co.jp
1	pb.media01.eu	as.ad4m.at
1	pv.medialead.de	1 redirects
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	www.awin1.com	as.ad4m.at
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	static-de.ad4mat.net	as.ad4m.at
1	audiencedata.im-apps.net	dmp.im-apps.net
1	ius.ctnsnet.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	s.tribalfusion.com	lanterman.web.fc2.com
1	a.tribalfusion.com	1 redirects
1	r.turn.com	lanterman.web.fc2.com
1	ad.turn.com	1 redirects
1	syndication.twitter.com	platform.twitter.com
1	clients1.google.com	lanterman.web.fc2.com
1	textad.fc2.com	static.fc2.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	vip.chps-api.fc2.com	lanterman.web.fc2.com
1	ifigent.com	lanterman.web.fc2.com
1	secularcoalition.info	1 redirects
1	www.cusys.edu	lanterman.web.fc2.com
1	localtvwqad.files.wordpress.com	lanterman.web.fc2.com
1	www.heraldpalladium.com	lanterman.web.fc2.com
1	www.southhaventribune.net	1 redirects
0	image.cdnllnwnl.xosnetwork.com Failed	lanterman.web.fc2.com
0	mcnair.indiana.edu Failed	lanterman.web.fc2.com
160	70

This site contains links to these domains. Also see Links.

Domain
twitter.com
essaydot.conajans.com
paymetodoyourhomework.ukessays.xyz
custompaperwritingservice.grabmyessay.life
assignmentmasters.grabmyessay.life
procustomwriting.init-ltd.com
craftanessay.coolessay.xyz
web.fc2.com
textad.net

Subject Issuer	Validity	Valid
*.files.wordpress.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
cusys.edu Sectigo RSA Organization Validation Secure Server CA	`2022-12-14` - `2023-12-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.fc2.com RapidSSL TLS RSA CA G1	`2023-06-09` - `2024-07-08`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
cache.send.microadinc.com Amazon RSA 2048 M02	`2023-01-24` - `2024-02-22`	a year	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.send.microadinc.com GlobalSign RSA OV SSL CA 2018	`2022-10-05` - `2023-11-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-07-31` - `2023-10-29`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
cdn-fluct.sh.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2022-10-12` - `2023-10-15`	a year	crt.sh
*.adingo.jp Amazon RSA 2048 M01	`2023-02-13` - `2023-11-11`	9 months	crt.sh
*.i-mobile.co.jp JPRS Domain Validation Authority - G4	`2023-03-01` - `2024-03-31`	a year	crt.sh

This page contains 26 frames:

Primary Page: http://lanterman.web.fc2.com/
Frame ID: 64889D49771F266C4CC66982EF6211E0
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html
Frame ID: 6032F7B21F616C770C3E4022363855A2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=600&slotname=3865380065&adk=2462822920&adf=233326967&pi=t.ma~as.3865380065&w=235&fwrn=4&fwrnh=100&lmt=1519982746&rafmt=1&format=235x600&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1691952834554&bpp=3&bdt=2636&idt=246&shv=r20230809&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&correlator=3780434554067&frm=20&pv=2&ga_vid=1295465929.1691952835&ga_sid=1691952835&ga_hid=1885597197&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=270&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44798879%2C31076924%2C44795909%2C31076964&oid=2&pvsid=3193668809667926&tmod=1914473906&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Pgg0nGLOcn&p=http%3A//lanterman.web.fc2.com&dtd=259
Frame ID: C3A7A944A88D44B7A91FC68215A15526
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=280&slotname=3865380065&adk=3534818277&adf=2051345969&pi=t.ma~as.3865380065&w=800&fwrn=4&fwrnh=100&lmt=1519982746&rafmt=1&format=800x280&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1691952834557&bpp=1&bdt=2639&idt=264&shv=r20230809&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=235x600&correlator=3780434554067&frm=20&pv=1&ga_vid=1295465929.1691952835&ga_sid=1691952835&ga_hid=1885597197&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44798879%2C31076924%2C44795909%2C31076964&oid=2&pvsid=3193668809667926&tmod=1914473906&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4ZmjxXB3DV&p=http%3A//lanterman.web.fc2.com&dtd=268
Frame ID: 05427086F1F3B41A3600E3CE50DE84AB
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js
Frame ID: 36ADAB3B7A733070C436E547CD64F18D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js
Frame ID: 7E28D2A5CBBCB2CE0B21DD381AAC8812
Requests: 1 HTTP requests in this frame

Frame: https://media5.fc2.com/1187/
Frame ID: E48A91435121DEBFB22F02A7EF5E0BAA
Requests: 7 HTTP requests in this frame

Frame: https://media5.fc2.com/1188/
Frame ID: 0C1DCC005BADF39140215EFE66B6FFBB
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&adk=1812271804&adf=3025194257&lmt=1519982746&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x540_l%7C236x540_r&format=0x0&url=http%3A%2F%2Flanterman.web.fc2.com%2F&ea=0&pra=7&wgl=1&dt=1691952839588&bpp=2&bdt=7670&idt=2&shv=r20230809&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42bad3304dedf295-226bd67f4fde0054%3AT%3D1691952834%3ART%3D1691952834%3AS%3DALNI_MYB4o_B8D4tbLMIbeFtKwmTS_tC2A&gpic=UID%3D00000c5fcfa824f4%3AT%3D1691952834%3ART%3D1691952834%3AS%3DALNI_MbNxk68aMjcpdIoVPDq5ZvmMOWy7g&prev_fmts=235x600%2C800x280&nras=1&correlator=3780434554067&frm=20&pv=1&ga_vid=1295465929.1691952835&ga_sid=1691952835&ga_hid=1885597197&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44798879%2C31076924%2C44795909%2C31076964&oid=2&psts=AOrYGsmv54FBC4UxYS48Ha0zR2LFwb2aTMN8HJty3fhByoYc18g3BPSdwb6YGFplWiWXXA892sGhSovdQ3-qzB04vHOz3Xs6%2CAOrYGsnUP257caReTNRiowr6ow2cROaOkGJrrQPqf053Dtvv1nEKs1ML22LC5lWHqT-A8uOPZhUKSUYipsWLv_HcVZBtJe8g&pvsid=3193668809667926&tmod=1914473906&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=8
Frame ID: 10B3482336F08503AAD17FBD1FCEA639
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Flanterman.web.fc2.com
Frame ID: 78E3A90921E4379BA4E876DCFDA750AF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=90&adk=3779524255&adf=3105276512&pi=t.aa~a.1914032700~i.10~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1519982746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2593758635&ad_type=text_image&format=800x90&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1691952840364&bpp=1&bdt=8446&idt=1&shv=r20230809&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42bad3304dedf295-226bd67f4fde0054%3AT%3D1691952834%3ART%3D1691952834%3AS%3DALNI_MYB4o_B8D4tbLMIbeFtKwmTS_tC2A&gpic=UID%3D00000c5fcfa824f4%3AT%3D1691952834%3ART%3D1691952834%3AS%3DALNI_MbNxk68aMjcpdIoVPDq5ZvmMOWy7g&prev_fmts=235x600%2C800x280%2C0x0&nras=2&correlator=3780434554067&frm=20&pv=1&ga_vid=1295465929.1691952835&ga_sid=1691952835&ga_hid=1885597197&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=2676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44798879%2C31076924%2C44795909%2C31076964&oid=2&psts=AOrYGsmv54FBC4UxYS48Ha0zR2LFwb2aTMN8HJty3fhByoYc18g3BPSdwb6YGFplWiWXXA892sGhSovdQ3-qzB04vHOz3Xs6%2CAOrYGsnUP257caReTNRiowr6ow2cROaOkGJrrQPqf053Dtvv1nEKs1ML22LC5lWHqT-A8uOPZhUKSUYipsWLv_HcVZBtJe8g&pvsid=3193668809667926&tmod=1914473906&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=GUCzwuxu1D&p=http%3A//lanterman.web.fc2.com&dtd=4
Frame ID: 85567570F2CA0C8531C60A2ABC63EEFD
Requests: 1 HTTP requests in this frame

Frame: https://cache.send.microadinc.com/js/cookie_loader.html
Frame ID: C991A1B8036C4994AC18E21A9C9403E4
Requests: 2 HTTP requests in this frame

Frame: https://cache.send.microadinc.com/js/cookie_loader.html
Frame ID: 1B7CEABDDF3F23F5ACEA7929C72A8B97
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1j78d34eghtf3nwq5y499xqnagaffe228kh7jqfcyh6cn9tndazg16bgkqpf4417v9dgqtzjk6xf51sk2gx8m2ytxhpptzjcpvfz41jzpcf9t3kzvtt09fv0q2bs72pctrnmertwn2qdqc4b0rbmdg8prxben8p0rm3j3p1pk4bj2nr1gyxa6e0jhdm5ncd4s8q20q90yygw1zy8ymfq242w5shzqyysqs6ry5zecabzheppapta9p2f0bb2bcs46gt90jxz0kkqnasn6edat7fa5p1vn714wypge0rzxg8wq4twajaedryt9w7appna47rt13pcgmbbzrrr180t77xsxaspw30kbwj35pftqv7mrx3twz9crj2yc3f16c905dr06tjd9wcfafy8n890dhv42gpyq4znbx1a0xnhq5e1qwyf531fdhtyrwpsnvytdnqbc6dm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC60r1yCbZZOHtHJWZi9YPm8m-qA2Q4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02ODkwMjg3MjUwOTc1Njc5yAEJqQKoPV_hbl6yPqgDAcgDAqoE0wFP0Kj6kw_YJKaqynVRC8Hnh-WTyDHzfKXHZ_rcsLQB5fdswq73f1SuwrjWG901uYk-VZfUVwHrY6looc_oYIPBg5H-gWcC8OvQ6igX4rMn8v99a85xKLBDKieeThOnBWJWAIV7nc3tQ1h3Of0W14U2GuvaT9nDo5gKpyC1yaRPmIx3NrEQpL4FrahkVCxeGbiGtW2dpgfj8aBtHz_xqp-P2qc8V5ezIVXqWweMCs2A65jIwZ69H5rDMKnPRKEZb7dtKxUdd03matBexI7hY-uIJ6EZgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_19Dpq2VXb_6CFlO32pdhSDV2oglw%26client%3Dca-pub-6890287250975679%26adurl%3D
Frame ID: D40AD8A2163095D8DBBE029B96045279
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Frame ID: F77790A8A97C4FA500862F3221C856C3
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0E220E9962FD175644C4B72695608886
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 721DC6D7D48120EAE348804344299889
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=728&d=90&e=&g=77c3aefb32654489428a86b2740731b2%2F9564557610929476764&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1691952841074&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hj1de4t47316cr29hy61f5kpa489k9mtm3x3eczznewqbm394h2hf15nbnnmscqar8g7a5njw2kz5vzc3hczg2jspsyzw11vjqe0eh5fkrsjqzhkjtm9bhbxswv23mahy8gadbvjyd1vx87d6fpa3nxfsdvxy9qbefvfkba852g3n25xa3f8em6aax322h1p7063v1ekrtwzvzq5xydk6x71p0nygrvq9ey7xzf9k19jyck2erwdstxx7d42xj1qe2en7cc5695pjtbay7zckaz%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC60r1yCbZZOHtHJWZi9YPm8m-qA2Q4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02ODkwMjg3MjUwOTc1Njc5yAEJqQKoPV_hbl6yPqgDAcgDAqoE0wFP0Kj6kw_YJKaqynVRC8Hnh-WTyDHzfKXHZ_rcsLQB5fdswq73f1SuwrjWG901uYk-VZfUVwHrY6looc_oYIPBg5H-gWcC8OvQ6igX4rMn8v99a85xKLBDKieeThOnBWJWAIV7nc3tQ1h3Of0W14U2GuvaT9nDo5gKpyC1yaRPmIx3NrEQpL4FrahkVCxeGbiGtW2dpgfj8aBtHz_xqp-P2qc8V5ezIVXqWweMCs2A65jIwZ69H5rDMKnPRKEZb7dtKxUdd03matBexI7hY-uIJ6EZgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_19Dpq2VXb_6CFlO32pdhSDV2oglw%2526client%253Dca-pub-6890287250975679%2526adurl%253D&y=1&s=&z=0
Frame ID: B9AB08D2133D34D8BCB6C5ECAFBC4E34
Requests: 11 HTTP requests in this frame

Frame: https://cdn-fluct.sh.adingo.jp/f.js?G=1000107338
Frame ID: F286CA8319C8AAD8A754AE03AFA601E3
Requests: 7 HTTP requests in this frame

Frame: https://cdn-fluct.sh.adingo.jp/f.js?G=1000107337
Frame ID: 2A3F4DE753974034F6F24321AC67B1CF
Requests: 7 HTTP requests in this frame

Frame: https://cache.send.microadinc.com/js/cookie_loader.html
Frame ID: 77A1F961B1874BE0C5542C818461E829
Requests: 1 HTTP requests in this frame

Frame: https://cache.send.microadinc.com/js/cookie_loader.html
Frame ID: 180066B78549997B14D8B5EBC66DCEDA
Requests: 1 HTTP requests in this frame

Frame: https://spdeliver.i-mobile.co.jp/script/ads.js?20101001
Frame ID: 0B69307396195B504FB92440779F480C
Requests: 4 HTTP requests in this frame

Frame: https://spdeliver.i-mobile.co.jp/script/ads.js?20101001
Frame ID: 9E3A30AAB70A7F8D263AA41C875839D4
Requests: 4 HTTP requests in this frame

Frame: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=65803&asid=1544759&asn=1&width=300&height=250
Frame ID: 5EB823282260EDD1E10942ECB8C5AA4E
Requests: 4 HTTP requests in this frame

Frame: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=65803&asid=1544760&asn=1&width=728&height=90
Frame ID: 71499FF89127DB6325E1C5C58EF08CEF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Write My Essay : 100% Original Content - cost of attendance university of michigan law faculty - lanterman.web.fc2.comsearch

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

160
Requests

74 %
HTTPS

44 %
IPv6

40
Domains

70
Subdomains

53
IPs

9
Countries

2360 kB
Transfer

4936 kB
Size

18
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/hashtag/buyessay
Title: #buyessay

Search URL Search Domain Scan URL

URL: http://essaydot.conajans.com/free-essays/8/paper/university-of-california-berkeley-wellness-letter-april-2000-stock/
Title: university of california berkeley wellness letter april 2000 stock...

Search URL Search Domain Scan URL

URL: http://paymetodoyourhomework.ukessays.xyz/topic/4/paper/visit-malaysia-year-essay-help/
Title: visit malaysia year essay help...

Search URL Search Domain Scan URL

URL: http://custompaperwritingservice.grabmyessay.life/article/6/essay/lucas-jenkins-university-of-wisconsin/
Title: lucas jenkins university of wisconsin...

Search URL Search Domain Scan URL

URL: http://assignmentmasters.grabmyessay.life/topic/1/essay/how-do-i-start-my-essay-off/
Title: how do i start my essay off...

Search URL Search Domain Scan URL

URL: http://procustomwriting.init-ltd.com/article/2/paper/western-university-canada-location-video/
Title: western university canada location video...

Search URL Search Domain Scan URL

URL: http://craftanessay.coolessay.xyz/review/3/essay/university-of-ottawa-electronic-thesis-dissertation/
Title: university of ottawa electronic thesis dissertation...

Search URL Search Domain Scan URL

URL: http://web.fc2.com/
Title: Powered by FC2ホームページ

Search URL Search Domain Scan URL

URL: https://textad.net/cgi-bin/redir.cgi?uid=12572&bid=7&site=https://domain.fc2.com/

Search URL Search Domain Scan URL

URL: https://textad.net/cgi-bin/redir.cgi?uid=12572&bid=6&site=https://cart.fc2.com/

Search URL Search Domain Scan URL

URL: https://textad.net/cgi-bin/redir.cgi?uid=12572&bid=3&site=https://web.fc2.com/fc2html/wordpress.html

Search URL Search Domain Scan URL

URL: https://textad.net/cgi-bin/redir.cgi?uid=12572&bid=5&site=http://domain.fc2.com/ex/

Search URL Search Domain Scan URL

URL: https://textad.net/cgi-bin/redir.cgi?uid=12572&bid=1&site=https://contents.fc2.com/?tag=TXpjMk1EY3dOak09&dref=textad_general

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://www.southhaventribune.net/yahoo_site_admin/assets/images/Miller_WEB.10080613_std.jpg HTTP 301
https://www.heraldpalladium.com/southhaventribune/yahoo_site_admin/assets/images/Miller_WEB.10080613_std.jpg

Request Chain 10

http://s3.india.com/wp-content/uploads/2016/08/teacher.jpg HTTP 301
https://s3.india.com/wp-content/uploads/2016/08/teacher.jpg

Request Chain 11

http://www.woodlandsnaturalhealthcentre.co.uk/wp-content/uploads/2011/10/NicholaSaundersLeaflet_inside.jpg HTTP 301
https://www.woodlandsnaturalhealthcentre.co.uk/wp-content/uploads/2011/10/NicholaSaundersLeaflet_inside.jpg

Request Chain 13

http://cdn.shopify.com/s/files/1/0659/0325/files/kyle_field.jpg?1819117143250975351 HTTP 301
https://cdn.shopify.com/s/files/1/0659/0325/files/kyle_field.jpg?1819117143250975351

Request Chain 16

http://secularcoalition.info/KmVMGc?default_keyword=cost+of+attendance+university+of+michigan+law+faculty HTTP 302
http://ifigent.com/f.php?e=YYM612gmoEJ90h2CUi35P349fjRiV2xzbXNHOWJHd3U1U0o0S205ekhZSTZLWEFiTDBTekI0ODk1MjF1VW5rdThNVExrWGdNZ3ArSTk5Q21NWUhQQXNpLzZUYytUSlFLMWgycjBBZUh1NnJ2YzcyNWkwYUFnbXJ6YmFETUJHSkVUZVlpT2NXNmY5WG0yTWh0L0NWYWd2ZWg5YXU5ODN6Y0VQcDFGVW1vUlN6bzlKRkIzUE9Vc0hhcndBeXU2UG5oWitNTUkxbTRpVUdEcUFwSkYybUhwZU5GeTU3YitnaUZLRFFxMnNlNW1aSmZlbGxBQWZjdlJiL08ydmVSN2xlaEV0dTZubks1MVhlM3ZaQitsd3NvSHV5enhIVllQZjRhU3R1OG9MUXpkZFgwK3REYm5QVE1TTEFteGxNbEZDYVFhR3FoNTBETHhkY1VLWEUzejFSSysxaGxBYnZ2d05Zek5OZXd1WWZibGZNTzQ4NFdJZFVCOWpmVU1ycjVUdE0wM3NQeTJKSHVpNmJlRnJsZktwZ29sT2VNaWN4d1ZJR2NDZk9oekoyNllyeCtnZ2RVSnBHVzNwcnNXWklZL3hPWjQ0R3Y0T2VoYjdjRWhaNmxoQVRwNEROcXl4ZVJkVlRYWCs5Slp4TUU0Y0VzYmwvbk5adlpVWWxLN2VyUVpMS0YxZWJOejRIK2l3aWlXUEhxeUxQSWZWRmhNZXpqdTRPaDhmRVRDTFZZakppc2FvcW43L0t1dGY2RUI3ZkVDQ2Y3L2Q1em9WZjgxUjdYemwrQnNQK3M2bDlyNHpXUmRBTlArcGZkY3NrcmdYUjFBQU5reFVHOFhYdkFpUmg1dnV4MjNIbStUV3pXbExaRGZ0Zi8rMlNCb3VQb0tYeGc0Nk5ZUCt5dDVSQjlhditpL1RhOVpHYkNpRHgwcXd5cC9keEtmdlAyd0NVanEwTVhXT2htcmtuRFpMWkFsR1h6TnppTHUxTGN2QnlCYml3Q2xYZGRxbS9rQ2JCWnBnQ0RzNTdRSjVCVi9HbHU5Q1lvd20yUHdZTE10V2hEOUF1REpnSWNPcFdLTFRXWEwybWFGUjcxVG9uMTJoY3p6SkI4bjZUcGQ0V1ZyaExvczJpeHI5dVRVVFJLODdjckNWL2RWdDYzK3RhOUdqdG1RPT0%3D

Request Chain 55

https://googleads.g.doubleclick.net/pagead/adview?ai=CahjxwibZZNuQOea8tOUP1KKvqA2jxtOKcs-h0trHEc-nyrHiNhABIKv6jB5glaqfgrAHoAH6vfzeKMgBCakCqD1f4W5esj6oAwHIA8sEqgSFAk_QYUmDpG1YSjK4GhFtRzMsSt4vWYtXcRHYeIvFnT2SynYxojzHfBlHwrsxiYTyBK4bURNYLIVArMwg706wCty5PoIBARc613FRfJeEUjQtz3XmWGM-vswVb1KM3bqXMVLJ5gEsDJR1KvbQ1oP9sdBeYQPN8IvIMuLjN6g7YmXNb1S96MI2ydystfvqzrPlpL1bM8z3ea__vqWLediqQIF99tCZ_Iw7IHt7PipU0LsR1IZinZk8GhXrY8KSEUgXzC8J1ICRp_HiQJk5W-REbC5Hi8boCgj-mLjDLw-zkfjx9ETW1D_Dj6ijF87MIph5JwtHIHB2p1ntrAZgBQKIfktmENB4jMAEsdTc1J4EkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_r1zL4DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQh80e0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJJmh0dHBzOi8vd3d3LmFtbWluaXN0cmF0b3JpZGlzaXN0ZW1hLml0gAoByAsBogwIKgYKBMOwsQK4E-QD2BMM0BUBgBcBshccChoIABIUcHViLTY4OTAyODcyNTA5NzU2NzkYAA&sigh=pLPCfY4pD0s&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWfcmsGXUkR2uyoCGljfn6IPESf-nEXRgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222899636665083120996%22,%22debug_reporting%22:true,%22destination%22:%22https://amministratoridisistema.it%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210936590074%22],%224%22:[%2208-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228623023791542335201%22}&andc=true

Request Chain 58

https://googleads.g.doubleclick.net/pagead/adview?ai=CveDhwibZZLnUN9qstOUPopWX8Az5zvnBcfmf95CFDv_1kOPXAhABIKv6jB5glaqfgrAHoAGUx4W7AcgBCakCqD1f4W5esj6oAwHIA8sEqgSPAk_QY8N9PY8vf-cslKXW3dfX7bgOfNjFZA6qy_zTkEsFqB39liqTTYBY91_x1UOd6KANuq8WQ_WyMxbbakrkzPEFbyVhZTY_oC3k0TSIrJztwRKkmYv-AKWMoCC3lBRQrEoKCsrOKXIDsHYxmNbhukDB3eNnJyOWfCjpfpevIl-9REcfdgnP5DIgvG4cPoLwpEzlKDYDVDHVPGlIMgpQEqFmor_V-cAcOa-rejtYmxyyXCvbvpvt4MwZo_fhgjXKvc4uZatly4iST5DrBOw86YylVfJ_txPUbfVSDQRaTizS_QrZAvRbe4MufDzw25vInnhpXzLJ6WAzBtePSd5dr9_aSGqdUnksgt_hwzAt_hnABPGxjpzNA5IFBAgEGAGSBQQIBRgEoAYugAfUuPrEAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKOSDdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCRtodHRwczovL2xpZ2Fwcm9kdWN0aW9uLmNvbS-ACgHICwGiDBAqDgoMw7CxAuS0sQLutbEC2BMNiBQB0BUBgBcBshccChoIABIUcHViLTY4OTAyODcyNTA5NzU2NzkYAA&sigh=QlK1wxxIjAo&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWgF-62J2modnL42H4mT042I4XhdlO7BgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211190892587185888297%22,%22debug_reporting%22:true,%22destination%22:%22https://ligaproduction.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22392258452%22],%224%22:[%2208-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217807405607687943793%22}&andc=true

Request Chain 77

https://j.microad.net/js/compass.js HTTP 302
https://jgl.microad.net/js/compass.js

Request Chain 87

https://j.microad.net/js/compass.js HTTP 302
https://jgl.microad.net/js/compass.js

Request Chain 103

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGRNcmtOmwW1VFsmkVRWI70&google_cver=1&google_push=AXcoOmRDpXZK8zuzqwstSlPnrFsQM8focGPPEH_Rj8XrI-3SBhYYVc2qV9cr3iWLaw3ThTJeUgyZOip7KSmqG6fV3ErUKln0XIdV_DCriQ0bva1p68MFDfarl5jHdEvPDTCb9fxYHRWZV3xbsqU8wVY7Y1B586I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDYwOTYyNDgyMjMwNDM2NzIwMg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGRNcmtOmwW1VFsmkVRWI70&google_cver=1

Request Chain 104

https://a.tribalfusion.com/i.match?p=b6&u=CAESECZlqHwzA2o7omJZM98LjDI&google_cver=1&google_push=AXcoOmRL8ODAFwHggp1JRNj_xeBHHDj9Bk_pHj6MUhR4awxIHj7ACyKQMQCrKiPPQizb6mH7EDQuGh0F_oPJYah4uzvHbr6n3vM9JV8ydJNs2Oo-1dD9My6Woqi_c1TXufDCeBXz-WdSEeULO6_pltpk-s7NZC8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRL8ODAFwHggp1JRNj_xeBHHDj9Bk_pHj6MUhR4awxIHj7ACyKQMQCrKiPPQizb6mH7EDQuGh0F_oPJYah4uzvHbr6n3vM9JV8ydJNs2Oo-1dD9My6Woqi_c1TXufDCeBXz-WdSEeULO6_pltpk-s7NZC8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECZlqHwzA2o7omJZM98LjDI&google_cver=1&google_push=AXcoOmRL8ODAFwHggp1JRNj_xeBHHDj9Bk_pHj6MUhR4awxIHj7ACyKQMQCrKiPPQizb6mH7EDQuGh0F_oPJYah4uzvHbr6n3vM9JV8ydJNs2Oo-1dD9My6Woqi_c1TXufDCeBXz-WdSEeULO6_pltpk-s7NZC8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRL8ODAFwHggp1JRNj_xeBHHDj9Bk_pHj6MUhR4awxIHj7ACyKQMQCrKiPPQizb6mH7EDQuGh0F_oPJYah4uzvHbr6n3vM9JV8ydJNs2Oo-1dD9My6Woqi_c1TXufDCeBXz-WdSEeULO6_pltpk-s7NZC8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 106

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOYd6skpjUXe4xnYIoBQt2w&google_cver=1&google_push=AXcoOmQb59HWdxqzlieARkW2dFnf6jFMGHL5GVbHaFbvUvEQi6PMBj21GR3699vuPVBnrog5vD9haQWWmVR3O_HgsegHTi8MiCdkHlyl8jGlhpjkML9OUf55x_ASShImUqgNvFViPV-QGd0jYFd3nV-HSHiPr1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQb59HWdxqzlieARkW2dFnf6jFMGHL5GVbHaFbvUvEQi6PMBj21GR3699vuPVBnrog5vD9haQWWmVR3O_HgsegHTi8MiCdkHlyl8jGlhpjkML9OUf55x_ASShImUqgNvFViPV-QGd0jYFd3nV-HSHiPr1A&google_hm=eS16SHdyMkE5RTJwSDhwOHVScmR5R3pPbnNZUkhkSFhDZH5B

Request Chain 109

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESENm5TpwVFYmxHsMGpzhJSi4&google_cver=1&google_push=AXcoOmT4dwU3ypIdvLIWTyfg2P88grPk5T3uGmtzoskIR-zlTI_OGzkCANpr44KgZY2enBqCN8cDAi4GZeZimmUBuxyif71sVDe2eo2ZT5v3tQwQ9Bxk4mNbntQznDUDSSIcGuCdZtIJ-6rd5MhtxK7DZYYvL4xn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmT4dwU3ypIdvLIWTyfg2P88grPk5T3uGmtzoskIR-zlTI_OGzkCANpr44KgZY2enBqCN8cDAi4GZeZimmUBuxyif71sVDe2eo2ZT5v3tQwQ9Bxk4mNbntQznDUDSSIcGuCdZtIJ-6rd5MhtxK7DZYYvL4xn&google_hm=zxxoVEkYQw6Ok5uEkiLwQck

Request Chain 129

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117683V1226132702M%26subid%3Dviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNH-zMCn2oADFazzEQgdmx8Nuw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117683V1226132702M%26subid%3Dviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117683V1226132702M&subid=viewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117683V1226132702M&subid=viewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023081320540187860314039X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023081320540187860314039X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117683&partnerid=12218

Request Chain 132

https://pv.medialead.de/trck/epv/2aed39855b5f46b777481d90b61d111f?t=htlp&subid=oneidzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3koneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3koneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=456654&produktid=Freshmoney&dt_url=

Request Chain 139

https://j.microad.net/js/compass.js HTTP 302
https://jgl.microad.net/js/compass.js

Request Chain 141

https://j.microad.net/js/compass.js HTTP 302
https://jgl.microad.net/js/compass.js

160 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
lanterman.web.fc2.com/ 25 KB
26 KB 544ms
180ms Document
text/html 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL

http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache / ModLayout/5.1

Resource Hash

9cf26fb9689fd8a0cca272392d51ec09f0bb015df6ca4301834f56336cdfbbb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: close
Content-Type: text/html
Date: Sun, 13 Aug 2023 18:53:51 GMT
Last-Modified: Fri, 02 Mar 2018 10:25:46 GMT
Server: Apache
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Powered-By: ModLayout/5.1
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
lanterman.web.fc2.com// 69 KB
10 KB 189ms
188ms Stylesheet
text/css 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL

http://lanterman.web.fc2.com//style.css

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

be00c6b021883cb1684551714783bace4a657281ebdf833b2a5ff8a56e206bd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:53:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:25:13 GMT
Server: Apache
ETag: "114f3-5666b643ff440-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 9839
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.responsive.css
lanterman.web.fc2.com// 11 KB
2 KB 356ms
182ms Stylesheet
text/css 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL

http://lanterman.web.fc2.com//style.responsive.css

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

c6c572a51db4b19008dfcde69a5aab55e9cdbce88c99c7ad02f4d44eb939c681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:53:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:25:17 GMT
Server: Apache
ETag: "2c7a-5666b647cfd40-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 2076
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.js Show response
lanterman.web.fc2.com// 90 KB
32 KB 352ms
179ms Script
application/javascript 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL

http://lanterman.web.fc2.com//jquery.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:53:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:25:05 GMT
Server: Apache
ETag: "169d9-5666b63c5e240-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 32784
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK script.js Show response
lanterman.web.fc2.com// 57 KB
13 KB 349ms
176ms Script
application/javascript 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL

http://lanterman.web.fc2.com//script.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

0a87ba00eee82758c065fb6b0a604e671c9b39f6ea918bdc0a31dc44fb8ad9ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:53:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:25:08 GMT
Server: Apache
ETag: "e482-5666b63f3a900-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 12464
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK script.responsive.js Show response
lanterman.web.fc2.com// 22 KB
5 KB 347ms
175ms Script
application/javascript 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL

http://lanterman.web.fc2.com//script.responsive.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

bac62b9a825a47764961c656e99d737ad97e9dfe8f1480607c652b284a1131c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:53:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:25:10 GMT
Server: Apache
ETag: "56cc-5666b64122d80-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 4480
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK qwertymin.js Show response
lanterman.web.fc2.com//images/ 449 B
691 B 525ms
186ms Script
application/javascript 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL

http://lanterman.web.fc2.com//images/qwertymin.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

404b9260afb4ca4d67d51bc3ab9c58e6d139d47f9c1218a78ecac1492e0e3002

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:53:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:24:39 GMT
Server: Apache
ETag: "1c1-5666b623927c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 328
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
54 KB 63ms
57ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d326ac5d919245c58c8a7b05632f9933a9973d5f16a5df3f472198cb13c3f2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:53:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54211
X-XSS-Protection: 0
Server: cafe
ETag: 6792628305712701432
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Sun, 13 Aug 2023 18:53:52 GMT

GET
H2

404

Miller_WEB.10080613_std.jpg
www.heraldpalladium.com/southhaventribune/yahoo_site_admin/assets/images/
Redirect Chain

http://www.southhaventribune.net/yahoo_site_admin/assets/images/Miller_WEB.10080613_std.jpg
https://www.heraldpalladium.com/southhaventribune/yahoo_site_admin/assets/images/Miller_WEB.10080613_std.jpg

0
0

821ms
103ms

Image
text/html

192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldpalladium.com/southhaventribune/yahoo_site_admin/assets/images/Miller_WEB.10080613_std.jpg
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Redirect headers

location: https://www.heraldpalladium.com/southhaventribune/yahoo_site_admin/assets/images/Miller_WEB.10080613_std.jpg
date: Sun, 13 Aug 2023 18:53:52 GMT
cache-control: public, max-age=86400
content-length: 0

GET
H2 404 promo316932033.jpg
localtvwqad.files.wordpress.com/2017/04/ 0
0 65ms
22ms Image
text/html 192.0.72.21
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://localtvwqad.files.wordpress.com/2017/04/promo316932033.jpg?quality=85&strip=all&w=1200
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.21 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET chavez-ian.jpg
mcnair.indiana.edu/img/current-students/ 0
0

GET
H2

200

teacher.jpg
s3.india.com/wp-content/uploads/2016/08/
Redirect Chain

http://s3.india.com/wp-content/uploads/2016/08/teacher.jpg
https://s3.india.com/wp-content/uploads/2016/08/teacher.jpg

37 KB
38 KB

602ms
578ms

Image
image/avif

2a02:26f0:7100::210:162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.india.com/wp-content/uploads/2016/08/teacher.jpg

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Server

2a02:26f0:7100::210:162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

7320a35f8f5fbfd28be89b5588d9cee9dbdbd09151d4ce002da3fce47140e163

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'; base-uri 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' https:; script-src 'strict-dynamic' '509d3a638bdedea59f28b3ac35f6ee226fc1beb8798e69f263cd9edc619f4423' 'unsafe-inline' https:
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' https:; script-src 'strict-dynamic' '509d3a638bdedea59f28b3ac35f6ee226fc1beb8798e69f263cd9edc619f4423' 'unsafe-inline' https:
date: Sun, 13 Aug 2023 18:53:54 GMT
last-modified: Fri, 05 May 2023 21:12:40 GMT
server: Akamai Image Manager
etag: "93205477b665c2a1f1d5344deba6c679"
x-frame-options: DENY
content-type: image/avif
cache-control: public, max-age=2592000
content-length: 38110
expires: Thu, 24 Aug 2023 18:54:42 GMT

Redirect headers

Location: https://s3.india.com/wp-content/uploads/2016/08/teacher.jpg
Date: Sun, 13 Aug 2023 18:53:53 GMT
Cache-Control: public, max-age=2592000
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0
Expires: Sun, 13 Aug 2023 18:53:53 GMT

GET
H2

404

NicholaSaundersLeaflet_inside.jpg
www.woodlandsnaturalhealthcentre.co.uk/wp-content/uploads/2011/10/
Redirect Chain

http://www.woodlandsnaturalhealthcentre.co.uk/wp-content/uploads/2011/10/NicholaSaundersLeaflet_inside.jpg
https://www.woodlandsnaturalhealthcentre.co.uk/wp-content/uploads/2011/10/NicholaSaundersLeaflet_inside.jpg

0
0

1788ms
1764ms

Image
text/html

92.205.2.206
GODADDY-SXB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.woodlandsnaturalhealthcentre.co.uk/wp-content/uploads/2011/10/NicholaSaundersLeaflet_inside.jpg
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Server: 92.205.2.206 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS: 206.2.205.92.host.secureserver.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Redirect headers

Date: Sun, 13 Aug 2023 18:53:54 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://www.woodlandsnaturalhealthcentre.co.uk/wp-content/uploads/2011/10/NicholaSaundersLeaflet_inside.jpg
Cache-Control: max-age=180
Connection: Keep-Alive
Keep-Alive: timeout=5
Content-Length: 315
Expires: Sun, 13 Aug 2023 18:56:54 GMT

GET
H/1.1 200
OK people_flowers.jpg
www.cusys.edu/newsletter/2010/03-24/images/ 8 KB
8 KB 548ms
139ms Image
image/jpeg 204.228.68.58
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cusys.edu/newsletter/2010/03-24/images/people_flowers.jpg
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.228.68.58 Denver, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: www.cusys.edu
Software: /
Resource Hash: 863395d0e38e9c9c42ff78d3c7ecaf11f3423b5734ccf09cf08e0331f444fbbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:53:55 GMT
Last-Modified: Wed, 24 Mar 2010 18:36:36 GMT
ETag: "209c-4829035c75500"
Content-Type: image/jpeg
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Connection: Keep-Alive
Accept-Ranges: bytes
X-UIS: AX active
Keep-Alive: timeout=5, max=100
Content-Length: 8348

GET
H2

200

kyle_field.jpg
cdn.shopify.com/s/files/1/0659/0325/files/
Redirect Chain

http://cdn.shopify.com/s/files/1/0659/0325/files/kyle_field.jpg?1819117143250975351
https://cdn.shopify.com/s/files/1/0659/0325/files/kyle_field.jpg?1819117143250975351

167 KB
168 KB

176ms
158ms

Image
image/webp

23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0659/0325/files/kyle_field.jpg?1819117143250975351

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

f82333103a1080f1da5da0c384159e0f10307305ea2b611289285f3da136c0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:53:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
source-type: image/jpeg
server-timing: imagery;dur=206.057, imageryFetch;dur=76.095, imageryProcess;dur=128.129;desc="image", cfRequestDuration;dur=151.000023
source-length: 315495
content-length: 171056
x-xss-protection: 1; mode=block
x-request-id: cc2e620c-1c42-4dd8-b35b-f5a9c9e11afe
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Aug 2023 01:35:42 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06xobL7R38v9yRkq81WrOKI7%2Bgya4ExtPqXU669Ff184ROI7PuyIehVx2l4QQnu7Gah7C745l5R6qxScJ74P5Rez5ck9PtUgtVdeK%2BaI1YL%2BDF%2B7fcOSgo739StUKswSiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0659/0325/files/kyle_field.jpg>; rel="canonical"
cf-ray: 7f6329e03b9a3644-FRA

Redirect headers

Date: Sun, 13 Aug 2023 18:53:54 GMT
X-Content-Type-Options: nosniff
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1viIU6wraRtYLlEAByMY9Mg4scW1%2F9FlOMYmBT0W9zXLV%2BwV5SglfPVoVIRLfhrpK%2B347TRn8DizqkC6Wc9szL4nL%2F8eTPHHQwX0GLARRYea8Iu7%2BFkFWYSPQeT%2F8H9eg%3D%3D"}],"group":"cf-nel","max_age":604800}
Location: https://cdn.shopify.com/s/files/1/0659/0325/files/kyle_field.jpg?1819117143250975351
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
Server-Timing: cfRequestDuration;dur=13.000011
CF-RAY: 7f6329dfec696937-FRA
alt-svc: h3=":443"; ma=86400
Expires: Sun, 13 Aug 2023 19:53:54 GMT

GET VSIZAIANZRGNVOO.20151009142942.jpg
image.cdnllnwnl.xosnetwork.com/pics33/800/VS/ 0
0

GET
H/1.1 200
Ok counter_img.php
media.fc2.com/ 43 B
346 B 361ms
173ms Image
image/gif 104.244.99.58
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://media.fc2.com/counter_img.php?id=50
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: HTTP/1.1
Server: 104.244.99.58 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: b7f62f924ea7b82ad409df09417c32e7ace002d292675841dcfeeecc28a25925

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Aug 2023 18:53:54 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

f.php Show response
ifigent.com/
Redirect Chain

http://secularcoalition.info/KmVMGc?default_keyword=cost+of+attendance+university+of+michigan+law+faculty
http://ifigent.com/f.php?e=YYM612gmoEJ90h2CUi35P349fjRiV2xzbXNHOWJHd3U1U0o0S205ekhZSTZLWEFiTDBTekI0ODk1MjF1VW5rdThNVExrWGdNZ3ArSTk5Q21NWUhQQXNpLzZUYytUSlFLMWgycjBBZUh1NnJ2YzcyNWkwYUFnbXJ6YmFETUJHSk...

0
0

781ms
155ms

Script
text/html

103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://ifigent.com/f.php?e=YYM612gmoEJ90h2CUi35P349fjRiV2xzbXNHOWJHd3U1U0o0S205ekhZSTZLWEFiTDBTekI0ODk1MjF1VW5rdThNVExrWGdNZ3ArSTk5Q21NWUhQQXNpLzZUYytUSlFLMWgycjBBZUh1NnJ2YzcyNWkwYUFnbXJ6YmFETUJHSkVUZVlpT2NXNmY5WG0yTWh0L0NWYWd2ZWg5YXU5ODN6Y0VQcDFGVW1vUlN6bzlKRkIzUE9Vc0hhcndBeXU2UG5oWitNTUkxbTRpVUdEcUFwSkYybUhwZU5GeTU3YitnaUZLRFFxMnNlNW1aSmZlbGxBQWZjdlJiL08ydmVSN2xlaEV0dTZubks1MVhlM3ZaQitsd3NvSHV5enhIVllQZjRhU3R1OG9MUXpkZFgwK3REYm5QVE1TTEFteGxNbEZDYVFhR3FoNTBETHhkY1VLWEUzejFSSysxaGxBYnZ2d05Zek5OZXd1WWZibGZNTzQ4NFdJZFVCOWpmVU1ycjVUdE0wM3NQeTJKSHVpNmJlRnJsZktwZ29sT2VNaWN4d1ZJR2NDZk9oekoyNllyeCtnZ2RVSnBHVzNwcnNXWklZL3hPWjQ0R3Y0T2VoYjdjRWhaNmxoQVRwNEROcXl4ZVJkVlRYWCs5Slp4TUU0Y0VzYmwvbk5adlpVWWxLN2VyUVpMS0YxZWJOejRIK2l3aWlXUEhxeUxQSWZWRmhNZXpqdTRPaDhmRVRDTFZZakppc2FvcW43L0t1dGY2RUI3ZkVDQ2Y3L2Q1em9WZjgxUjdYemwrQnNQK3M2bDlyNHpXUmRBTlArcGZkY3NrcmdYUjFBQU5reFVHOFhYdkFpUmg1dnV4MjNIbStUV3pXbExaRGZ0Zi8rMlNCb3VQb0tYeGc0Nk5ZUCt5dDVSQjlhditpL1RhOVpHYkNpRHgwcXd5cC9keEtmdlAyd0NVanEwTVhXT2htcmtuRFpMWkFsR1h6TnppTHUxTGN2QnlCYml3Q2xYZGRxbS9rQ2JCWnBnQ0RzNTdRSjVCVi9HbHU5Q1lvd20yUHdZTE10V2hEOUF1REpnSWNPcFdLTFRXWEwybWFGUjcxVG9uMTJoY3p6SkI4bjZUcGQ0V1ZyaExvczJpeHI5dVRVVFJLODdjckNWL2RWdDYzK3RhOUdqdG1RPT0%3D
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Redirect headers

location: http://ifigent.com/f.php?e=YYM612gmoEJ90h2CUi35P349fjRiV2xzbXNHOWJHd3U1U0o0S205ekhZSTZLWEFiTDBTekI0ODk1MjF1VW5rdThNVExrWGdNZ3ArSTk5Q21NWUhQQXNpLzZUYytUSlFLMWgycjBBZUh1NnJ2YzcyNWkwYUFnbXJ6YmFETUJHSkVUZVlpT2NXNmY5WG0yTWh0L0NWYWd2ZWg5YXU5ODN6Y0VQcDFGVW1vUlN6bzlKRkIzUE9Vc0hhcndBeXU2UG5oWitNTUkxbTRpVUdEcUFwSkYybUhwZU5GeTU3YitnaUZLRFFxMnNlNW1aSmZlbGxBQWZjdlJiL08ydmVSN2xlaEV0dTZubks1MVhlM3ZaQitsd3NvSHV5enhIVllQZjRhU3R1OG9MUXpkZFgwK3REYm5QVE1TTEFteGxNbEZDYVFhR3FoNTBETHhkY1VLWEUzejFSSysxaGxBYnZ2d05Zek5OZXd1WWZibGZNTzQ4NFdJZFVCOWpmVU1ycjVUdE0wM3NQeTJKSHVpNmJlRnJsZktwZ29sT2VNaWN4d1ZJR2NDZk9oekoyNllyeCtnZ2RVSnBHVzNwcnNXWklZL3hPWjQ0R3Y0T2VoYjdjRWhaNmxoQVRwNEROcXl4ZVJkVlRYWCs5Slp4TUU0Y0VzYmwvbk5adlpVWWxLN2VyUVpMS0YxZWJOejRIK2l3aWlXUEhxeUxQSWZWRmhNZXpqdTRPaDhmRVRDTFZZakppc2FvcW43L0t1dGY2RUI3ZkVDQ2Y3L2Q1em9WZjgxUjdYemwrQnNQK3M2bDlyNHpXUmRBTlArcGZkY3NrcmdYUjFBQU5reFVHOFhYdkFpUmg1dnV4MjNIbStUV3pXbExaRGZ0Zi8rMlNCb3VQb0tYeGc0Nk5ZUCt5dDVSQjlhditpL1RhOVpHYkNpRHgwcXd5cC9keEtmdlAyd0NVanEwTVhXT2htcmtuRFpMWkFsR1h6TnppTHUxTGN2QnlCYml3Q2xYZGRxbS9rQ2JCWnBnQ0RzNTdRSjVCVi9HbHU5Q1lvd20yUHdZTE10V2hEOUF1REpnSWNPcFdLTFRXWEwybWFGUjcxVG9uMTJoY3p6SkI4bjZUcGQ0V1ZyaExvczJpeHI5dVRVVFJLODdjckNWL2RWdDYzK3RhOUdqdG1RPT0%3D
date: Sun, 13 Aug 2023 18:53:52 GMT
cache-control: max-age=0, private, must-revalidate
server: nginx
connection: close
content-length: 11

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 35ms
12ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (via/F338) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:53:54 GMT
Content-Encoding: gzip
Age: 18
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (via/F338)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 cse.js Show response
cse.google.com/ 9 KB
4 KB 77ms
35ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=008587068278864670770:l6eqms_gbn0

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

df13cdf027f73eca497da1fecd5886b0aa885c006ba1713d53b4dab90eea9078

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-VBfArLVHsGrRSKyXP_kh5w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-VBfArLVHsGrRSKyXP_kh5w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Sun, 13 Aug 2023 18:53:54 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2980
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Sun, 13 Aug 2023 18:53:54 GMT

GET
H/1.1 200
OK / Show response
vip.chps-api.fc2.com/apis/footer/ 1 KB
1020 B 4425ms
4214ms Script
application/javascript 104.244.99.106
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL

http://vip.chps-api.fc2.com/apis/footer/?charset=UTF-8&url=http%3A%2F%2Flanterman.web.fc2.com%2F&service=0&r=13159312631

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

104.244.99.106 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

2f1062b5e1af2cc8a151377ca403596d9c62d3a11512d8d7cc821945c5329929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Aug 2023 18:53:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 13 Aug 2023 18:53:58 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 498
X-XSS-Protection: 1; mode=block
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK page.jpg
lanterman.web.fc2.com//images/ 261 KB
261 KB 353ms
180ms Image
image/jpeg 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lanterman.web.fc2.com//images/page.jpg

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com//style.css

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

b7dad492260920af7d4a7996d2d662cca8f0d8aebef97c420eb89e5b4fc2cc9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com//style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:53:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:24:22 GMT
Server: Apache
ETag: "412ea-5666b6135c180"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 266986
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK header.png
lanterman.web.fc2.com//images/ 2 KB
2 KB 349ms
177ms Image
image/png 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lanterman.web.fc2.com//images/header.png

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com//style.css

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

e06a517c8ef78e142c00c1217c5a3e48c1c31dd55813530c225763ecf688b92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com//style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:53:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:24:01 GMT
Server: Apache
ETag: "6cb-5666b5ff55240"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 1739
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK object0.png
lanterman.web.fc2.com//images/ 12 KB
12 KB 363ms
178ms Image
image/png 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lanterman.web.fc2.com//images/object0.png

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com//style.css

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

3afca5001b290bb09b9b371385e12e24044a65eb613cb2928394a2ad0ea760d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com//style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:53:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:24:11 GMT
Server: Apache
ETag: "308c-5666b608de8c0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 12428
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK vmenuactiveitemicon.png
lanterman.web.fc2.com//images/ 1 KB
1 KB 341ms
181ms Image
image/png 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lanterman.web.fc2.com//images/vmenuactiveitemicon.png

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com//style.css

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

d1b526c5b87c80b5d6b9ec64df85a97e40578e2cd3c91f2f039a0709b1eb02ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com//style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:53:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:24:56 GMT
Server: Apache
ETag: "4b7-5666b633c8e00"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 1207
X-XSS-Protection: 1; mode=block

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ 369 KB
126 KB 101ms
77ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890287250975679&plah=lanterman.web.fc2.com&bust=31076964

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6221d85a14aa1c1295dd6246bf5d4358c1aad104ba76b2f44ad1febb1df7db7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:53:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128223
x-xss-protection: 0
server: cafe
etag: 16724320417914055663
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 18:53:54 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/ Frame 6032 10 KB
5 KB 28ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22789
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 12:34:05 GMT
etag: 12368291122986407432
expires: Sun, 27 Aug 2023 12:34:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/e992cd4de3c7044f/ 309 KB
103 KB 32ms
9ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/e992cd4de3c7044f/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=008587068278864670770:l6eqms_gbn0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07d241ae62c2c40e9c20c169b35cf9bda9b3e99cba1e5ad4f86351364156c290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 13:15:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105313
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 17:25:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 11 Aug 2024 13:15:32 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/e992cd4de3c7044f/ 41 KB
9 KB 30ms
8ms Stylesheet
text/css 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/e992cd4de3c7044f/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=008587068278864670770:l6eqms_gbn0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 12:06:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9102
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 17:25:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 11 Aug 2024 12:06:03 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 31ms
8ms Stylesheet
text/css 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=008587068278864670770:l6eqms_gbn0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 13 Aug 2023 19:01:46 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 381 B
599 B 69ms
16ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=lanterman.web.fc2.com&callback=_gfp_s_&client=ca-pub-6890287250975679

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890287250975679&plah=lanterman.web.fc2.com&bust=31076964

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02438533ee92c1e1f21324e531af7201a48ef35e053069d1f071871b496a132b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C3A7 116 KB
39 KB 837ms
836ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=600&slotname=3865380065&adk=2462822920&adf=233326967&pi=t.ma~as.3865380065&w=235&fwrn=4&fwrnh=100&lmt=1519982746&rafmt=1&format=235x600&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1691952834554&bpp=3&bdt=2636&idt=246&shv=r20230809&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&correlator=3780434554067&frm=20&pv=2&ga_vid=1295465929.1691952835&ga_sid=1691952835&ga_hid=1885597197&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=270&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44798879%2C31076924%2C44795909%2C31076964&oid=2&pvsid=3193668809667926&tmod=1914473906&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Pgg0nGLOcn&p=http%3A//lanterman.web.fc2.com&dtd=259

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ea384701e69ebac801cb86b74152ca345dd2903352c1738eddd88bd0bc0a582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40053
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 18:53:55 GMT
expires: Sun, 13 Aug 2023 18:53:55 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0542 103 KB
36 KB 600ms
599ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=280&slotname=3865380065&adk=3534818277&adf=2051345969&pi=t.ma~as.3865380065&w=800&fwrn=4&fwrnh=100&lmt=1519982746&rafmt=1&format=800x280&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1691952834557&bpp=1&bdt=2639&idt=264&shv=r20230809&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=235x600&correlator=3780434554067&frm=20&pv=1&ga_vid=1295465929.1691952835&ga_sid=1691952835&ga_hid=1885597197&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44798879%2C31076924%2C44795909%2C31076964&oid=2&pvsid=3193668809667926&tmod=1914473906&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4ZmjxXB3DV&p=http%3A//lanterman.web.fc2.com&dtd=268

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71c9214e254a57b8b18d952bde87f2080a70f117a04f103daa5b91ca83e2d591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36987
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 18:53:55 GMT
expires: Sun, 13 Aug 2023 18:53:55 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 0542 4 KB
1 KB 43ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=280&slotname=3865380065&adk=3534818277&adf=2051345969&pi=t.ma~as.3865380065&w=800&fwrn=4&fwrnh=100&lmt=1519982746&rafmt=1&format=800x280&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1691952834557&bpp=1&bdt=2639&idt=264&shv=r20230809&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=235x600&correlator=3780434554067&frm=20&pv=1&ga_vid=1295465929.1691952835&ga_sid=1691952835&ga_hid=1885597197&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44798879%2C31076924%2C44795909%2C31076964&oid=2&pvsid=3193668809667926&tmod=1914473906&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4ZmjxXB3DV&p=http%3A//lanterman.web.fc2.com&dtd=268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Aug 2023 18:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 17:36:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Aug 2023 18:53:55 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 0542 2 KB
926 B 39ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 05:41:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47538
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Aug 2023 05:41:37 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 0542 23 KB
9 KB 21ms
12ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 05:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Aug 2023 05:41:38 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 0542 3 KB
1 KB 19ms
10ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 21:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 21:30:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 0542 20 KB
8 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Aug 2023 07:29:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0542 179 KB
57 KB 78ms
52ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Aug 2023 18:53:55 GMT

GET
H2 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame 0542 33 KB
14 KB 35ms
8ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 09:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 09:59:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C3A7 14 KB
1 KB 39ms
17ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=600&slotname=3865380065&adk=2462822920&adf=233326967&pi=t.ma~as.3865380065&w=235&fwrn=4&fwrnh=100&lmt=1519982746&rafmt=1&format=235x600&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1691952834554&bpp=3&bdt=2636&idt=246&shv=r20230809&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&correlator=3780434554067&frm=20&pv=2&ga_vid=1295465929.1691952835&ga_sid=1691952835&ga_hid=1885597197&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=270&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44798879%2C31076924%2C44795909%2C31076964&oid=2&pvsid=3193668809667926&tmod=1914473906&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Pgg0nGLOcn&p=http%3A//lanterman.web.fc2.com&dtd=259

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Aug 2023 18:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 17:32:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Aug 2023 18:53:55 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame C3A7 2 KB
973 B 33ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 05:41:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47538
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Aug 2023 05:41:37 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame C3A7 23 KB
9 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 05:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Aug 2023 05:41:38 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame C3A7 3 KB
1 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 21:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 21:30:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame C3A7 20 KB
8 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Aug 2023 07:29:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C3A7 179 KB
56 KB 104ms
84ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Aug 2023 18:53:55 GMT

GET
H2 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame C3A7 33 KB
14 KB 14ms
9ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 09:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 09:59:38 GMT

GET
H2 200 13004946848601697361
tpc.googlesyndication.com/simgad/ Frame 0542 16 KB
16 KB 23ms
17ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13004946848601697361?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9786560d7e19066281a96f08fba8dd20db957c9013899f34ec24a7b18dffdd7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 09:26:01 GMT
x-content-type-options: nosniff
age: 120474
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15971
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 12:59:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 11 Aug 2024 09:26:01 GMT

GET
H2 200 13536670593160683423
tpc.googlesyndication.com/simgad/ Frame 0542 923 B
1 KB 22ms
16ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13536670593160683423?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e6014ed24f631bc0b00eac39fc64762572246d270bd08ff426a8f4ab037cde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 01:25:25 GMT
x-content-type-options: nosniff
age: 408510
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 923
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 12:56:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Aug 2024 01:25:25 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/14499853234213590918/ Frame C3A7 14 KB
14 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14499853234213590918/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eda0e2def4a4974c931816016ba05c70a4ca4307aa9cf2b86ca11a83a5d8aa6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 17:04:40 GMT
x-content-type-options: nosniff
age: 265755
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14531
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 17:16:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Aug 2024 17:04:40 GMT

GET
DATA 200
OK truncated
/ Frame C3A7 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C3A7 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6228ca9e6798424cc37849c7080cdc1d38c4da419a3078d4d4fc2cbb95e8a06f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C3A7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85d18c7d6cbce2fb5e6414e404991d559f0a610a26f71e17027042ff4e5cd894

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0542 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c5ef1d2dcf899ea5d79ac18a1ad513a30afef387ee1ac1fa8af4090f4439c91

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0542 16 KB
16 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 02:35:09 GMT
x-content-type-options: nosniff
age: 145126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 02:35:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0542 15 KB
15 KB 29ms
10ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 226023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 04:06:52 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0542
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CahjxwibZZNuQOea8tOUP1KKvqA2jxtOKcs-h0trHEc-nyrHiNhABIKv6jB5glaqfgrAHoAH6vfzeKMgBCakCqD1f4W5esj6oAwHIA8sEqgSFAk_QYUmDpG1YSjK4GhFtRzMsSt4vWYtXcRH...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222899636665083120996%22,%22debug_reporting%22:true,%22destination%22:%22https://amministratoridisistema.it%22,%22event_repo...

0
0

60ms
41ms

Fetch
text/css

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222899636665083120996%22,%22debug_reporting%22:true,%22destination%22:%22https://amministratoridisistema.it%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210936590074%22],%224%22:[%2208-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228623023791542335201%22}&andc=true

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:53:56 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"2899636665083120996","debug_reporting":true,"destination":"https://amministratoridisistema.it","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10936590074"],"4":["08-13"],"6":["true"]},"priority":"500","source_event_id":"8623023791542335201"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 13 Aug 2023 18:53:56 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 13 Aug 2023 18:53:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2899636665083120996","debug_reporting":true,"destination":"https://amministratoridisistema.it","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10936590074"],"4":["08-13"],"6":["true"]},"priority":"500","source_event_id":"8623023791542335201"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response
pagead2.googlesyndication.com/bg/ Frame 36AD 37 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 09:06:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Aug 2024 09:06:57 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame C3A7 33 KB
33 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 136195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 05:04:01 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame C3A7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CveDhwibZZLnUN9qstOUPopWX8Az5zvnBcfmf95CFDv_1kOPXAhABIKv6jB5glaqfgrAHoAGUx4W7AcgBCakCqD1f4W5esj6oAwHIA8sEqgSPAk_QY8N9PY8vf-cslKXW3dfX7bgOfNjFZA6...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211190892587185888297%22,%22debug_reporting%22:true,%22destination%22:%22https://ligaproduction.com%22,%22event_report_wind...

0
0

60ms
41ms

Fetch
text/css

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211190892587185888297%22,%22debug_reporting%22:true,%22destination%22:%22https://ligaproduction.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22392258452%22],%224%22:[%2208-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217807405607687943793%22}&andc=true

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:53:56 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11190892587185888297","debug_reporting":true,"destination":"https://ligaproduction.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["392258452"],"4":["08-13"],"6":["true"]},"priority":"500","source_event_id":"17807405607687943793"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 13 Aug 2023 18:53:56 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 13 Aug 2023 18:53:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11190892587185888297","debug_reporting":true,"destination":"https://ligaproduction.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["392258452"],"4":["08-13"],"6":["true"]},"priority":"500","source_event_id":"17807405607687943793"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response
pagead2.googlesyndication.com/bg/ Frame 7E28 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 09:06:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Aug 2024 09:06:57 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 77ms
40ms Preflight
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 13 Aug 2023 18:53:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 69ms
40ms Preflight
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 13 Aug 2023 18:53:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0542 42 B
64 B 130ms
114ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwG3fYF6NuAFYbb4SaQ5NAncfLwEqLVZ2PpuSXJt5JI1mZ0QXMP-gfg28T05oem-Az98b_rcAg5rk7KG-EHYSTtiXXYrvnhHsAC30AY7WGyIWNcG-iY_Z5IkOaaffwij3MSMrkTgt8QfW0&sai=AMfl-YRJ2sOPwd00fmaQse0dQnFASCCt6PV_nTEsO2qlDaGVCUl420A-37DO4gqDnMLjHJbeE3qiHS497MCX&sig=Cg0ArKJSzH_KsS8mPQm3EAE&cid=CAQSGwBpAlJWfcmsGXUkR2uyoCGljfn6IPESf-nEXRgB&id=lidar2&mcvt=1000&p=0,0,280,800&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3534818277&rs=2&la=0&cr=0&vs=4&r=v&rst=1691952834826&rpt=1144&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 18:53:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C3A7 42 B
64 B 113ms
113ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuz_05uclij4GpKkqgwg9kukVUhzTEMJu8Qg9npAgxJbL5nTWbMrmvQ6YAcjDyPyIva57wj4CbitDwPpdBJNEWkwJ4O9HK2DJ7rPG8RG7x6dO7U8oPTG52cNu3NC8qBTpYSy2W7bhtH9sa_&sai=AMfl-YQXTyW6ySvCOfcZyo7ig7OcLJFJTq-sGf4HX4ifbC456cAJ1UW29Lqru-ZevnY2iWNawRdOkEUFBnJI&sig=Cg0ArKJSzKx_5kkQCDqPEAE&cid=CAQSGwBpAlJWgF-62J2modnL42H4mT042I4XhdlO7BgB&id=lidar2&mcvt=1000&p=0,0,600,235&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2462822920&rs=2&la=0&cr=0&vs=4&r=v&rst=1691952834815&rpt=1201&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 18:53:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK fc2_web_user_page.js Show response
static.fc2.com/fc2web/js/ 11 KB
4 KB 66ms
17ms Script
application/javascript 2a02:3d0:6:a000::3
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: http://static.fc2.com/fc2web/js/fc2_web_user_page.js?20210719
Requested by: Host: vip.chps-api.fc2.com
URL: http://vip.chps-api.fc2.com/apis/footer/?charset=UTF-8&url=http%3A%2F%2Flanterman.web.fc2.com%2F&service=0&r=13159312631
Protocol: HTTP/1.1
Server: 2a02:3d0:6:a000::3 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
Software: nginx /
Resource Hash: d5280d87baee55df453debab6d2cf4079a730388c6773369fffa6c44ce9f159c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:53:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 07:06:20 GMT
Server: nginx
Age: 5467
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=6000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3926
X-LLID: 17cdd5fdcd7f76e865047cc049f4bc55
Expires: Sun, 13 Aug 2023 19:02:51 GMT

GET
H/1.1 200
Ok / Show response
media5.fc2.com/1187/ Frame E48A 2 KB
1 KB 541ms
174ms Document
text/html 104.244.99.97
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://media5.fc2.com/1187/
Requested by: Host: static.fc2.com
URL: http://static.fc2.com/fc2web/js/fc2_web_user_page.js?20210719
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.97 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: 1cb7cab5eb7626900d579c45c233bfb4e09b2e262f0c9bc31c90641dd5e6c714

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 13 Aug 2023 18:53:59 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
Ok manager.cgi Show response
textad.fc2.com/cgi-bin/ 4 KB
4 KB 538ms
174ms Script
text/javascript 104.244.99.67
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://textad.fc2.com/cgi-bin/manager.cgi?category_id=0&i=1&type=1
Requested by: Host: static.fc2.com
URL: http://static.fc2.com/fc2web/js/fc2_web_user_page.js?20210719
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.67 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: e97979e08037bef7ef53018cd2e9fc623e01b4f94c9eab69a4cb1fb0f727b047

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:53:59 GMT
Server: nginx
Connection: keep-alive
Content-Length: 4178
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK fc2_header_bnr_close.gif
static.fc2.com/fc2web/image/ 972 B
1 KB 351ms
351ms Image
image/gif 2a02:3d0:6:a000::3
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.fc2.com/fc2web/image/fc2_header_bnr_close.gif
Requested by: Host: static.fc2.com
URL: http://static.fc2.com/fc2web/js/fc2_web_user_page.js?20210719
Protocol: HTTP/1.1
Server: 2a02:3d0:6:a000::3 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
Software: nginx /
Resource Hash: 5a0df713b4660ba39052ceadce6b19b9945dcc2b8aecea57d84816524eb38b14

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:53:59 GMT
Last-Modified: Wed, 19 Mar 2014 06:20:31 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=6000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 972
X-LLID: c3fd8f22ec09ac59b8906624d13f7ce3
Expires: Sun, 13 Aug 2023 20:33:59 GMT

GET
H/1.1 200
Ok counter_img.php
media.fc2.com/ 43 B
346 B 703ms
173ms Image
image/gif 104.244.99.58
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.fc2.com/counter_img.php?id=1781
Requested by: Host: static.fc2.com
URL: http://static.fc2.com/fc2web/js/fc2_web_user_page.js?20210719
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.58 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: b7f62f924ea7b82ad409df09417c32e7ace002d292675841dcfeeecc28a25925

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Aug 2023 18:53:59 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
Ok counter_img.php
media.fc2.com/ 43 B
346 B 703ms
172ms Image
image/gif 104.244.99.58
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.fc2.com/counter_img.php?id=1782
Requested by: Host: static.fc2.com
URL: http://static.fc2.com/fc2web/js/fc2_web_user_page.js?20210719
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.58 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: b7f62f924ea7b82ad409df09417c32e7ace002d292675841dcfeeecc28a25925

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Aug 2023 18:53:59 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fc2_bottom_bnr_close.png
static.fc2.com/fc2web/image/ 429 B
781 B 361ms
355ms Image
image/png 2a02:3d0:6:a000::3
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.fc2.com/fc2web/image/fc2_bottom_bnr_close.png
Requested by: Host: static.fc2.com
URL: http://static.fc2.com/fc2web/js/fc2_web_user_page.js?20210719
Protocol: HTTP/1.1
Server: 2a02:3d0:6:a000::3 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
Software: nginx /
Resource Hash: 5b20a3e55eda8ed582681eb9a05069aaaf5da9c12d9b9d6769cfc05ebb539993

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:53:59 GMT
Last-Modified: Wed, 19 Mar 2014 06:20:31 GMT
Server: nginx
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=6000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 429
X-LLID: 9207879ded041739e1672939f48dfa43
Expires: Sun, 13 Aug 2023 20:33:59 GMT

GET
H2 200 bbe8a512a00466e406cde884fa2d3564.jpeg
storage1000-textad.fc2.com/textad/user12572/ 10 KB
10 KB 705ms
346ms Image
image/png 199.48.209.213
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://storage1000-textad.fc2.com/textad/user12572/bbe8a512a00466e406cde884fa2d3564.jpeg

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.48.209.213 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

nginx /

Resource Hash

ab54017c0444167aa0373b35754d99768c225d38796dd834057dcd0341f42a00

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:00 GMT
content-security-policy: block-all-mixed-content
content-encoding: gzip
last-modified: Thu, 24 Nov 2022 10:07:18 GMT
server: nginx
x-amz-request-id: 177B05B48B06E8CC
etag: W/"2c9d09a5f7416e8bf918e4d9cfaabd54"
vary: Accept-Encoding, Origin
content-type: image/png
x-xss-protection: 1; mode=block

GET
H2 200 5c485f00d4b543b30d68813d3ea2d237.jpeg
storage1000-textad.fc2.com/textad/user12572/ 10 KB
11 KB 874ms
515ms Image
image/png 199.48.209.213
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://storage1000-textad.fc2.com/textad/user12572/5c485f00d4b543b30d68813d3ea2d237.jpeg

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.48.209.213 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

nginx /

Resource Hash

1e560ff025fb7a37f6ef93d80f90f336741b83316fc4a2c5fdeec023c8ddb7a0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:00 GMT
content-security-policy: block-all-mixed-content
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 08:37:54 GMT
server: nginx
x-amz-request-id: 177B05C2F2C96964
etag: W/"3453b4341dc4bf7f9924472cef11d644"
vary: Accept-Encoding, Origin
content-type: image/png
x-xss-protection: 1; mode=block

GET
H2 200 eb91f8f1e7e9d94ef76cd0025113bfc3.jpeg
storage1000-textad.fc2.com/textad/user12572/ 11 KB
11 KB 876ms
517ms Image
image/png 199.48.209.213
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://storage1000-textad.fc2.com/textad/user12572/eb91f8f1e7e9d94ef76cd0025113bfc3.jpeg

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.48.209.213 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

nginx /

Resource Hash

e96ef4f1f835d6d6e7e7002d42ce745e33791d12264fc4171c8408638aa1d29d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:00 GMT
content-security-policy: block-all-mixed-content
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 08:32:12 GMT
server: nginx
x-amz-request-id: 177B05CB29CCF39A
etag: W/"1bcb1fa01c9d115e9be46c16580993da"
vary: Accept-Encoding, Origin
content-type: image/png
x-xss-protection: 1; mode=block

GET
H2 200 a878e5f07a336ab7afb0c8207a4fed9d.jpeg
storage1000-textad.fc2.com/textad/user12572/ 9 KB
9 KB 875ms
516ms Image
image/png 199.48.209.213
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://storage1000-textad.fc2.com/textad/user12572/a878e5f07a336ab7afb0c8207a4fed9d.jpeg

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.48.209.213 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

nginx /

Resource Hash

5b207e7767f10ca66eaedbaee7e5023f9c55176e70d64fcaabf58656622d5513

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:00 GMT
content-security-policy: block-all-mixed-content
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 09:54:02 GMT
server: nginx
x-amz-request-id: 177B060BA18CA992
etag: W/"119cd8747edd7fa245f6284f92a93009"
vary: Accept-Encoding, Origin
content-type: image/png
x-xss-protection: 1; mode=block

GET
H2 200 668f540669179556b8cfb8e5a9d647f4.jpeg
storage1000-textad.fc2.com/textad/user12572/ 21 KB
22 KB 704ms
345ms Image
image/png 199.48.209.213
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://storage1000-textad.fc2.com/textad/user12572/668f540669179556b8cfb8e5a9d647f4.jpeg

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.48.209.213 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

nginx /

Resource Hash

26959420ff63fa61ceda84d3a420d0fb456221556aafd0ee0a7bcbdd9d1745a9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:00 GMT
content-security-policy: block-all-mixed-content
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 14:10:46 GMT
server: nginx
x-amz-request-id: 177B060BA1916244
etag: W/"c85fa96325b66f9b25f4b2301b8bc841"
vary: Accept-Encoding, Origin
content-type: image/png
x-xss-protection: 1; mode=block

GET
H/1.1 200
Ok / Show response
media5.fc2.com/1188/ Frame 0C1D 2 KB
1 KB 174ms
174ms Document
text/html 104.244.99.97
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://media5.fc2.com/1188/
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.97 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: cb8aa63b3f73eb99a9f475b1bd8235a6ece0c5051a1cbef6fa5f9df8a208f48a

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 13 Aug 2023 18:53:59 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H2

200

compass.js Show response
jgl.microad.net/js/ Frame E48A
Redirect Chain

https://j.microad.net/js/compass.js
https://jgl.microad.net/js/compass.js

128 KB
30 KB

378ms
324ms

Script
application/javascript

14.0.41.202
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://jgl.microad.net/js/compass.js
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1187/
Protocol: H2
Server: 14.0.41.202 Osaka, Japan, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: aa7469f638262821f7ff37616788f67addec2140d47b6d4396a98d0e11391e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:00 GMT
content-encoding: gzip
via: 1.1 PSrbJP1ww66:0 (W), 1.1 PSrbdbOSA1ap90:9 (W)
last-modified: Tue, 11 Jul 2023 01:36:36 GMT
server: PWS/8.3.1.0.8
etag: "1ff4f-gzip"
x-ws-request-id: 64d926c8_PSrbdbOSA1rw96_31854-89
content-type: application/javascript
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
cache-control: max-age=604800
x-px: ht PSrbdbOSA1ap90KIX
accept-ranges: bytes
content-length: 29980
expires: Sat, 19 Aug 2023 08:14:23 GMT

Redirect headers

date: Sun, 13 Aug 2023 18:54:00 GMT
via: 1.0 PSrbdbOSA1ap90:10 (W)
server: PWS/8.3.1.0.8
x-ws-request-id: 64d926c8_PSrbdbOSA1rw96_31854-63
location: https://jgl.microad.net/js/compass.js
access-control-allow-origin: *
cache-control: no-cache
x-px: -
content-length: 0

GET
H/1.1 200
OK ajax.module.js Show response
media5.fc2.com/js/ Frame E48A 2 KB
2 KB 345ms
172ms Script
application/javascript 104.244.99.97
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://media5.fc2.com/js/ajax.module.js
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1187/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.97 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: 08594aa8f6b8760ac36e53b99ddd70973dfc79447a1fc993a746ac975bd64565

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/1187/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:53:59 GMT
Last-Modified: Tue, 02 Jun 2020 11:01:19 GMT
Server: nginx
ETag: "5ed6317f-63b"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1595

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 10B3 20 KB
5 KB 741ms
739ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&adk=1812271804&adf=3025194257&lmt=1519982746&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x540_l%7C236x540_r&format=0x0&url=http%3A%2F%2Flanterman.web.fc2.com%2F&ea=0&pra=7&wgl=1&dt=1691952839588&bpp=2&bdt=7670&idt=2&shv=r20230809&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42bad3304dedf295-226bd67f4fde0054%3AT%3D1691952834%3ART%3D1691952834%3AS%3DALNI_MYB4o_B8D4tbLMIbeFtKwmTS_tC2A&gpic=UID%3D00000c5fcfa824f4%3AT%3D1691952834%3ART%3D1691952834%3AS%3DALNI_MbNxk68aMjcpdIoVPDq5ZvmMOWy7g&prev_fmts=235x600%2C800x280&nras=1&correlator=3780434554067&frm=20&pv=1&ga_vid=1295465929.1691952835&ga_sid=1691952835&ga_hid=1885597197&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44798879%2C31076924%2C44795909%2C31076964&oid=2&psts=AOrYGsmv54FBC4UxYS48Ha0zR2LFwb2aTMN8HJty3fhByoYc18g3BPSdwb6YGFplWiWXXA892sGhSovdQ3-qzB04vHOz3Xs6%2CAOrYGsnUP257caReTNRiowr6ow2cROaOkGJrrQPqf053Dtvv1nEKs1ML22LC5lWHqT-A8uOPZhUKSUYipsWLv_HcVZBtJe8g&pvsid=3193668809667926&tmod=1914473906&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

285b0de73a0452c3388fa294e4f75b216ffa7cacc7e7947242b6c8d0983846c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 5265
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 18:54:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 107ms
107ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=fc2_bottom_bnr&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 18:53:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 78E3 320 KB
104 KB 60ms
12ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Flanterman.web.fc2.com
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (via/F334) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 934857
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Sun, 13 Aug 2023 18:53:59 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (via/F334)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 144 KB
53 KB 23ms
17ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/e992cd4de3c7044f/cse_element__en.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67c87ffe5e6046e49358a8dbc859d82619ff48eb1b057e608ce821e974fdcc24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:53:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
ETag: "7694694084831354173"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Accept-Ranges: bytes
Expires: Sun, 13 Aug 2023 18:53:59 GMT

GET
H2 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/e992cd4de3c7044f/default+en.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/cse/static/element/e992cd4de3c7044f/default+en.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 12:04:55 GMT
x-content-type-options: nosniff
age: 197344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 10 Aug 2024 12:04:55 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:35:50 GMT
x-content-type-options: nosniff
age: 433089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1372
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 07 Aug 2024 18:35:50 GMT

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
127 B 41ms
6ms Image
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:53:59 GMT
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 78E3 869 B
660 B 140ms
116ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=6b543541a6f3e103403333cbcd02dd3daa524393

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Flanterman.web.fc2.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-response-time: 109
date: Sun, 13 Aug 2023 18:53:59 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Sun, 13 Aug 2023 18:53:59 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 74209a6b110c6636
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 0bc039274aba7680ab39f0a55d3fdb9dac49a49dbd072091eacabf50fb08cba5
content-length: 337

GET
H2

200

compass.js Show response
jgl.microad.net/js/ Frame 0C1D
Redirect Chain

https://j.microad.net/js/compass.js
https://jgl.microad.net/js/compass.js

128 KB
30 KB

316ms
262ms

Script
application/javascript

14.0.41.202
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://jgl.microad.net/js/compass.js
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1188/
Protocol: H2
Server: 14.0.41.202 Osaka, Japan, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: aa7469f638262821f7ff37616788f67addec2140d47b6d4396a98d0e11391e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:00 GMT
content-encoding: gzip
via: 1.1 PSrbJP1ww66:0 (W), 1.1 PSrbdbOSA1ap90:9 (W)
last-modified: Tue, 11 Jul 2023 01:36:36 GMT
server: PWS/8.3.1.0.8
etag: "1ff4f-gzip"
x-ws-request-id: 64d926c8_PSrbdbOSA1rw96_31854-88
content-type: application/javascript
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
cache-control: max-age=604800
x-px: ht PSrbdbOSA1ap90KIX
accept-ranges: bytes
content-length: 29980
expires: Sat, 19 Aug 2023 08:14:23 GMT

Redirect headers

date: Sun, 13 Aug 2023 18:54:00 GMT
via: 1.0 PSrbdbOSA1gs91:18 (W)
server: PWS/8.3.1.0.8
x-ws-request-id: 64d926c8_PSrbdbOSA1rw96_31854-64
location: https://jgl.microad.net/js/compass.js
access-control-allow-origin: *
cache-control: no-cache
x-px: -
content-length: 0

GET
H/1.1 200
OK ajax.module.js Show response
media5.fc2.com/js/ Frame 0C1D 2 KB
2 KB 341ms
172ms Script
application/javascript 104.244.99.97
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://media5.fc2.com/js/ajax.module.js
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1188/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.97 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: 08594aa8f6b8760ac36e53b99ddd70973dfc79447a1fc993a746ac975bd64565

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/1188/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:54:00 GMT
Last-Modified: Tue, 02 Jun 2020 11:01:19 GMT
Server: nginx
ETag: "5ed6317f-63b"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1595

GET
H/1.1 200
OK timeline.16b53cc33aaa562f8f41a495bf720289.js Show response
platform.twitter.com/js/ 8 KB
4 KB 13ms
12ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.16b53cc33aaa562f8f41a495bf720289.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (via/F338) /
Resource Hash: 7cccd8f78bd73c79f1281052eb4c9bdf6f38386fca206da9954fdf24ab0784af

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:53:59 GMT
Content-Encoding: gzip
Age: 934855
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2964
Last-Modified: Tue, 24 Jan 2023 21:41:06 GMT
Server: ECS (via/F338)
Etag: "569768187d20181e1cdea6aa19f3a4b4+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8556 46 KB
17 KB 436ms
435ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=90&adk=3779524255&adf=3105276512&pi=t.aa~a.1914032700~i.10~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1519982746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2593758635&ad_type=text_image&format=800x90&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1691952840364&bpp=1&bdt=8446&idt=1&shv=r20230809&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42bad3304dedf295-226bd67f4fde0054%3AT%3D1691952834%3ART%3D1691952834%3AS%3DALNI_MYB4o_B8D4tbLMIbeFtKwmTS_tC2A&gpic=UID%3D00000c5fcfa824f4%3AT%3D1691952834%3ART%3D1691952834%3AS%3DALNI_MbNxk68aMjcpdIoVPDq5ZvmMOWy7g&prev_fmts=235x600%2C800x280%2C0x0&nras=2&correlator=3780434554067&frm=20&pv=1&ga_vid=1295465929.1691952835&ga_sid=1691952835&ga_hid=1885597197&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=2676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44798879%2C31076924%2C44795909%2C31076964&oid=2&psts=AOrYGsmv54FBC4UxYS48Ha0zR2LFwb2aTMN8HJty3fhByoYc18g3BPSdwb6YGFplWiWXXA892sGhSovdQ3-qzB04vHOz3Xs6%2CAOrYGsnUP257caReTNRiowr6ow2cROaOkGJrrQPqf053Dtvv1nEKs1ML22LC5lWHqT-A8uOPZhUKSUYipsWLv_HcVZBtJe8g&pvsid=3193668809667926&tmod=1914473906&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=GUCzwuxu1D&p=http%3A//lanterman.web.fc2.com&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

504ccc14f6a939c0c1116e9189c0fb0a620d749b648bc3fd283a3eda0d76ef0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 17061
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 18:54:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie_loader.html Show response
cache.send.microadinc.com/js/ Frame C991 2 KB
2 KB 97ms
17ms Document
text/html 18.165.227.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microadinc.com/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.227.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-227-72.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: https://media5.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 34750
content-length: 1909
content-type: text/html
date: Sun, 13 Aug 2023 09:14:51 GMT
etag: "10cf9c751f3fdad8c8784c6bf8cee57a"
last-modified: Thu, 28 Oct 2021 12:57:38 GMT
server: AmazonS3
via: 1.1 5fb9e0c21a061d26e0a1e7ca612b7004.cloudfront.net (CloudFront)
x-amz-cf-id: nESizGMWfFJGuYAX-LXI31sqS-6W5cfhigKCqhZhqmSmJnWWWdoO3w==
x-amz-cf-pop: LHR61-P5
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7
x-cache: Hit from cloudfront

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ Frame 0C1D 6 KB
3 KB 112ms
8ms Script
application/javascript 2a02:26f0:3500:c::5c7b:680f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:680f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Sun, 13 Aug 2023 18:54:00 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H/1.1 200
200 ad Show response
s-rtb.send.microadinc.com/ Frame 0C1D 3 KB
3 KB 797ms
253ms Script
text/javascript 202.233.84.9
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microadinc.com/ad?spot=793761e06e731a9b432e33760ab1c55d&cb=microadCompass.AdRequestor.callback&url=https%3A%2F%2Fmedia5.fc2.com%2F1188%2F&referrer=http%3A%2F%2Flanterman.web.fc2.com%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=7d5bce1827dcc00189f03f8050

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.9 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

278c5e17e2256ca57df5364106c24b2870908f1f1a7d3f20115e4ee29ef7da08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:54:01 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: text/javascript;charset=UTF-8
Connection: close
Content-Length: 2567
X-XSS-Protection: 1; mode=block

GET
H2 200 cookie_loader.html Show response
cache.send.microadinc.com/js/ Frame 1B7C 2 KB
2 KB 55ms
18ms Document
text/html 18.165.227.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microadinc.com/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.227.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-227-72.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: https://media5.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 34750
content-length: 1909
content-type: text/html
date: Sun, 13 Aug 2023 09:14:51 GMT
etag: "10cf9c751f3fdad8c8784c6bf8cee57a"
last-modified: Thu, 28 Oct 2021 12:57:38 GMT
server: AmazonS3
via: 1.1 5fb9e0c21a061d26e0a1e7ca612b7004.cloudfront.net (CloudFront)
x-amz-cf-id: fW2NSTztKPIUxwFy6Enjr7evdzr446Dq6VTsATFgu3TwNykmN6fgtg==
x-amz-cf-pop: LHR61-P5
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7
x-cache: Hit from cloudfront

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ Frame E48A 6 KB
3 KB 68ms
7ms Script
application/javascript 2a02:26f0:3500:c::5c7b:680f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:680f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Sun, 13 Aug 2023 18:54:00 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame D40A 2 KB
2 KB 59ms
30ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1j78d34eghtf3nwq5y499xqnagaffe228kh7jqfcyh6cn9tndazg16bgkqpf4417v9dgqtzjk6xf51sk2gx8m2ytxhpptzjcpvfz41jzpcf9t3kzvtt09fv0q2bs72pctrnmertwn2qdqc4b0rbmdg8prxben8p0rm3j3p1pk4bj2nr1gyxa6e0jhdm5ncd4s8q20q90yygw1zy8ymfq242w5shzqyysqs6ry5zecabzheppapta9p2f0bb2bcs46gt90jxz0kkqnasn6edat7fa5p1vn714wypge0rzxg8wq4twajaedryt9w7appna47rt13pcgmbbzrrr180t77xsxaspw30kbwj35pftqv7mrx3twz9crj2yc3f16c905dr06tjd9wcfafy8n890dhv42gpyq4znbx1a0xnhq5e1qwyf531fdhtyrwpsnvytdnqbc6dm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC60r1yCbZZOHtHJWZi9YPm8m-qA2Q4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02ODkwMjg3MjUwOTc1Njc5yAEJqQKoPV_hbl6yPqgDAcgDAqoE0wFP0Kj6kw_YJKaqynVRC8Hnh-WTyDHzfKXHZ_rcsLQB5fdswq73f1SuwrjWG901uYk-VZfUVwHrY6looc_oYIPBg5H-gWcC8OvQ6igX4rMn8v99a85xKLBDKieeThOnBWJWAIV7nc3tQ1h3Of0W14U2GuvaT9nDo5gKpyC1yaRPmIx3NrEQpL4FrahkVCxeGbiGtW2dpgfj8aBtHz_xqp-P2qc8V5ezIVXqWweMCs2A65jIwZ69H5rDMKnPRKEZb7dtKxUdd03matBexI7hY-uIJ6EZgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_19Dpq2VXb_6CFlO32pdhSDV2oglw%26client%3Dca-pub-6890287250975679%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=90&adk=3779524255&adf=3105276512&pi=t.aa~a.1914032700~i.10~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1519982746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2593758635&ad_type=text_image&format=800x90&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1691952840364&bpp=1&bdt=8446&idt=1&shv=r20230809&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42bad3304dedf295-226bd67f4fde0054%3AT%3D1691952834%3ART%3D1691952834%3AS%3DALNI_MYB4o_B8D4tbLMIbeFtKwmTS_tC2A&gpic=UID%3D00000c5fcfa824f4%3AT%3D1691952834%3ART%3D1691952834%3AS%3DALNI_MbNxk68aMjcpdIoVPDq5ZvmMOWy7g&prev_fmts=235x600%2C800x280%2C0x0&nras=2&correlator=3780434554067&frm=20&pv=1&ga_vid=1295465929.1691952835&ga_sid=1691952835&ga_hid=1885597197&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=2676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44798879%2C31076924%2C44795909%2C31076964&oid=2&psts=AOrYGsmv54FBC4UxYS48Ha0zR2LFwb2aTMN8HJty3fhByoYc18g3BPSdwb6YGFplWiWXXA892sGhSovdQ3-qzB04vHOz3Xs6%2CAOrYGsnUP257caReTNRiowr6ow2cROaOkGJrrQPqf053Dtvv1nEKs1ML22LC5lWHqT-A8uOPZhUKSUYipsWLv_HcVZBtJe8g&pvsid=3193668809667926&tmod=1914473906&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=GUCzwuxu1D&p=http%3A//lanterman.web.fc2.com&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

625a79bd31c2d52c37c07e341ae22b2889d644cd8d9af21786750fa6c4369765

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7f632a075c042c5d-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 18:54:00 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame F777 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 21:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77029
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 21:30:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0E22 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55730
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 03:25:10 GMT
etag: 48472445140208031
expires: Mon, 14 Aug 2023 03:25:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame F777 20 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41072
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Aug 2023 07:29:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F777 179 KB
56 KB 69ms
67ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Aug 2023 18:54:00 GMT

GET
H/1.1 200
200 ad Show response
s-rtb.send.microadinc.com/ Frame E48A 3 KB
3 KB 811ms
276ms Script
text/javascript 202.233.84.9
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microadinc.com/ad?spot=93a2ec9f57837adb360556712d6b9a91&cb=microadCompass.AdRequestor.callback&url=https%3A%2F%2Fmedia5.fc2.com%2F1187%2F&referrer=http%3A%2F%2Flanterman.web.fc2.com%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=cc765df4ff47e80189f03f807f

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.9 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

f01efd39c4db32c2a6b569c952f43abde3799c0631af94c14180caa093b66c1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:54:01 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: text/javascript;charset=UTF-8
Connection: close
Content-Length: 2582
X-XSS-Protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame F777 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 171abb10853564231a1dda080cb39ef319be049410ab46b510d768f553a3c87a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0E22
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGRNcmtOmwW1VFsmkVRWI70&google_cver=1&google_push=AXcoOmRDpXZK8zuzqwstSlPnrFsQM8focGPPEH_Rj8XrI-3SBhYYVc2qV9cr3iWLaw3ThTJeUgyZOip7KSmqG6fV3ErUKln0XIdV_...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDYwOTYyNDgyMjMwNDM2NzIwMg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGRNcmtOmwW1VFsmkVRWI70&google_cver=1

43 B
398 B

102ms
30ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGRNcmtOmwW1VFsmkVRWI70&google_cver=1
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 13 Aug 2023 18:54:00 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 18:54:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGRNcmtOmwW1VFsmkVRWI70&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 0E22
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESECZlqHwzA2o7omJZM98LjDI&google_cver=1&google_push=AXcoOmRL8ODAFwHggp1JRNj_xeBHHDj9Bk_pHj6MUhR4awxIHj7ACyKQMQCrKiPPQizb6mH7EDQuGh0F_oPJYah4uzvHbr6n3vM9J...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECZlqHwzA2o7omJZM98LjDI&google_cver=1&google_push=AXcoOmRL8ODAFwHggp1JRNj_xeBHHDj9Bk_pHj6MUhR4awxIHj7ACyKQMQCrKiPPQizb6mH7EDQuGh0F_oPJYah4uzvHbr6n3vM...

43 B
426 B

175ms
166ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECZlqHwzA2o7omJZM98LjDI&google_cver=1&google_push=AXcoOmRL8ODAFwHggp1JRNj_xeBHHDj9Bk_pHj6MUhR4awxIHj7ACyKQMQCrKiPPQizb6mH7EDQuGh0F_oPJYah4uzvHbr6n3vM9JV8ydJNs2Oo-1dD9My6Woqi_c1TXufDCeBXz-WdSEeULO6_pltpk-s7NZC8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRL8ODAFwHggp1JRNj_xeBHHDj9Bk_pHj6MUhR4awxIHj7ACyKQMQCrKiPPQizb6mH7EDQuGh0F_oPJYah4uzvHbr6n3vM9JV8ydJNs2Oo-1dD9My6Woqi_c1TXufDCeBXz-WdSEeULO6_pltpk-s7NZC8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 18:54:01 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7f632a08a912918c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 18:54:01 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 159
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECZlqHwzA2o7omJZM98LjDI&google_cver=1&google_push=AXcoOmRL8ODAFwHggp1JRNj_xeBHHDj9Bk_pHj6MUhR4awxIHj7ACyKQMQCrKiPPQizb6mH7EDQuGh0F_oPJYah4uzvHbr6n3vM9JV8ydJNs2Oo-1dD9My6Woqi_c1TXufDCeBXz-WdSEeULO6_pltpk-s7NZC8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRL8ODAFwHggp1JRNj_xeBHHDj9Bk_pHj6MUhR4awxIHj7ACyKQMQCrKiPPQizb6mH7EDQuGh0F_oPJYah4uzvHbr6n3vM9JV8ydJNs2Oo-1dD9My6Woqi_c1TXufDCeBXz-WdSEeULO6_pltpk-s7NZC8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7f632a078f0c918c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 0E22 43 B
146 B 194ms
8ms Image
image/gif 3.67.123.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFZrwZ0nitsFrv53-nDGRBg&google_cver=1&google_push=AXcoOmRv_WvBYp9j3EXGBKVclfMvf3m8LoRwwwhB1dXR7O1RKo__hyr5pOYlaZlmq3mnR0aoj20zqn2IcxCQEWTPaOdYBXZuYhqe-uRFNDWSLMTudSI4U8v5hI5fyIYKy83LtsuJ9ltV9VCl1_z5hZonEk9mIEU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=90&adk=3779524255&adf=3105276512&pi=t.aa~a.1914032700~i.10~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1519982746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2593758635&ad_type=text_image&format=800x90&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1691952840364&bpp=1&bdt=8446&idt=1&shv=r20230809&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42bad3304dedf295-226bd67f4fde0054%3AT%3D1691952834%3ART%3D1691952834%3AS%3DALNI_MYB4o_B8D4tbLMIbeFtKwmTS_tC2A&gpic=UID%3D00000c5fcfa824f4%3AT%3D1691952834%3ART%3D1691952834%3AS%3DALNI_MbNxk68aMjcpdIoVPDq5ZvmMOWy7g&prev_fmts=235x600%2C800x280%2C0x0&nras=2&correlator=3780434554067&frm=20&pv=1&ga_vid=1295465929.1691952835&ga_sid=1691952835&ga_hid=1885597197&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=2676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44798879%2C31076924%2C44795909%2C31076964&oid=2&psts=AOrYGsmv54FBC4UxYS48Ha0zR2LFwb2aTMN8HJty3fhByoYc18g3BPSdwb6YGFplWiWXXA892sGhSovdQ3-qzB04vHOz3Xs6%2CAOrYGsnUP257caReTNRiowr6ow2cROaOkGJrrQPqf053Dtvv1nEKs1ML22LC5lWHqT-A8uOPZhUKSUYipsWLv_HcVZBtJe8g&pvsid=3193668809667926&tmod=1914473906&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=GUCzwuxu1D&p=http%3A//lanterman.web.fc2.com&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.123.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-123-166.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0E22
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOYd6skpjUXe4xnYIoBQt2w&google_cver=1&google_push=AXcoOmQb59HWdxqzlieARkW2dFnf6jFMGHL5GVbHaFbvUvEQi6PMBj21GR3699vuPVBnrog5vD9haQWWmVR3O_HgsegHTi8...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQb59HWdxqzlieARkW2dFnf6jFMGHL5GVbHaFbvUvEQi6PMBj21GR3699vuPVBnrog5vD9haQWWmVR3O_HgsegHTi8MiCdkHlyl8jGlhpjkML9OUf55x_ASShImUqgNv...

170 B
232 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQb59HWdxqzlieARkW2dFnf6jFMGHL5GVbHaFbvUvEQi6PMBj21GR3699vuPVBnrog5vD9haQWWmVR3O_HgsegHTi8MiCdkHlyl8jGlhpjkML9OUf55x_ASShImUqgNvFViPV-QGd0jYFd3nV-HSHiPr1A&google_hm=eS16SHdyMkE5RTJwSDhwOHVScmR5R3pPbnNZUkhkSFhDZH5B

Requested by

Protocol

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 18:54:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 13 Aug 2023 18:54:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQb59HWdxqzlieARkW2dFnf6jFMGHL5GVbHaFbvUvEQi6PMBj21GR3699vuPVBnrog5vD9haQWWmVR3O_HgsegHTi8MiCdkHlyl8jGlhpjkML9OUf55x_ASShImUqgNvFViPV-QGd0jYFd3nV-HSHiPr1A&google_hm=eS16SHdyMkE5RTJwSDhwOHVScmR5R3pPbnNZUkhkSFhDZH5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 0E22 43 B
363 B 75ms
20ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSEVn6JNZH4Jaa8wzwp6SsT3SzC_vA5XkDV_xM0Y5RyaG2O5zUoNqkILIAaU6n5qQImOUVM5nskjrCLg_weT5h-XELqWNu15iA746IbBYaBU6eLNCCZ07GdzcF3e-MDnarOTconosXVcBg0JeqOOLrC2g&google_gid=CAESEI4m9y0WkxuhdY4e3ndBkrA&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 18:54:00 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 182571
expires: Sun, 13 Aug 2023 00:00:00 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 0E22 43 B
296 B 218ms
21ms Image
image/gif 2a05:d01c:1d8:8101:4e4e:de4:976c:6d16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEJT4tbfQOkQpAW4rVmde1YQ&google_cver=1&google_push=AXcoOmTMJ89xL6mFC6FLk2-JkYNuN2KVjjXPYQ_bOQYbSw5ndL9_duvJsS6sfHsbVRyj2yEPl0JxAvSxoqb569XaSCbyzurLzTnv2sgaQDVOFciGqsphcFARRWIex4ye7mQXsZqk5ENAA32xMsZnvhqTTqg7NnI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=90&adk=3779524255&adf=3105276512&pi=t.aa~a.1914032700~i.10~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1519982746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2593758635&ad_type=text_image&format=800x90&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1691952840364&bpp=1&bdt=8446&idt=1&shv=r20230809&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42bad3304dedf295-226bd67f4fde0054%3AT%3D1691952834%3ART%3D1691952834%3AS%3DALNI_MYB4o_B8D4tbLMIbeFtKwmTS_tC2A&gpic=UID%3D00000c5fcfa824f4%3AT%3D1691952834%3ART%3D1691952834%3AS%3DALNI_MbNxk68aMjcpdIoVPDq5ZvmMOWy7g&prev_fmts=235x600%2C800x280%2C0x0&nras=2&correlator=3780434554067&frm=20&pv=1&ga_vid=1295465929.1691952835&ga_sid=1691952835&ga_hid=1885597197&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=2676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44798879%2C31076924%2C44795909%2C31076964&oid=2&psts=AOrYGsmv54FBC4UxYS48Ha0zR2LFwb2aTMN8HJty3fhByoYc18g3BPSdwb6YGFplWiWXXA892sGhSovdQ3-qzB04vHOz3Xs6%2CAOrYGsnUP257caReTNRiowr6ow2cROaOkGJrrQPqf053Dtvv1nEKs1ML22LC5lWHqT-A8uOPZhUKSUYipsWLv_HcVZBtJe8g&pvsid=3193668809667926&tmod=1914473906&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=GUCzwuxu1D&p=http%3A//lanterman.web.fc2.com&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:4e4e:de4:976c:6d16 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 13 Aug 2023 18:54:01 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0E22
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESENm5TpwVFYmxHsMGpzhJSi4&google_cver=1&google_push=AXcoOmT4dwU3ypIdvLIWTyfg2P88grPk5T3uGmtzoskIR-zlTI_OGzkCANpr44KgZY...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmT4dwU3ypIdvLIWTyfg2P88grPk5T3uGmtzoskIR-zlTI_OGzkCANpr44KgZY2enBqCN8cDAi4GZeZimmUBuxyif71sVDe2eo2ZT5v3tQwQ9B...

170 B
329 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmT4dwU3ypIdvLIWTyfg2P88grPk5T3uGmtzoskIR-zlTI_OGzkCANpr44KgZY2enBqCN8cDAi4GZeZimmUBuxyif71sVDe2eo2ZT5v3tQwQ9Bxk4mNbntQznDUDSSIcGuCdZtIJ-6rd5MhtxK7DZYYvL4xn&google_hm=zxxoVEkYQw6Ok5uEkiLwQck

Requested by

Protocol

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 18:54:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 18:53:59 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmT4dwU3ypIdvLIWTyfg2P88grPk5T3uGmtzoskIR-zlTI_OGzkCANpr44KgZY2enBqCN8cDAi4GZeZimmUBuxyif71sVDe2eo2ZT5v3tQwQ9Bxk4mNbntQznDUDSSIcGuCdZtIJ-6rd5MhtxK7DZYYvL4xn&google_hm=zxxoVEkYQw6Ok5uEkiLwQck
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0E22 0
139 B 46ms
16ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JgzFiedWPEUosN4SFa-xZ48tWDvtqV8_Q7uDjSO-IqTeE1ZtQnvi4BVbaLS7q8WnkRtzc95A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 sync Show response
gum.criteo.com/ Frame C991 45 B
287 B 51ms
16ms Script
text/javascript 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=46&r=2&j=handleData

Requested by

Host: cache.send.microadinc.com
URL: https://cache.send.microadinc.com/js/cookie_loader.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f82eeb7d741fcdd22be2f05939c7196ba620b539243541c6a56ab6cd62462613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cache.send.microadinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:00 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 300311
expires: 60

GET
H2 200 sync Show response
gum.criteo.com/ Frame 1B7C 45 B
286 B 44ms
17ms Script
text/javascript 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=46&r=2&j=handleData

Requested by

Host: cache.send.microadinc.com
URL: https://cache.send.microadinc.com/js/cookie_loader.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f82eeb7d741fcdd22be2f05939c7196ba620b539243541c6a56ab6cd62462613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cache.send.microadinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:00 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 274132
expires: 60

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ Frame E48A 10 B
182 B 268ms
240ms XHR
application/json 2600:1901:0:e207::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=1011503&vid=01H7R3Z054B94DQ8FRDBSCYD74
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: https://media5.fc2.com
date: Sun, 13 Aug 2023 18:54:01 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame D40A 114 KB
14 KB 21ms
21ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j78d34eghtf3nwq5y499xqnagaffe228kh7jqfcyh6cn9tndazg16bgkqpf4417v9dgqtzjk6xf51sk2gx8m2ytxhpptzjcpvfz41jzpcf9t3kzvtt09fv0q2bs72pctrnmertwn2qdqc4b0rbmdg8prxben8p0rm3j3p1pk4bj2nr1gyxa6e0jhdm5ncd4s8q20q90yygw1zy8ymfq242w5shzqyysqs6ry5zecabzheppapta9p2f0bb2bcs46gt90jxz0kkqnasn6edat7fa5p1vn714wypge0rzxg8wq4twajaedryt9w7appna47rt13pcgmbbzrrr180t77xsxaspw30kbwj35pftqv7mrx3twz9crj2yc3f16c905dr06tjd9wcfafy8n890dhv42gpyq4znbx1a0xnhq5e1qwyf531fdhtyrwpsnvytdnqbc6dm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC60r1yCbZZOHtHJWZi9YPm8m-qA2Q4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02ODkwMjg3MjUwOTc1Njc5yAEJqQKoPV_hbl6yPqgDAcgDAqoE0wFP0Kj6kw_YJKaqynVRC8Hnh-WTyDHzfKXHZ_rcsLQB5fdswq73f1SuwrjWG901uYk-VZfUVwHrY6looc_oYIPBg5H-gWcC8OvQ6igX4rMn8v99a85xKLBDKieeThOnBWJWAIV7nc3tQ1h3Of0W14U2GuvaT9nDo5gKpyC1yaRPmIx3NrEQpL4FrahkVCxeGbiGtW2dpgfj8aBtHz_xqp-P2qc8V5ezIVXqWweMCs2A65jIwZ69H5rDMKnPRKEZb7dtKxUdd03matBexI7hY-uIJ6EZgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_19Dpq2VXb_6CFlO32pdhSDV2oglw%26client%3Dca-pub-6890287250975679%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1j78d34eghtf3nwq5y499xqnagaffe228kh7jqfcyh6cn9tndazg16bgkqpf4417v9dgqtzjk6xf51sk2gx8m2ytxhpptzjcpvfz41jzpcf9t3kzvtt09fv0q2bs72pctrnmertwn2qdqc4b0rbmdg8prxben8p0rm3j3p1pk4bj2nr1gyxa6e0jhdm5ncd4s8q20q90yygw1zy8ymfq242w5shzqyysqs6ry5zecabzheppapta9p2f0bb2bcs46gt90jxz0kkqnasn6edat7fa5p1vn714wypge0rzxg8wq4twajaedryt9w7appna47rt13pcgmbbzrrr180t77xsxaspw30kbwj35pftqv7mrx3twz9crj2yc3f16c905dr06tjd9wcfafy8n890dhv42gpyq4znbx1a0xnhq5e1qwyf531fdhtyrwpsnvytdnqbc6dm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC60r1yCbZZOHtHJWZi9YPm8m-qA2Q4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02ODkwMjg3MjUwOTc1Njc5yAEJqQKoPV_hbl6yPqgDAcgDAqoE0wFP0Kj6kw_YJKaqynVRC8Hnh-WTyDHzfKXHZ_rcsLQB5fdswq73f1SuwrjWG901uYk-VZfUVwHrY6looc_oYIPBg5H-gWcC8OvQ6igX4rMn8v99a85xKLBDKieeThOnBWJWAIV7nc3tQ1h3Of0W14U2GuvaT9nDo5gKpyC1yaRPmIx3NrEQpL4FrahkVCxeGbiGtW2dpgfj8aBtHz_xqp-P2qc8V5ezIVXqWweMCs2A65jIwZ69H5rDMKnPRKEZb7dtKxUdd03matBexI7hY-uIJ6EZgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_19Dpq2VXb_6CFlO32pdhSDV2oglw%26client%3Dca-pub-6890287250975679%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 373251
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FwTunSYC1UAiJTi5XViS0ithvCE983sCGKM8sP9fgIBpfrUCw9IgH2LV4HMqYEUne3vy9f6%2FsRNcP%2FKiANYPqGjA1JfEeKtYFDVJn39j8mLXWujJs%2B1lrZaA56zabjrBa1oyR0W1w1s%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7f632a079c482c5d-FRA
expires: Sun, 13 Aug 2023 19:54:00 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame D40A 25 KB
10 KB 37ms
29ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j78d34eghtf3nwq5y499xqnagaffe228kh7jqfcyh6cn9tndazg16bgkqpf4417v9dgqtzjk6xf51sk2gx8m2ytxhpptzjcpvfz41jzpcf9t3kzvtt09fv0q2bs72pctrnmertwn2qdqc4b0rbmdg8prxben8p0rm3j3p1pk4bj2nr1gyxa6e0jhdm5ncd4s8q20q90yygw1zy8ymfq242w5shzqyysqs6ry5zecabzheppapta9p2f0bb2bcs46gt90jxz0kkqnasn6edat7fa5p1vn714wypge0rzxg8wq4twajaedryt9w7appna47rt13pcgmbbzrrr180t77xsxaspw30kbwj35pftqv7mrx3twz9crj2yc3f16c905dr06tjd9wcfafy8n890dhv42gpyq4znbx1a0xnhq5e1qwyf531fdhtyrwpsnvytdnqbc6dm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC60r1yCbZZOHtHJWZi9YPm8m-qA2Q4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02ODkwMjg3MjUwOTc1Njc5yAEJqQKoPV_hbl6yPqgDAcgDAqoE0wFP0Kj6kw_YJKaqynVRC8Hnh-WTyDHzfKXHZ_rcsLQB5fdswq73f1SuwrjWG901uYk-VZfUVwHrY6looc_oYIPBg5H-gWcC8OvQ6igX4rMn8v99a85xKLBDKieeThOnBWJWAIV7nc3tQ1h3Of0W14U2GuvaT9nDo5gKpyC1yaRPmIx3NrEQpL4FrahkVCxeGbiGtW2dpgfj8aBtHz_xqp-P2qc8V5ezIVXqWweMCs2A65jIwZ69H5rDMKnPRKEZb7dtKxUdd03matBexI7hY-uIJ6EZgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_19Dpq2VXb_6CFlO32pdhSDV2oglw%26client%3Dca-pub-6890287250975679%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 440613
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gvx5iFTaoqbU1tUNxcyJvLJUFpH37as%2Bet9tnqvIvVyhapcEsx6t3ekMqLwGcFuzpArKUYi%2B%2FvIBbh%2FfAKOlBeLIvdohsaCCZ5sN8CRN%2F0XeDvQL4rufPAs5PIHXkJZbHe2CAE4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7f632a07ac5c2c5d-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 08 Aug 2023 16:30:16 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame D40A 3 KB
4 KB 52ms
23ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 274
x-guploader-uploadid: ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2BySWioCNXS55FI3opbeTIlnhs6d6KvunaRstEGUYsQArWC5bc3Wzgl3v3Ug9wLWJnkqDVqxXzhdhzVqpNsngfz%2FwOpjgTuC4RzaUMdbl4TZSJerQtCCI47O0p%2FnRYnfC%2BJBsCp5im5%2F8u7h6zZ5%2FeE1"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7f632a081a8d30ee-FRA
expires: Sun, 13 Aug 2023 19:11:24 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 721D 2 KB
1 KB 38ms
37ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 315422
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7f632a07ea044dca-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 13 Aug 2023 18:54:00 GMT
expires: Wed, 09 Aug 2023 01:00:19 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rk8weu4O7RVZaV7v0%2BYnbwFuxemhPSFbVOmB9e3YLQZ%2F1OReBEE9DdbgBHdaQFCwQkUDVolwZV9VEfHDwYoaRh5y4lur6oiYFDxBz1opGtqjlL%2BYxauz3MmA6qRjzHi7w%2FQCTEU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F777 0
19 B 51ms
50ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C16PRyCbZZOHtHJWZi9YPm8m-qA2Q4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02ODkwMjg3MjUwOTc1Njc5yAEJqQKoPV_hbl6yPqgDAcgDAqoE0AFP0Kj6kw_YJKaqynVRC8Hnh-WTyDHzfKXHZ_rcsLQB5fdswq73f1SuwrjWG901uYk-VZfUVwHrY6looc_oYIPBg5H-gWcC8OvQ6igX4rMn8v99a85xKLBDKieeThOnBWJWAIV7nc3tQ1h3Of0W14U2GuvaT9nDo5gKpyC1yaRPmIx3NrEQpL4FrahkVCxeGbiGtW2dpgfj8aBtHz_xqp-P2qc8V5ezIVXqW0WOK19XEh-ICRn1iUCKolv2UKu0ZZl19pXfPt8e_s5y3Fs9_KtAgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY4OTAyODcyNTA5NzU2NzkYAA&sigh=jWg2mt7iBe4&uach_m=[UACH]&cid=CAQSOwBpAlJWjmkpHewm8iTS05S4HUcjq9Fw9NWxa4P4JNnzq4UYnmvB60GJWfKdk3cICatKWKtR1W3CwV4AGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=90&adk=3779524255&adf=3105276512&pi=t.aa~a.1914032700~i.10~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1519982746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2593758635&ad_type=text_image&format=800x90&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1691952840364&bpp=1&bdt=8446&idt=1&shv=r20230809&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42bad3304dedf295-226bd67f4fde0054%3AT%3D1691952834%3ART%3D1691952834%3AS%3DALNI_MYB4o_B8D4tbLMIbeFtKwmTS_tC2A&gpic=UID%3D00000c5fcfa824f4%3AT%3D1691952834%3ART%3D1691952834%3AS%3DALNI_MbNxk68aMjcpdIoVPDq5ZvmMOWy7g&prev_fmts=235x600%2C800x280%2C0x0&nras=2&correlator=3780434554067&frm=20&pv=1&ga_vid=1295465929.1691952835&ga_sid=1691952835&ga_hid=1885597197&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=2676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44798879%2C31076924%2C44795909%2C31076964&oid=2&psts=AOrYGsmv54FBC4UxYS48Ha0zR2LFwb2aTMN8HJty3fhByoYc18g3BPSdwb6YGFplWiWXXA892sGhSovdQ3-qzB04vHOz3Xs6%2CAOrYGsnUP257caReTNRiowr6ow2cROaOkGJrrQPqf053Dtvv1nEKs1ML22LC5lWHqT-A8uOPZhUKSUYipsWLv_HcVZBtJe8g&pvsid=3193668809667926&tmod=1914473906&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=GUCzwuxu1D&p=http%3A//lanterman.web.fc2.com&dtd=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 13 Aug 2023 18:54:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame F777 0
103 B 46ms
19ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jfmb8d6fg7qc5c1v9t076gva0gt2n4vg4x8j9pr6rdhe0n4wrm86gabtae63z00n78fc4ggk3rgyze59raz1s5t6m9ftfkxpa9ca4t7kfgeqrctqskpbsrk5xnn30erpdj0m56qf7cpg0tea8f2g6t13ewb2zekz54enxn02sh93pg0c4qanz9h9v531x5c61a8hb8pgva3c0evw1kamczqgahv050475cymv1j2bh11et2fg8d89jf4tvbtrxn5k49wws66vhajjm297cxw14g4dvqjtr57kh07q4v610k2enxa5zj0acd6mpwf2gfebszranjdhqmwx5e1rwbmgjztkgfnz331vhm921dc909nbpgs5mmk2904f9g3mb9mfay5x3x1wqwnm8&b=ZNkmyAAHNuEEwsyVAA-km4ZdEvgZvaMANXuwdg&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=90&adk=3779524255&adf=3105276512&pi=t.aa~a.1914032700~i.10~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1519982746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2593758635&ad_type=text_image&format=800x90&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1691952840364&bpp=1&bdt=8446&idt=1&shv=r20230809&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42bad3304dedf295-226bd67f4fde0054%3AT%3D1691952834%3ART%3D1691952834%3AS%3DALNI_MYB4o_B8D4tbLMIbeFtKwmTS_tC2A&gpic=UID%3D00000c5fcfa824f4%3AT%3D1691952834%3ART%3D1691952834%3AS%3DALNI_MbNxk68aMjcpdIoVPDq5ZvmMOWy7g&prev_fmts=235x600%2C800x280%2C0x0&nras=2&correlator=3780434554067&frm=20&pv=1&ga_vid=1295465929.1691952835&ga_sid=1691952835&ga_hid=1885597197&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=2676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44798879%2C31076924%2C44795909%2C31076964&oid=2&psts=AOrYGsmv54FBC4UxYS48Ha0zR2LFwb2aTMN8HJty3fhByoYc18g3BPSdwb6YGFplWiWXXA892sGhSovdQ3-qzB04vHOz3Xs6%2CAOrYGsnUP257caReTNRiowr6ow2cROaOkGJrrQPqf053Dtvv1nEKs1ML22LC5lWHqT-A8uOPZhUKSUYipsWLv_HcVZBtJe8g&pvsid=3193668809667926&tmod=1914473906&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=GUCzwuxu1D&p=http%3A//lanterman.web.fc2.com&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 13 Aug 2023 18:54:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

POST
H3 200 rs Show response
ad4m.at/ Frame D40A 1 KB
2 KB 47ms
47ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a205e570200efaadeb6d9ad4ada0343e919861eebbc25aae159baba0542d80b

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 13 Aug 2023 18:54:01 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqduLPnqA5mHPp7pb1VnX2qm2HpQc9McfbBKHGeeN1boN9bst5CooUGujzrKOCEPv%2Brkp%2B8t3Db9ZIGMkzmGHtVBWyvZV%2BIm9kNJTOHjfz%2F0NhaRaxEPveJsq49ZuaQdPSCHnzk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7f632a088fed03f4-FRA
x-backend-server: aa-reachservice-group-europe-west1-4jr5
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 46ms
33ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f632a085f5f03f4-FRA
content-length: 24
content-type: text/plain
date: Sun, 13 Aug 2023 18:54:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gyWB19KWTCa3dkQMM2Val9ZkIlzRsKvawOMKZGcouQ4UTaDKkA0DFR4R01ZOF7eY3zPdyxcnQDYBdZti03XEPZxb4%2B1mTX%2BU3ybBIALvkOcgn35zv4HomAbkMFppoDIAD0LL5MI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-4jr5

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame B9AB 9 KB
4 KB 36ms
35ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569%2C13957%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=728&d=90&e=&g=77c3aefb32654489428a86b2740731b2%2F9564557610929476764&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1691952841074&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hj1de4t47316cr29hy61f5kpa489k9mtm3x3eczznewqbm394h2hf15nbnnmscqar8g7a5njw2kz5vzc3hczg2jspsyzw11vjqe0eh5fkrsjqzhkjtm9bhbxswv23mahy8gadbvjyd1vx87d6fpa3nxfsdvxy9qbefvfkba852g3n25xa3f8em6aax322h1p7063v1ekrtwzvzq5xydk6x71p0nygrvq9ey7xzf9k19jyck2erwdstxx7d42xj1qe2en7cc5695pjtbay7zckaz%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC60r1yCbZZOHtHJWZi9YPm8m-qA2Q4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02ODkwMjg3MjUwOTc1Njc5yAEJqQKoPV_hbl6yPqgDAcgDAqoE0wFP0Kj6kw_YJKaqynVRC8Hnh-WTyDHzfKXHZ_rcsLQB5fdswq73f1SuwrjWG901uYk-VZfUVwHrY6looc_oYIPBg5H-gWcC8OvQ6igX4rMn8v99a85xKLBDKieeThOnBWJWAIV7nc3tQ1h3Of0W14U2GuvaT9nDo5gKpyC1yaRPmIx3NrEQpL4FrahkVCxeGbiGtW2dpgfj8aBtHz_xqp-P2qc8V5ezIVXqWweMCs2A65jIwZ69H5rDMKnPRKEZb7dtKxUdd03matBexI7hY-uIJ6EZgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_19Dpq2VXb_6CFlO32pdhSDV2oglw%2526client%253Dca-pub-6890287250975679%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3d731e829b5eea677f272ad13fe0de698971774397ca5a3643401dee478d1a8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1j78d34eghtf3nwq5y499xqnagaffe228kh7jqfcyh6cn9tndazg16bgkqpf4417v9dgqtzjk6xf51sk2gx8m2ytxhpptzjcpvfz41jzpcf9t3kzvtt09fv0q2bs72pctrnmertwn2qdqc4b0rbmdg8prxben8p0rm3j3p1pk4bj2nr1gyxa6e0jhdm5ncd4s8q20q90yygw1zy8ymfq242w5shzqyysqs6ry5zecabzheppapta9p2f0bb2bcs46gt90jxz0kkqnasn6edat7fa5p1vn714wypge0rzxg8wq4twajaedryt9w7appna47rt13pcgmbbzrrr180t77xsxaspw30kbwj35pftqv7mrx3twz9crj2yc3f16c905dr06tjd9wcfafy8n890dhv42gpyq4znbx1a0xnhq5e1qwyf531fdhtyrwpsnvytdnqbc6dm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC60r1yCbZZOHtHJWZi9YPm8m-qA2Q4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02ODkwMjg3MjUwOTc1Njc5yAEJqQKoPV_hbl6yPqgDAcgDAqoE0wFP0Kj6kw_YJKaqynVRC8Hnh-WTyDHzfKXHZ_rcsLQB5fdswq73f1SuwrjWG901uYk-VZfUVwHrY6looc_oYIPBg5H-gWcC8OvQ6igX4rMn8v99a85xKLBDKieeThOnBWJWAIV7nc3tQ1h3Of0W14U2GuvaT9nDo5gKpyC1yaRPmIx3NrEQpL4FrahkVCxeGbiGtW2dpgfj8aBtHz_xqp-P2qc8V5ezIVXqWweMCs2A65jIwZ69H5rDMKnPRKEZb7dtKxUdd03matBexI7hY-uIJ6EZgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_19Dpq2VXb_6CFlO32pdhSDV2oglw%26client%3Dca-pub-6890287250975679%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7f632a08db814dca-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 18:54:01 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame B9AB 114 KB
14 KB 24ms
23ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=728&d=90&e=&g=77c3aefb32654489428a86b2740731b2%2F9564557610929476764&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1691952841074&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hj1de4t47316cr29hy61f5kpa489k9mtm3x3eczznewqbm394h2hf15nbnnmscqar8g7a5njw2kz5vzc3hczg2jspsyzw11vjqe0eh5fkrsjqzhkjtm9bhbxswv23mahy8gadbvjyd1vx87d6fpa3nxfsdvxy9qbefvfkba852g3n25xa3f8em6aax322h1p7063v1ekrtwzvzq5xydk6x71p0nygrvq9ey7xzf9k19jyck2erwdstxx7d42xj1qe2en7cc5695pjtbay7zckaz%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC60r1yCbZZOHtHJWZi9YPm8m-qA2Q4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02ODkwMjg3MjUwOTc1Njc5yAEJqQKoPV_hbl6yPqgDAcgDAqoE0wFP0Kj6kw_YJKaqynVRC8Hnh-WTyDHzfKXHZ_rcsLQB5fdswq73f1SuwrjWG901uYk-VZfUVwHrY6looc_oYIPBg5H-gWcC8OvQ6igX4rMn8v99a85xKLBDKieeThOnBWJWAIV7nc3tQ1h3Of0W14U2GuvaT9nDo5gKpyC1yaRPmIx3NrEQpL4FrahkVCxeGbiGtW2dpgfj8aBtHz_xqp-P2qc8V5ezIVXqWweMCs2A65jIwZ69H5rDMKnPRKEZb7dtKxUdd03matBexI7hY-uIJ6EZgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_19Dpq2VXb_6CFlO32pdhSDV2oglw%2526client%253Dca-pub-6890287250975679%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=728&d=90&e=&g=77c3aefb32654489428a86b2740731b2%2F9564557610929476764&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1691952841074&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hj1de4t47316cr29hy61f5kpa489k9mtm3x3eczznewqbm394h2hf15nbnnmscqar8g7a5njw2kz5vzc3hczg2jspsyzw11vjqe0eh5fkrsjqzhkjtm9bhbxswv23mahy8gadbvjyd1vx87d6fpa3nxfsdvxy9qbefvfkba852g3n25xa3f8em6aax322h1p7063v1ekrtwzvzq5xydk6x71p0nygrvq9ey7xzf9k19jyck2erwdstxx7d42xj1qe2en7cc5695pjtbay7zckaz%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC60r1yCbZZOHtHJWZi9YPm8m-qA2Q4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02ODkwMjg3MjUwOTc1Njc5yAEJqQKoPV_hbl6yPqgDAcgDAqoE0wFP0Kj6kw_YJKaqynVRC8Hnh-WTyDHzfKXHZ_rcsLQB5fdswq73f1SuwrjWG901uYk-VZfUVwHrY6looc_oYIPBg5H-gWcC8OvQ6igX4rMn8v99a85xKLBDKieeThOnBWJWAIV7nc3tQ1h3Of0W14U2GuvaT9nDo5gKpyC1yaRPmIx3NrEQpL4FrahkVCxeGbiGtW2dpgfj8aBtHz_xqp-P2qc8V5ezIVXqWweMCs2A65jIwZ69H5rDMKnPRKEZb7dtKxUdd03matBexI7hY-uIJ6EZgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_19Dpq2VXb_6CFlO32pdhSDV2oglw%2526client%253Dca-pub-6890287250975679%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 574621
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5i22KFQseROYW8MNBIXxfPXJpi%2B1MBmIY7AJnoBBFKYi1qRsQAsa3ZC7Jib2nL0YXK%2B0ZXCr6p%2F9L1Fv8z1Z%2BU9DdJRG7lYmosRp2M%2FMDHTxYwWOBXK4oYH2F03%2BvbBpx5O4D7iixUA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7f632a091bdb4dca-FRA
expires: Sun, 13 Aug 2023 19:54:01 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame B9AB 2 KB
3 KB 39ms
30ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=728&d=90&e=&g=77c3aefb32654489428a86b2740731b2%2F9564557610929476764&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1691952841074&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hj1de4t47316cr29hy61f5kpa489k9mtm3x3eczznewqbm394h2hf15nbnnmscqar8g7a5njw2kz5vzc3hczg2jspsyzw11vjqe0eh5fkrsjqzhkjtm9bhbxswv23mahy8gadbvjyd1vx87d6fpa3nxfsdvxy9qbefvfkba852g3n25xa3f8em6aax322h1p7063v1ekrtwzvzq5xydk6x71p0nygrvq9ey7xzf9k19jyck2erwdstxx7d42xj1qe2en7cc5695pjtbay7zckaz%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC60r1yCbZZOHtHJWZi9YPm8m-qA2Q4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02ODkwMjg3MjUwOTc1Njc5yAEJqQKoPV_hbl6yPqgDAcgDAqoE0wFP0Kj6kw_YJKaqynVRC8Hnh-WTyDHzfKXHZ_rcsLQB5fdswq73f1SuwrjWG901uYk-VZfUVwHrY6looc_oYIPBg5H-gWcC8OvQ6igX4rMn8v99a85xKLBDKieeThOnBWJWAIV7nc3tQ1h3Of0W14U2GuvaT9nDo5gKpyC1yaRPmIx3NrEQpL4FrahkVCxeGbiGtW2dpgfj8aBtHz_xqp-P2qc8V5ezIVXqWweMCs2A65jIwZ69H5rDMKnPRKEZb7dtKxUdd03matBexI7hY-uIJ6EZgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_19Dpq2VXb_6CFlO32pdhSDV2oglw%2526client%253Dca-pub-6890287250975679%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160751
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I06acaIeKyIfcIBPXggbL3b50WsjqlaNT40FrreihP5odxj8XJwTRGlKWDGUl3JZhOc2nqUvJUd7UE8qeOQvx1Qw1bVTwKV4Xy%2BGqFywPhw%2BnZRh8TiowSOSVjdsyzwt0CrA8ojS0Sn6rCti"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f632a092e7a2c5d-FRA
expires: Mon, 14 Aug 2023 18:54:01 GMT

GET
H2 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame B9AB 253 KB
254 KB 39ms
33ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=728&d=90&e=&g=77c3aefb32654489428a86b2740731b2%2F9564557610929476764&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1691952841074&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hj1de4t47316cr29hy61f5kpa489k9mtm3x3eczznewqbm394h2hf15nbnnmscqar8g7a5njw2kz5vzc3hczg2jspsyzw11vjqe0eh5fkrsjqzhkjtm9bhbxswv23mahy8gadbvjyd1vx87d6fpa3nxfsdvxy9qbefvfkba852g3n25xa3f8em6aax322h1p7063v1ekrtwzvzq5xydk6x71p0nygrvq9ey7xzf9k19jyck2erwdstxx7d42xj1qe2en7cc5695pjtbay7zckaz%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC60r1yCbZZOHtHJWZi9YPm8m-qA2Q4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02ODkwMjg3MjUwOTc1Njc5yAEJqQKoPV_hbl6yPqgDAcgDAqoE0wFP0Kj6kw_YJKaqynVRC8Hnh-WTyDHzfKXHZ_rcsLQB5fdswq73f1SuwrjWG901uYk-VZfUVwHrY6looc_oYIPBg5H-gWcC8OvQ6igX4rMn8v99a85xKLBDKieeThOnBWJWAIV7nc3tQ1h3Of0W14U2GuvaT9nDo5gKpyC1yaRPmIx3NrEQpL4FrahkVCxeGbiGtW2dpgfj8aBtHz_xqp-P2qc8V5ezIVXqWweMCs2A65jIwZ69H5rDMKnPRKEZb7dtKxUdd03matBexI7hY-uIJ6EZgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_19Dpq2VXb_6CFlO32pdhSDV2oglw%2526client%253Dca-pub-6890287250975679%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2363605
cf-polished: origFmt=png, origSize=431531
alt-svc: h3=":443"; ma=86400
content-length: 259252
cf-bgj: imgq:85,h2pri
last-modified: Fri, 16 Jun 2023 10:20:07 GMT
server: cloudflare
etag: "16f7fe8ce7119ba0f513f8179ecb2d3a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wrx9LBcgAgj%2BTYTSSU1XKqPGw39DiFQoQx3od4NQt8OrEX%2FcQDqe%2BrS0nk3poaHW7NXN1Z%2Fj4242Iqu60x5y6oOFbysKg6KdAhqrMUDGKSoBYwU4juZUQnnzHZ%2BOVIzNrhwBXYKi0yuj0dDu"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f632a092e812c5d-FRA
expires: Mon, 14 Aug 2023 18:54:01 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame B9AB 43 B
703 B 112ms
79ms Image
image/gif 104.77.35.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=728&d=90&e=&g=77c3aefb32654489428a86b2740731b2%2F9564557610929476764&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1691952841074&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hj1de4t47316cr29hy61f5kpa489k9mtm3x3eczznewqbm394h2hf15nbnnmscqar8g7a5njw2kz5vzc3hczg2jspsyzw11vjqe0eh5fkrsjqzhkjtm9bhbxswv23mahy8gadbvjyd1vx87d6fpa3nxfsdvxy9qbefvfkba852g3n25xa3f8em6aax322h1p7063v1ekrtwzvzq5xydk6x71p0nygrvq9ey7xzf9k19jyck2erwdstxx7d42xj1qe2en7cc5695pjtbay7zckaz%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC60r1yCbZZOHtHJWZi9YPm8m-qA2Q4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02ODkwMjg3MjUwOTc1Njc5yAEJqQKoPV_hbl6yPqgDAcgDAqoE0wFP0Kj6kw_YJKaqynVRC8Hnh-WTyDHzfKXHZ_rcsLQB5fdswq73f1SuwrjWG901uYk-VZfUVwHrY6looc_oYIPBg5H-gWcC8OvQ6igX4rMn8v99a85xKLBDKieeThOnBWJWAIV7nc3tQ1h3Of0W14U2GuvaT9nDo5gKpyC1yaRPmIx3NrEQpL4FrahkVCxeGbiGtW2dpgfj8aBtHz_xqp-P2qc8V5ezIVXqWweMCs2A65jIwZ69H5rDMKnPRKEZb7dtKxUdd03matBexI7hY-uIJ6EZgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_19Dpq2VXb_6CFlO32pdhSDV2oglw%2526client%253Dca-pub-6890287250975679%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.77.35.11 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-35-11.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Aug 2023 18:54:01 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame B9AB 53 KB
54 KB 27ms
20ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=728&d=90&e=&g=77c3aefb32654489428a86b2740731b2%2F9564557610929476764&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1691952841074&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hj1de4t47316cr29hy61f5kpa489k9mtm3x3eczznewqbm394h2hf15nbnnmscqar8g7a5njw2kz5vzc3hczg2jspsyzw11vjqe0eh5fkrsjqzhkjtm9bhbxswv23mahy8gadbvjyd1vx87d6fpa3nxfsdvxy9qbefvfkba852g3n25xa3f8em6aax322h1p7063v1ekrtwzvzq5xydk6x71p0nygrvq9ey7xzf9k19jyck2erwdstxx7d42xj1qe2en7cc5695pjtbay7zckaz%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC60r1yCbZZOHtHJWZi9YPm8m-qA2Q4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02ODkwMjg3MjUwOTc1Njc5yAEJqQKoPV_hbl6yPqgDAcgDAqoE0wFP0Kj6kw_YJKaqynVRC8Hnh-WTyDHzfKXHZ_rcsLQB5fdswq73f1SuwrjWG901uYk-VZfUVwHrY6looc_oYIPBg5H-gWcC8OvQ6igX4rMn8v99a85xKLBDKieeThOnBWJWAIV7nc3tQ1h3Of0W14U2GuvaT9nDo5gKpyC1yaRPmIx3NrEQpL4FrahkVCxeGbiGtW2dpgfj8aBtHz_xqp-P2qc8V5ezIVXqWweMCs2A65jIwZ69H5rDMKnPRKEZb7dtKxUdd03matBexI7hY-uIJ6EZgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_19Dpq2VXb_6CFlO32pdhSDV2oglw%2526client%253Dca-pub-6890287250975679%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 957581
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIFJPVAXM0wPiCt76mUS7i9A3n5AmHILY%2F1cPmjUa8ZHgAAiyKH4Cu17kr30HmwsQWhDk12K5nSyOp7uQhNL%2Bd7VRayLJCJ7pBE2eAs6ziZfSwv%2BblqLTdJ2ZGpUCZUv%2BrGSzeHGD6pfvhY1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f632a092e7e2c5d-FRA
expires: Mon, 14 Aug 2023 18:54:01 GMT

GET
H2 200 AC141A5CBB54977B2534F8C53AC3663BEDFA436FAE3ACD4988B6899C9BB97ACFAD4B76B4BA1B0B0E1691596C153E31B849811DF48CAC56F53701C63564F90B6A
assets.ad4m.at/product_image/ Frame B9AB 33 KB
34 KB 36ms
30ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/AC141A5CBB54977B2534F8C53AC3663BEDFA436FAE3ACD4988B6899C9BB97ACFAD4B76B4BA1B0B0E1691596C153E31B849811DF48CAC56F53701C63564F90B6A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=728&d=90&e=&g=77c3aefb32654489428a86b2740731b2%2F9564557610929476764&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1691952841074&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hj1de4t47316cr29hy61f5kpa489k9mtm3x3eczznewqbm394h2hf15nbnnmscqar8g7a5njw2kz5vzc3hczg2jspsyzw11vjqe0eh5fkrsjqzhkjtm9bhbxswv23mahy8gadbvjyd1vx87d6fpa3nxfsdvxy9qbefvfkba852g3n25xa3f8em6aax322h1p7063v1ekrtwzvzq5xydk6x71p0nygrvq9ey7xzf9k19jyck2erwdstxx7d42xj1qe2en7cc5695pjtbay7zckaz%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC60r1yCbZZOHtHJWZi9YPm8m-qA2Q4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02ODkwMjg3MjUwOTc1Njc5yAEJqQKoPV_hbl6yPqgDAcgDAqoE0wFP0Kj6kw_YJKaqynVRC8Hnh-WTyDHzfKXHZ_rcsLQB5fdswq73f1SuwrjWG901uYk-VZfUVwHrY6looc_oYIPBg5H-gWcC8OvQ6igX4rMn8v99a85xKLBDKieeThOnBWJWAIV7nc3tQ1h3Of0W14U2GuvaT9nDo5gKpyC1yaRPmIx3NrEQpL4FrahkVCxeGbiGtW2dpgfj8aBtHz_xqp-P2qc8V5ezIVXqWweMCs2A65jIwZ69H5rDMKnPRKEZb7dtKxUdd03matBexI7hY-uIJ6EZgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_19Dpq2VXb_6CFlO32pdhSDV2oglw%2526client%253Dca-pub-6890287250975679%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e71afd53d34b1a32c15ee776f34aa51869e45820afcc130ee01477b7e9e275e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 401502
cf-polished: qual=85, origFmt=jpeg, origSize=156576
alt-svc: h3=":443"; ma=86400
content-length: 34068
cf-bgj: imgq:85,h2pri
last-modified: Tue, 19 Oct 2021 12:48:35 GMT
server: cloudflare
etag: "451fa9b02ae7953b9311aefac697be7e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFmlbba%2BuNKD0AWDI3QFm0cwEXH9R2%2ByNKR1Sceb8rBplGAnD%2B3ChaU02WXFAZcCq87G%2B2duUfceULkvURFLgB8ZdX1UTHh1TVV0ECI1Y9HCPjW24fiyx8iv8DZmMVb6j3feVkUQ%2FI1IrsuT"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f632a092e7f2c5d-FRA
expires: Mon, 14 Aug 2023 18:54:01 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame B9AB
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNH-zMCn2oADFazzEQgdmx8Nuw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117683V1226132702M&subid=viewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117683V1226132702M&subid=viewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023081320540187860314039X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite...

49 B
1 KB

56ms
21ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023081320540187860314039X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023081320540187860314039X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117683&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=728&d=90&e=&g=77c3aefb32654489428a86b2740731b2%2F9564557610929476764&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1691952841074&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hj1de4t47316cr29hy61f5kpa489k9mtm3x3eczznewqbm394h2hf15nbnnmscqar8g7a5njw2kz5vzc3hczg2jspsyzw11vjqe0eh5fkrsjqzhkjtm9bhbxswv23mahy8gadbvjyd1vx87d6fpa3nxfsdvxy9qbefvfkba852g3n25xa3f8em6aax322h1p7063v1ekrtwzvzq5xydk6x71p0nygrvq9ey7xzf9k19jyck2erwdstxx7d42xj1qe2en7cc5695pjtbay7zckaz%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC60r1yCbZZOHtHJWZi9YPm8m-qA2Q4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02ODkwMjg3MjUwOTc1Njc5yAEJqQKoPV_hbl6yPqgDAcgDAqoE0wFP0Kj6kw_YJKaqynVRC8Hnh-WTyDHzfKXHZ_rcsLQB5fdswq73f1SuwrjWG901uYk-VZfUVwHrY6looc_oYIPBg5H-gWcC8OvQ6igX4rMn8v99a85xKLBDKieeThOnBWJWAIV7nc3tQ1h3Of0W14U2GuvaT9nDo5gKpyC1yaRPmIx3NrEQpL4FrahkVCxeGbiGtW2dpgfj8aBtHz_xqp-P2qc8V5ezIVXqWweMCs2A65jIwZ69H5rDMKnPRKEZb7dtKxUdd03matBexI7hY-uIJ6EZgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_19Dpq2VXb_6CFlO32pdhSDV2oglw%2526client%253Dca-pub-6890287250975679%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:54:01 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023081320540187860314039X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023081320540187860314039X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117683&partnerid=12218
date: Sun, 13 Aug 2023 18:54:01 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame B9AB 10 KB
10 KB 30ms
24ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=728&d=90&e=&g=77c3aefb32654489428a86b2740731b2%2F9564557610929476764&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1691952841074&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hj1de4t47316cr29hy61f5kpa489k9mtm3x3eczznewqbm394h2hf15nbnnmscqar8g7a5njw2kz5vzc3hczg2jspsyzw11vjqe0eh5fkrsjqzhkjtm9bhbxswv23mahy8gadbvjyd1vx87d6fpa3nxfsdvxy9qbefvfkba852g3n25xa3f8em6aax322h1p7063v1ekrtwzvzq5xydk6x71p0nygrvq9ey7xzf9k19jyck2erwdstxx7d42xj1qe2en7cc5695pjtbay7zckaz%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC60r1yCbZZOHtHJWZi9YPm8m-qA2Q4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02ODkwMjg3MjUwOTc1Njc5yAEJqQKoPV_hbl6yPqgDAcgDAqoE0wFP0Kj6kw_YJKaqynVRC8Hnh-WTyDHzfKXHZ_rcsLQB5fdswq73f1SuwrjWG901uYk-VZfUVwHrY6looc_oYIPBg5H-gWcC8OvQ6igX4rMn8v99a85xKLBDKieeThOnBWJWAIV7nc3tQ1h3Of0W14U2GuvaT9nDo5gKpyC1yaRPmIx3NrEQpL4FrahkVCxeGbiGtW2dpgfj8aBtHz_xqp-P2qc8V5ezIVXqWweMCs2A65jIwZ69H5rDMKnPRKEZb7dtKxUdd03matBexI7hY-uIJ6EZgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_19Dpq2VXb_6CFlO32pdhSDV2oglw%2526client%253Dca-pub-6890287250975679%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 405726
cf-polished: qual=85, origFmt=jpeg, origSize=58124
alt-svc: h3=":443"; ma=86400
content-length: 9782
cf-bgj: imgq:85,h2pri
last-modified: Fri, 08 Jul 2022 10:19:52 GMT
server: cloudflare
etag: "b4342e277c43aad9c5020a04564bfd1e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V1ZNC0171lADD49go0eyuNjhNDZHyQwqCgAr7aueV0V3Bqg85aP%2BB8ZUcBHMyqBfM4zFwXSn%2BIFaGN%2B3Eq8ZxOwniaQwC6vqTDU7p2ds1D%2Bv%2B5tHjeKQV1gLvtfLxhCy2ZsjiJZXQxWOvy9p"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f632a092e802c5d-FRA
expires: Mon, 14 Aug 2023 18:54:01 GMT

GET
H2 200 279BCE6B9568D9AE2B8C70E08B2EFB9090E70FAF0A57016F1FF1164C3FD10E76FA99D7B60FDBA51FCD5C0021F8A6AF19B45972E81F9CF2D592514708334D146B
assets.ad4m.at/ Frame B9AB 48 KB
48 KB 34ms
28ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/279BCE6B9568D9AE2B8C70E08B2EFB9090E70FAF0A57016F1FF1164C3FD10E76FA99D7B60FDBA51FCD5C0021F8A6AF19B45972E81F9CF2D592514708334D146B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=728&d=90&e=&g=77c3aefb32654489428a86b2740731b2%2F9564557610929476764&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1691952841074&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hj1de4t47316cr29hy61f5kpa489k9mtm3x3eczznewqbm394h2hf15nbnnmscqar8g7a5njw2kz5vzc3hczg2jspsyzw11vjqe0eh5fkrsjqzhkjtm9bhbxswv23mahy8gadbvjyd1vx87d6fpa3nxfsdvxy9qbefvfkba852g3n25xa3f8em6aax322h1p7063v1ekrtwzvzq5xydk6x71p0nygrvq9ey7xzf9k19jyck2erwdstxx7d42xj1qe2en7cc5695pjtbay7zckaz%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC60r1yCbZZOHtHJWZi9YPm8m-qA2Q4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02ODkwMjg3MjUwOTc1Njc5yAEJqQKoPV_hbl6yPqgDAcgDAqoE0wFP0Kj6kw_YJKaqynVRC8Hnh-WTyDHzfKXHZ_rcsLQB5fdswq73f1SuwrjWG901uYk-VZfUVwHrY6looc_oYIPBg5H-gWcC8OvQ6igX4rMn8v99a85xKLBDKieeThOnBWJWAIV7nc3tQ1h3Of0W14U2GuvaT9nDo5gKpyC1yaRPmIx3NrEQpL4FrahkVCxeGbiGtW2dpgfj8aBtHz_xqp-P2qc8V5ezIVXqWweMCs2A65jIwZ69H5rDMKnPRKEZb7dtKxUdd03matBexI7hY-uIJ6EZgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_19Dpq2VXb_6CFlO32pdhSDV2oglw%2526client%253Dca-pub-6890287250975679%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b34452c32ec1393e9f2ae9d849683de6302ffad75c1ea07b272b2612a3e4608

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1818166
cf-polished: qual=85, origFmt=jpeg, origSize=118462
alt-svc: h3=":443"; ma=86400
content-length: 48886
cf-bgj: imgq:85,h2pri
last-modified: Mon, 22 May 2023 10:37:58 GMT
server: cloudflare
etag: "e187204ef9c8be7cf929e4efd6627a4d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twE7HKcPBFUA8DipUcbMCePVUihPsbABFwV51H2NNrBYPGNY838jShtmIJJFKKGziBfLp3m%2BvbQBh48K7PQfZc%2F%2BjOoxHAkq%2BeCCOgo3Tl%2FkbC1jCcopnS30c3PeYY1%2BNATXp1urybvWvIUm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f632a092e7d2c5d-FRA
expires: Mon, 14 Aug 2023 18:54:01 GMT

GET
H2

200

view.aspx
pb.media01.eu/ Frame B9AB
Redirect Chain

https://pv.medialead.de/trck/epv/2aed39855b5f46b777481d90b61d111f?t=htlp&subid=oneidzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3koneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3koneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=4566...

0
606 B

51ms
20ms

Image
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3koneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=456654&produktid=Freshmoney&dt_url=

Requested by

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:01 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sun, 13 Aug 2023 08:54:01 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sun, 13 Aug 2023 18:54:01 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Host: pv.medialead.de
X-IPLB-Request-ID: 50FF0AC9:B6B6_91EFC182:01BB_64D926C9_261A20:B82B
X-IPLB-Instance: 40028
Vary: Origin
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3koneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=456654&produktid=Freshmoney&dt_url=
Access-Control-Expose-Headers: X-Request-ID
Access-Control-Allow-Credentials: true
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H2 200 f.js Show response
cdn-fluct.sh.adingo.jp/ Frame F286 3 KB
3 KB 285ms
263ms Script
application/javascript 130.211.14.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000107338
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.14.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.14.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 94f36b60ffa01cf673284849dc3558bc77f69ade38897f6b9d88d831e803bf7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:01 GMT
via: 1.1 google
last-modified: Mon, 12 Apr 2021 01:23:17 GMT
server: nginx
etag: "cf5ec206a0bc2705586f1c0fb0bd458b"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2747
expires: Sun, 13 Aug 2023 19:54:01 GMT

GET
H/1.1 200
200 ic
ssp.send.microadinc.com/ Frame 0C1D 43 B
340 B 804ms
248ms Image
image/gif 202.233.84.10
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microadinc.com/ic?ep=5ZNkmyRsPfYCi7-tEAI6Y4tocE73xSb5p0wXjlwnpN7xOp49tEO_YLNovMZyycL5UJzlU-0gblgki3ekZ6C81rYFCjV0JCz_VeiuWBiPv0Rz2HwaasnW1WhU7DeJJMk3LpDRgFIFK4X83
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1188/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.10 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:54:02 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: image/gif
Connection: close
Content-Length: 57

GET
H2 200 f.js Show response
cdn-fluct.sh.adingo.jp/ Frame 2A3F 3 KB
3 KB 263ms
262ms Script
application/javascript 130.211.14.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000107337
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.14.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.14.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 94f36b60ffa01cf673284849dc3558bc77f69ade38897f6b9d88d831e803bf7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:01 GMT
via: 1.1 google
last-modified: Mon, 12 Apr 2021 01:23:17 GMT
server: nginx
etag: "cf5ec206a0bc2705586f1c0fb0bd458b"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2747
expires: Sun, 13 Aug 2023 19:54:01 GMT

GET
H/1.1 200
200 ic
ssp.send.microadinc.com/ Frame E48A 43 B
340 B 788ms
271ms Image
image/gif 202.233.84.10
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microadinc.com/ic?ep=5ZNkmyR6yRsDNFm3xs-LRPweoqscwvwY0TBbmbWbg142ap3qJYQN_wVhjxlnE6M6jhelfotFFwnxTMU71Y2PHaPfa_aqr2zeD4nTDclMDdvF0U_JexezErLbrBrXQbBxYCD3keQOzaDX0
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1187/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.10 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:54:02 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: image/gif
Connection: close
Content-Length: 57

GET
H2 200 / Show response
sh.adingo.jp/ Frame F286 3 KB
2 KB 711ms
239ms Script
application/x-javascript 54.199.241.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.adingo.jp/?G=1000107338&href=http%3A%2F%2Flanterman.web.fc2.com%2F&serial=95785401900662&guid=ON

Requested by

Host: cdn-fluct.sh.adingo.jp
URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000107338

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.199.241.78 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-199-241-78.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e5a607a148533153dd23f25fd3cbfce24b536794c6f594ed5416dee2fa2103c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 18:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 13 Aug 2023 18:54:02 GMT
server: nginx
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
cache-control: no-cache, must-revalidate
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
sh.adingo.jp/ Frame 2A3F 3 KB
2 KB 672ms
238ms Script
application/x-javascript 54.199.241.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.adingo.jp/?G=1000107337&href=http%3A%2F%2Flanterman.web.fc2.com%2F&serial=39071886341896&guid=ON

Requested by

Host: cdn-fluct.sh.adingo.jp
URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000107337

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.199.241.78 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-199-241-78.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c3a4d6cf16cfd7b84e2ffe8b57ffd30113246cd709c7f7bd8ac406daa81525f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 18:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 13 Aug 2023 18:54:02 GMT
server: nginx
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
cache-control: no-cache, must-revalidate
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

compass.js Show response
jgl.microad.net/js/ Frame 2A3F
Redirect Chain

https://j.microad.net/js/compass.js
https://jgl.microad.net/js/compass.js

128 KB
30 KB

257ms
257ms

Script
application/javascript

14.0.41.202
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://jgl.microad.net/js/compass.js
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1187/
Protocol: H2
Server: 14.0.41.202 Osaka, Japan, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: aa7469f638262821f7ff37616788f67addec2140d47b6d4396a98d0e11391e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:02 GMT
content-encoding: gzip
via: 1.1 PSrbJP1ww66:0 (W), 1.1 PSrbdbOSA1ap90:9 (W)
last-modified: Tue, 11 Jul 2023 01:36:36 GMT
server: PWS/8.3.1.0.8
etag: "1ff4f-gzip"
x-ws-request-id: 64d926ca_PSrbdbOSA1rw96_31854-252
content-type: application/javascript
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
cache-control: max-age=604800
x-px: ht PSrbdbOSA1ap90KIX
accept-ranges: bytes
content-length: 29980
expires: Sat, 19 Aug 2023 08:14:23 GMT

Redirect headers

date: Sun, 13 Aug 2023 18:54:02 GMT
via: 1.0 PSrbdbOSA1gs91:18 (W)
server: PWS/8.3.1.0.8
x-ws-request-id: 64d926ca_PSrbdbOSA1rw96_31854-230
location: https://jgl.microad.net/js/compass.js
access-control-allow-origin: *
cache-control: no-cache
x-px: -
content-length: 0

GET
H2 200 /
i.adingo.jp/ Frame 2A3F 43 B
294 B 707ms
230ms Image
image/gif 3.114.87.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.adingo.jp/?p=uo2HHPPlLZSWNgyXJRUQsaDtDd1qsj7_3GytRq-cXvxF5V8K0oBS2Gu7qlic9fefxhQVWrn79miGWhOA3gGl6GHTG9qTgXHadbZJVP4-JFRMY57pYlPabO4cMCrtig2GL0dLiKOqWWJn3SM4TQ2NhKknLSnHtuE-_igvMGFnuAKStgGEtTfTbvbTLx6ONEvRrL7V9jo-HoXmaD3wG5dvKm9Sp7RsF-MUF0PtEG9XGPoDeuQrWsKbWGVWfVe9NFWXGuFAnCL5MxrT4e6ASsy5gBO1vUVflUlzHUypsg..&k=3&v=MdyiPHiuOQ61Un__
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1187/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.87.100 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-87-100.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 18:54:03 GMT
server: openresty
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 43
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2

200

compass.js Show response
jgl.microad.net/js/ Frame F286
Redirect Chain

https://j.microad.net/js/compass.js
https://jgl.microad.net/js/compass.js

128 KB
30 KB

299ms
299ms

Script
application/javascript

14.0.41.202
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://jgl.microad.net/js/compass.js
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1188/
Protocol: H2
Server: 14.0.41.202 Osaka, Japan, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: aa7469f638262821f7ff37616788f67addec2140d47b6d4396a98d0e11391e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:54:02 GMT
content-encoding: gzip
via: 1.1 PSrbJP1ww66:0 (W), 1.1 PSrbdbOSA1ap90:9 (W)
last-modified: Tue, 11 Jul 2023 01:36:36 GMT
server: PWS/8.3.1.0.8
etag: "1ff4f-gzip"
x-ws-request-id: 64d926ca_PSrbdbOSA1rw96_31854-253
content-type: application/javascript
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
cache-control: max-age=604800
x-px: ht PSrbdbOSA1ap90KIX
accept-ranges: bytes
content-length: 29980
expires: Sat, 19 Aug 2023 08:14:23 GMT

Redirect headers

date: Sun, 13 Aug 2023 18:54:02 GMT
via: 1.0 PSrbdbOSA1rw96:19 (W)
server: PWS/8.3.1.0.8
x-ws-request-id: 64d926ca_PSrbdbOSA1rw96_31854-231
location: https://jgl.microad.net/js/compass.js
access-control-allow-origin: *
cache-control: no-cache
x-px: -
content-length: 0

GET
H2 200 /
i.adingo.jp/ Frame F286 43 B
293 B 705ms
231ms Image
image/gif 3.114.87.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.adingo.jp/?p=HSiV-2cK_yreRAX5w1tjgWgg2rJOqgX_OjNGzsRZyRVfezB2tYbii7zOsDQ1H54XYYtb2Zt2ekSbARQ7qM42viEdVBh7OSirAeL7MCTCglRsIKM9ONODHQzwajX13qhrxVdqxWQHPbICrgtLwOvwZtL1H9vh2uo2KiTypZlu8LUwsZf0SoxDfThvCKHnDYXmvwJLJExwGHQIMFhEjsly7SGk5Ey1aJN-CGRYD3w1suEnmqGNxOT1ZNc57cM-EgJ25YS72fD1KLj-DNdxncuVmA3VPwLTp5NrMGDj&k=3&v=grKytcdbZ3cAWEll
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1188/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.87.100 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-87-100.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 18:54:03 GMT
server: openresty
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 43
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cookie_loader.html Show response
cache.send.microadinc.com/js/ Frame 77A1 2 KB
2 KB 17ms
17ms Document
text/html 18.165.227.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microadinc.com/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.227.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-227-72.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: https://media5.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 34753
content-length: 1909
content-type: text/html
date: Sun, 13 Aug 2023 09:14:51 GMT
etag: "10cf9c751f3fdad8c8784c6bf8cee57a"
last-modified: Thu, 28 Oct 2021 12:57:38 GMT
server: AmazonS3
via: 1.1 5fb9e0c21a061d26e0a1e7ca612b7004.cloudfront.net (CloudFront)
x-amz-cf-id: gMQTL2lWidR-FwZYbeLLLnvZfLQ8qcJiq6_TBgVwrvag1yjVK2mMtA==
x-amz-cf-pop: LHR61-P5
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7
x-cache: Hit from cloudfront

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ Frame 2A3F 6 KB
3 KB 14ms
13ms Script
application/javascript 2a02:26f0:3500:c::5c7b:680f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:680f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Sun, 13 Aug 2023 18:54:03 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H/1.1 200
200 ad Show response
s-rtb.send.microadinc.com/ Frame 2A3F 2 KB
3 KB 253ms
252ms Script
text/javascript 202.233.84.9
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microadinc.com/ad?spot=e758bea8b3b21580d0e3c10a2259b09c&cb=microadCompass.AdRequestor.callback&url=https%3A%2F%2Fmedia5.fc2.com%2F1187%2F&referrer=https%3A%2F%2Fmedia5.fc2.com%2F1187%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=9dc0b857234e980189f03f89a3

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.9 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

2454bc41728471757d1b4b2368d6e9ccab0fcfa579693d9e8e07b2789de6eb35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:54:03 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: text/javascript;charset=UTF-8
Connection: close
Content-Length: 2413
X-XSS-Protection: 1; mode=block

GET
H2 200 cookie_loader.html Show response
cache.send.microadinc.com/js/ Frame 1800 2 KB
2 KB 17ms
17ms Document
text/html 18.165.227.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microadinc.com/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.227.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-227-72.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: https://media5.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 34753
content-length: 1909
content-type: text/html
date: Sun, 13 Aug 2023 09:14:51 GMT
etag: "10cf9c751f3fdad8c8784c6bf8cee57a"
last-modified: Thu, 28 Oct 2021 12:57:38 GMT
server: AmazonS3
via: 1.1 5fb9e0c21a061d26e0a1e7ca612b7004.cloudfront.net (CloudFront)
x-amz-cf-id: O8VKBNApPrFByEjUcoYF6mj0E1dI1BJtvDg55ugb2OHmdEmqI-FTnw==
x-amz-cf-pop: LHR61-P5
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7
x-cache: Hit from cloudfront

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ Frame F286 6 KB
3 KB 10ms
9ms Script
application/javascript 2a02:26f0:3500:c::5c7b:680f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:680f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Sun, 13 Aug 2023 18:54:03 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H/1.1 200
200 ad Show response
s-rtb.send.microadinc.com/ Frame F286 2 KB
3 KB 819ms
276ms Script
text/javascript 202.233.84.9
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microadinc.com/ad?spot=46349e541abeeb49be17afde2dcbebe1&cb=microadCompass.AdRequestor.callback&url=https%3A%2F%2Fmedia5.fc2.com%2F1188%2F&referrer=https%3A%2F%2Fmedia5.fc2.com%2F1188%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=b6593d721191d00189f03f89c9

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.9 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

54f4137b148963a755a4e826b955f236553ef6bc69d043082ba583920b712377

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:54:03 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: text/javascript;charset=UTF-8
Connection: close
Content-Length: 2411
X-XSS-Protection: 1; mode=block

GET
H2 200 ads.js Show response
spdeliver.i-mobile.co.jp/script/ Frame 0B69 41 KB
13 KB 101ms
18ms Script
application/javascript 2600:9000:219c:6a00:c:2040:40c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spdeliver.i-mobile.co.jp/script/ads.js?20101001
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:6a00:c:2040:40c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 31d8a246b4ec27f114c453b9d4ef714538bc6e3b3c76b9f46d63a67950144930

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:36:39 GMT
content-encoding: gzip
via: 1.1 81df7b82147a3b8250950ccfe02b7432.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 04:53:50 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: CDG3-C2
age: 1045
x-powered-by: ASP.NET
etag: W/"0c3915546c0d91:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-cf-id: I62WCM2naXhnCCO8-eHK04ub6NENNZXBTRfvBsnjf4M6XpFzvxjpJQ==

GET
H/1.1 200
200 ic
ssp.send.microadinc.com/ Frame 2A3F 43 B
340 B 273ms
272ms Image
image/gif 202.233.84.10
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microadinc.com/ic?ep=5ZNkmyxGz3ECRcoHBv1AOYJdrwsA-aIfFcgpdEA-L2KOxOr4fA5Ygmn1yN8yFWN1lhj3cvaOw100yphutT3I2_bZq7myoDtSElIXSSTWWKapRQgPPgFjTbrE-5bai3Yhv1FhMtCSnkstp
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1187/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.10 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:54:03 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: image/gif
Connection: close
Content-Length: 57

GET
H2 200 sspcore_spot.js Show response
ssp-bidder.i-mobile.co.jp/script/ Frame 0B69 23 KB
8 KB 77ms
16ms Script
application/javascript 2600:9000:2248:4c00:1f:2964:4340:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-bidder.i-mobile.co.jp/script/sspcore_spot.js?20130501
Requested by: Host: spdeliver.i-mobile.co.jp
URL: https://spdeliver.i-mobile.co.jp/script/ads.js?20101001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2248:4c00:1f:2964:4340:93a1 , United States, ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 127651ddf2e9c64d57819913ae2d95cede11604372d15f9dba49b4ddc848632a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:47:08 GMT
content-encoding: gzip
via: 1.1 d757ebfa3fb61c7bd39e85fd6a07cbb8.cloudfront.net (CloudFront)
last-modified: Tue, 08 Aug 2023 18:33:42 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: MXP63-P3
age: 418
x-powered-by: ASP.NET
etag: W/"0473edb26cad91:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
x-amz-cf-id: 24uGLgxRBmECsOpEVo56K_YSI7RuIPnPKwhc7f7EgsVL8XheukpKXw==

GET
H/1.1 200
OK ssp_spot.ashx Show response
ssp-bidapi-n1.i-mobile.co.jp/jsonp/ Frame 0B69 49 B
538 B 978ms
238ms Script
text/javascript 18.176.196.219

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-bidapi-n1.i-mobile.co.jp/jsonp/ssp_spot.ashx?pid=65803&asid=1544759&asn=1&spec=1&dpr=1&sf=0&pos=0&imcallback=_imcallback_1544759_1&cashid=1691952843620
Requested by: Host: ssp-bidder.i-mobile.co.jp
URL: https://ssp-bidder.i-mobile.co.jp/script/sspcore_spot.js?20130501
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.176.196.219 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 66198540a512f041dd647ffd3e1f04e0c1d63957b7d8c93761b49920b7e5c70f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Aug 2023 18:54:03 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 170
Expires: -1

GET
H2 200 ads.js Show response
spdeliver.i-mobile.co.jp/script/ Frame 9E3A 41 KB
13 KB 18ms
18ms Script
application/javascript 2600:9000:219c:6a00:c:2040:40c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spdeliver.i-mobile.co.jp/script/ads.js?20101001
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:6a00:c:2040:40c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 31d8a246b4ec27f114c453b9d4ef714538bc6e3b3c76b9f46d63a67950144930

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:36:39 GMT
content-encoding: gzip
via: 1.1 81df7b82147a3b8250950ccfe02b7432.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 04:53:50 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: CDG3-C2
age: 1046
x-powered-by: ASP.NET
etag: W/"0c3915546c0d91:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-cf-id: HTlXG-G2ssghuXkS-dq_0u_1pexpredVXQQpmisSG_eNdDaz3Vm37g==

GET
H/1.1 200
200 ic
ssp.send.microadinc.com/ Frame F286 43 B
340 B 815ms
272ms Image
image/gif 202.233.84.10
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microadinc.com/ic?ep=5ZNkmyzW0K0AmaYGv03jH6Hvdz0Qzr4tn5JzAoFv_bWuxG1PMPlS3TLj1ua_sZj8HGGf5yK2TgjEPZIx7i_W9nt9UDA42VPH2mKCFMwpUvnyUxY2q62AzCi1kwMKsu5a8LonXtOG0DqLd
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1188/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.10 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 18:54:04 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: image/gif
Connection: close
Content-Length: 57

GET
H2 200 sspcore_spot.js Show response
ssp-bidder.i-mobile.co.jp/script/ Frame 9E3A 23 KB
8 KB 15ms
15ms Script
application/javascript 2600:9000:2248:4c00:1f:2964:4340:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-bidder.i-mobile.co.jp/script/sspcore_spot.js?20130501
Requested by: Host: spdeliver.i-mobile.co.jp
URL: https://spdeliver.i-mobile.co.jp/script/ads.js?20101001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2248:4c00:1f:2964:4340:93a1 , United States, ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 127651ddf2e9c64d57819913ae2d95cede11604372d15f9dba49b4ddc848632a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:47:08 GMT
content-encoding: gzip
via: 1.1 d757ebfa3fb61c7bd39e85fd6a07cbb8.cloudfront.net (CloudFront)
last-modified: Tue, 08 Aug 2023 18:33:42 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: MXP63-P3
age: 419
x-powered-by: ASP.NET
etag: W/"0473edb26cad91:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
x-amz-cf-id: T2GOK6NvCpMrIwupaQwhKtiqrmogh2HZQ1e1V6lkoWccBVIGoAER2g==

GET
H/1.1 200
OK ssp_spot.ashx Show response
ssp-bidapi-n1.i-mobile.co.jp/jsonp/ Frame 9E3A 49 B
538 B 717ms
231ms Script
text/javascript 18.176.196.219

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-bidapi-n1.i-mobile.co.jp/jsonp/ssp_spot.ashx?pid=65803&asid=1544760&asn=1&spec=1&dpr=1&sf=0&pos=0&imcallback=_imcallback_1544760_1&cashid=1691952844078
Requested by: Host: ssp-bidder.i-mobile.co.jp
URL: https://ssp-bidder.i-mobile.co.jp/script/sspcore_spot.js?20130501
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.176.196.219 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 39e1977469da6d637f1de88bdb191081fb9d3081b5c6d403010dffc3d3121d03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Aug 2023 18:54:03 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 170
Expires: -1

GET
H2 200 adcore_pc_inline.js Show response
spdeliver.i-mobile.co.jp/script/ Frame 0B69 1 KB
905 B 21ms
21ms Script
application/javascript 2600:9000:219c:6a00:c:2040:40c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spdeliver.i-mobile.co.jp/script/adcore_pc_inline.js?20110201
Requested by: Host: spdeliver.i-mobile.co.jp
URL: https://spdeliver.i-mobile.co.jp/script/ads.js?20101001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:6a00:c:2040:40c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b8666b6a7bda5ea0466128485e57eb867e069582c3709bde90ec39f88d467d0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:49:01 GMT
content-encoding: gzip
via: 1.1 81df7b82147a3b8250950ccfe02b7432.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 04:53:46 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: CDG3-C2
age: 305
x-powered-by: ASP.NET
etag: W/"0692f5346c0d91:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-cf-id: imZDKn4P95RikRcrQD19qJU6gzMF-phKvgSeBtPaUGPwOvquMaXuGw==

GET
H2 200 ad_spot.aspx Show response
spsvcpc-tls.i-mobile.co.jp/ Frame 5EB8 3 KB
3 KB 353ms
260ms Document
text/html 2600:9000:218e:d600:1d:4ba6:de80:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=65803&asid=1544759&asn=1&width=300&height=250
Requested by: Host: spdeliver.i-mobile.co.jp
URL: https://spdeliver.i-mobile.co.jp/script/adcore_pc_inline.js?20110201
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:d600:1d:4ba6:de80:93a1 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a3a41dc5b0785d102a8e91d1dee6066c498857c3195a4a32082a0848d3bdffdb

Request headers

Referer: https://media5.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-length: 2864
content-type: text/html; charset=utf-8
date: Sun, 13 Aug 2023 18:54:04 GMT
expires: -1
p3p: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
pragma: no-cache
server: Microsoft-IIS/10.0
via: 1.1 ffe6c29ca0993b4638edf6dcc08181b4.cloudfront.net (CloudFront)
x-amz-cf-id: ic3as_AJkAH0gXt9AXu41542zs67pKuxko6M2zZxmGTXTr2_ykjVpA==
x-amz-cf-pop: CDG52-P1
x-cache: Miss from cloudfront
x-powered-by: ASP.NET

GET
H2 200 adcore_pc_inline.js Show response
spdeliver.i-mobile.co.jp/script/ Frame 9E3A 1 KB
895 B 16ms
15ms Script
application/javascript 2600:9000:219c:6a00:c:2040:40c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spdeliver.i-mobile.co.jp/script/adcore_pc_inline.js?20110201
Requested by: Host: spdeliver.i-mobile.co.jp
URL: https://spdeliver.i-mobile.co.jp/script/ads.js?20101001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:6a00:c:2040:40c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b8666b6a7bda5ea0466128485e57eb867e069582c3709bde90ec39f88d467d0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:49:01 GMT
content-encoding: gzip
via: 1.1 81df7b82147a3b8250950ccfe02b7432.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 04:53:46 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: CDG3-C2
age: 305
x-powered-by: ASP.NET
etag: W/"0692f5346c0d91:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-cf-id: eoDTK5pBWH-TRCaIJYglcA8ESKfJChD6RYnuvgi-CB7Q-Ad7Vc86AA==

GET ad_spot.aspx
spsvcpc-tls.i-mobile.co.jp/ Frame 7149 0
0

GET
H2 200 style.css
spsvcpc-tls.i-mobile.co.jp/css/ Frame 5EB8 5 KB
6 KB 17ms
16ms Stylesheet
text/css 2600:9000:218e:d600:1d:4ba6:de80:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://spsvcpc-tls.i-mobile.co.jp/css/style.css
Requested by: Host: spsvcpc-tls.i-mobile.co.jp
URL: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=65803&asid=1544759&asn=1&width=300&height=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:d600:1d:4ba6:de80:93a1 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3a6b3996ce3a1200e3b494ed37f4e7f665ddff1faedf145bdef17a51546b0998

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=65803&asid=1544759&asn=1&width=300&height=250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 20:21:06 GMT
via: 1.1 ffe6c29ca0993b4638edf6dcc08181b4.cloudfront.net (CloudFront)
last-modified: Wed, 02 Feb 2022 05:29:52 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: CDG52-P1
age: 426778
etag: "0c827e7f517d81:0"
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 5537
x-amz-cf-id: dEIROysvEFD52b1F85zvZM-zFnALyAQjITd3hGHOK6pnm3Ve5F1wAQ==

GET defaultAd.gif
spsvcpc-tls.i-mobile.co.jp/img/ Frame 5EB8 0
0

GET
H2 200 ad_creative.ashx
spcdnpc.i-mobile.co.jp/ Frame 5EB8 59 KB
60 KB 31ms
19ms Image
image/jpeg 2600:9000:219c:6a00:c:2040:40c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spcdnpc.i-mobile.co.jp/ad_creative.ashx?advid=2853926
Requested by: Host: spsvcpc-tls.i-mobile.co.jp
URL: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=65803&asid=1544759&asn=1&width=300&height=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:6a00:c:2040:40c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 79d9baba45507f98ae7d87a88586ebba5c4fb5e5cea5e0d167764904b7963484

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spsvcpc-tls.i-mobile.co.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 21:37:28 GMT
via: 1.1 81df7b82147a3b8250950ccfe02b7432.cloudfront.net (CloudFront)
last-modified: Tue, 22 Mar 2016 11:48:04 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: CDG3-C2
age: 76759
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: private
content-length: 60843
x-amz-cf-id: Fs8k941Ju8o6XpDRxrgGqh3ulrkdjQ1foYtLGRvmTs9FgfKFpPZcTw==
expires: Mon, 01 Jan 0001 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mcnair.indiana.edu
URL: http://mcnair.indiana.edu/img/current-students/chavez-ian.jpg

Domain: image.cdnllnwnl.xosnetwork.com
URL: http://image.cdnllnwnl.xosnetwork.com/pics33/800/VS/VSIZAIANZRGNVOO.20151009142942.jpg

Domain: spsvcpc-tls.i-mobile.co.jp
URL: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=65803&asid=1544760&asn=1&width=728&height=90

Domain: spsvcpc-tls.i-mobile.co.jp
URL: https://spsvcpc-tls.i-mobile.co.jp/img/defaultAd.gif?pid=65803&asid=1544759

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cache.send.microadinc.com/js	1970-01-20 13:59:16	Name: RTUS_STATUS Value: Unknown
.fc2.com/	1970-01-20 23:20:48	Name: __gads Value: ID=42bad3304dedf295-226bd67f4fde0054:T=1691952834:RT=1691952834:S=ALNI_MYB4o_B8D4tbLMIbeFtKwmTS_tC2A
.fc2.com/	1970-01-20 23:20:48	Name: __gpi Value: UID=00000c5fcfa824f4:T=1691952834:RT=1691952834:S=ALNI_MbNxk68aMjcpdIoVPDq5ZvmMOWy7g
.doubleclick.net/	1970-01-20 23:20:48	Name: IDE Value: AHWqTUnd2UE_cSKFUJaiDgmylc-wWCVUyb6_Mzi9hLgh-jIwuy26usIsOmh79y7inVI
.googleadservices.com/	1970-01-20 16:08:48	Name: ar_debug Value: 1
.ctnsnet.com/	1970-01-20 22:44:48	Name: gid_CAESENm5TpwVFYmxHsMGpzhJSi4 Value: 1
.ctnsnet.com/	1970-01-20 22:44:48	Name: cid_cf1c68544918430e8e939b849222f041 Value: 1
.yahoo.com/	1970-01-20 22:45:10	Name: A3 Value: d=AQABBMgm2WQCEGp9G1HIvPCHuXRlDT8W0u0FEgEBAQF42mTjZAAAAAAA_eMAAA&S=AQAAAmtLXPtIMa2dbeyC0DbowKA
.innovid.com/	1970-01-20 16:08:48	Name: uuid Value: 62a1efb4-a9ea-472f-a586-c985ea993a5d-20230813 14:54:01
.doubleclick.net/	1970-01-20 18:18:24	Name: APC Value: AfxxVi4bI_oUBImcrZ_wjeTnWWqCIBXgnxL_KMT5T4SEXi83aQXpbQ
.tribalfusion.com/	1970-01-20 16:08:48	Name: ANON_ID Value: abnt6ZaxlqLlnJVsPTan63PC9M5jcJJ7f65w7eFVOJ3pHUljq4JVGQC5iA8rxcE7RIcTfGVZdgQGXDIUSpcB9G8NDG57O9
.awin1.com/	1970-01-20 14:02:05	Name: awpv20044 Value: 412871\|1691952841\|c447d530-3a0a-11ee-898e-223287d3f473
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924
pb.media01.eu/	1970-01-20 23:35:12	Name: DTU Value: 54EF289DAAE31B066D97C2F2B7B46545
.turn.com/	1970-01-20 18:18:24	Name: uid Value: 4609624822304367202
.o2online.de/	1970-01-20 14:09:17	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY5MTk1Mjg0MXZsZWExZGUyMDIzMDgxMzIwNTQwMTg3ODYwMzE0MDM5WDExNzY4M1YxMjI2MTMyNzAyTVN2aWV3b25laWRnazhhOGZyZkpWMnNQSGJIOHQ1dHJyQVVtU1FUOTk4c3dnellvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMTc2ODM
.o2online.de/	1970-01-20 14:09:17	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 14:09:17	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117683_-HTLP&utm_term=AFF_la_117683_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023081320540187860314039X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117683&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY5MTk1Mjg0MXZsZWExZGUyMDIzMDgxMzIwNTQwMTg3ODYwMzE0MDM5WDExNzY4M1YxMjI2MTMyNzAyT

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://secularcoalition.info/KmVMGc?default_keyword=cost+of+attendance+university+of+michigan+law+faculty, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://secularcoalition.info/KmVMGc?default_keyword=cost+of+attendance+university+of+michigan+law+faculty, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.heraldpalladium.com/southhaventribune/yahoo_site_admin/assets/images/Miller_WEB.10080613_std.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://localtvwqad.files.wordpress.com/2017/04/promo316932033.jpg?quality=85&strip=all&w=1200 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: http://mcnair.indiana.edu/img/current-students/chavez-ian.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.woodlandsnaturalhealthcentre.co.uk/wp-content/uploads/2011/10/NicholaSaundersLeaflet_inside.jpg Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://as.ad4m.at/ad/dr?ed=1j78d34eghtf3nwq5y499xqnagaffe228kh7jqfcyh6cn9tndazg16bgkqpf4417v9dgqtzjk6xf51sk2gx8m2ytxhpptzjcpvfz41jzpcf9t3kzvtt09fv0q2bs72pctrnmertwn2qdqc4b0rbmdg8prxben8p0rm3j3p1pk4bj2nr1gyxa6e0jhdm5ncd4s8q20q90yygw1zy8ymfq242w5shzqyysqs6ry5zecabzheppapta9p2f0bb2bcs46gt90jxz0kkqnasn6edat7fa5p1vn714wypge0rzxg8wq4twajaedryt9w7appna47rt13pcgmbbzrrr180t77xsxaspw30kbwj35pftqv7mrx3twz9crj2yc3f16c905dr06tjd9wcfafy8n890dhv42gpyq4znbx1a0xnhq5e1qwyf531fdhtyrwpsnvytdnqbc6dm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC60r1yCbZZOHtHJWZi9YPm8m-qA2Q4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02ODkwMjg3MjUwOTc1Njc5yAEJqQKoPV_hbl6yPqgDAcgDAqoE0wFP0Kj6kw_YJKaqynVRC8Hnh-WTyDHzfKXHZ_rcsLQB5fdswq73f1SuwrjWG901uYk-VZfUVwHrY6looc_oYIPBg5H-gWcC8OvQ6igX4rMn8v99a85xKLBDKieeThOnBWJWAIV7nc3tQ1h3Of0W14U2GuvaT9nDo5gKpyC1yaRPmIx3NrEQpL4FrahkVCxeGbiGtW2dpgfj8aBtHz_xqp-P2qc8V5ezIVXqWweMCs2A65jIwZ69H5rDMKnPRKEZb7dtKxUdd03matBexI7hY-uIJ6EZgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_19Dpq2VXb_6CFlO32pdhSDV2oglw%26client%3Dca-pub-6890287250975679%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=728&d=90&e=&g=77c3aefb32654489428a86b2740731b2%2F9564557610929476764&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1691952841074&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hj1de4t47316cr29hy61f5kpa489k9mtm3x3eczznewqbm394h2hf15nbnnmscqar8g7a5njw2kz5vzc3hczg2jspsyzw11vjqe0eh5fkrsjqzhkjtm9bhbxswv23mahy8gadbvjyd1vx87d6fpa3nxfsdvxy9qbefvfkba852g3n25xa3f8em6aax322h1p7063v1ekrtwzvzq5xydk6x71p0nygrvq9ey7xzf9k19jyck2erwdstxx7d42xj1qe2en7cc5695pjtbay7zckaz%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC60r1yCbZZOHtHJWZi9YPm8m-qA2Q4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02ODkwMjg3MjUwOTc1Njc5yAEJqQKoPV_hbl6yPqgDAcgDAqoE0wFP0Kj6kw_YJKaqynVRC8Hnh-WTyDHzfKXHZ_rcsLQB5fdswq73f1SuwrjWG901uYk-VZfUVwHrY6looc_oYIPBg5H-gWcC8OvQ6igX4rMn8v99a85xKLBDKieeThOnBWJWAIV7nc3tQ1h3Of0W14U2GuvaT9nDo5gKpyC1yaRPmIx3NrEQpL4FrahkVCxeGbiGtW2dpgfj8aBtHz_xqp-P2qc8V5ezIVXqWweMCs2A65jIwZ69H5rDMKnPRKEZb7dtKxUdd03matBexI7hY-uIJ6EZgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_19Dpq2VXb_6CFlO32pdhSDV2oglw%2526client%253Dca-pub-6890287250975679%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
network	error	URL: http://image.cdnllnwnl.xosnetwork.com/pics33/800/VS/VSIZAIANZRGNVOO.20151009142942.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ag.innovid.com
as.ad4m.at
assets.ad4m.at
audiencedata.im-apps.net
cache.send.microadinc.com
cdn-fluct.sh.adingo.jp
cdn.shopify.com
clients1.google.com
cm.g.doubleclick.net
cse.google.com
dis.criteo.com
dmp.im-apps.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.adingo.jp
ifigent.com
image.cdnllnwnl.xosnetwork.com
ius.ctnsnet.com
j.microad.net
jgl.microad.net
lanterman.web.fc2.com
localtvwqad.files.wordpress.com
mcnair.indiana.edu
media.fc2.com
media5.fc2.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pb.media01.eu
platform.twitter.com
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
r.turn.com
s-rtb.send.microadinc.com
s.tribalfusion.com
s3.india.com
secularcoalition.info
sh.adingo.jp
spcdnpc.i-mobile.co.jp
spdeliver.i-mobile.co.jp
spsvcpc-tls.i-mobile.co.jp
ssp-bidapi-n1.i-mobile.co.jp
ssp-bidder.i-mobile.co.jp
ssp.send.microadinc.com
static-de.ad4mat.net
static.fc2.com
storage1000-textad.fc2.com
syndication.twitter.com
textad.fc2.com
tpc.googlesyndication.com
vip.chps-api.fc2.com
www.awin1.com
www.cusys.edu
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.heraldpalladium.com
www.lead-alliance.net
www.southhaventribune.net
www.telefonica-partner.de
www.woodlandsnaturalhealthcentre.co.uk
x.bidswitch.net
image.cdnllnwnl.xosnetwork.com
mcnair.indiana.edu
spsvcpc-tls.i-mobile.co.jp
103.224.182.206
104.244.42.200
104.244.99.106
104.244.99.169
104.244.99.58
104.244.99.67
104.244.99.97
104.77.35.11
130.211.14.194
14.0.41.202
142.250.181.230
142.250.186.34
145.239.193.130
167.233.13.224
178.250.7.11
18.165.227.72
18.176.196.219
192.0.72.21
192.104.182.109
199.48.209.213
202.233.84.10
202.233.84.9
204.228.68.58
23.227.60.200
2600:1901:0:76b9::
2600:1901:0:e207::
2600:9000:218e:d600:1d:4ba6:de80:93a1
2600:9000:219c:6a00:c:2040:40c0:93a1
2600:9000:2248:4c00:1f:2964:4340:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:61b
2606:4700:20::681a:bd1
2606:4700::6812:18ad
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:812::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2002
2a02:2638:d::d
2a02:26f0:3500:c::5c7b:680f
2a02:26f0:7100::210:110
2a02:26f0:7100::210:162
2a02:3d0:6:a000::3
2a05:d018:d29:3605:c921:7369:53d4:6471
2a05:d01c:1d8:8101:4e4e:de4:976c:6d16
3.114.87.100
3.67.123.166
35.186.193.173
46.228.164.11
54.199.241.78
84.200.5.215
88.198.250.30
92.205.2.206
94.229.72.117
02438533ee92c1e1f21324e531af7201a48ef35e053069d1f071871b496a132b
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
07d241ae62c2c40e9c20c169b35cf9bda9b3e99cba1e5ad4f86351364156c290
08594aa8f6b8760ac36e53b99ddd70973dfc79447a1fc993a746ac975bd64565
09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06
0a87ba00eee82758c065fb6b0a604e671c9b39f6ea918bdc0a31dc44fb8ad9ad
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ea384701e69ebac801cb86b74152ca345dd2903352c1738eddd88bd0bc0a582
127651ddf2e9c64d57819913ae2d95cede11604372d15f9dba49b4ddc848632a
171abb10853564231a1dda080cb39ef319be049410ab46b510d768f553a3c87a
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1cb7cab5eb7626900d579c45c233bfb4e09b2e262f0c9bc31c90641dd5e6c714
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e560ff025fb7a37f6ef93d80f90f336741b83316fc4a2c5fdeec023c8ddb7a0
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734
2454bc41728471757d1b4b2368d6e9ccab0fcfa579693d9e8e07b2789de6eb35
26959420ff63fa61ceda84d3a420d0fb456221556aafd0ee0a7bcbdd9d1745a9
2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1
278c5e17e2256ca57df5364106c24b2870908f1f1a7d3f20115e4ee29ef7da08
285b0de73a0452c3388fa294e4f75b216ffa7cacc7e7947242b6c8d0983846c3
2c5ef1d2dcf899ea5d79ac18a1ad513a30afef387ee1ac1fa8af4090f4439c91
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f1062b5e1af2cc8a151377ca403596d9c62d3a11512d8d7cc821945c5329929
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d8a246b4ec27f114c453b9d4ef714538bc6e3b3c76b9f46d63a67950144930
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
39e1977469da6d637f1de88bdb191081fb9d3081b5c6d403010dffc3d3121d03
3a205e570200efaadeb6d9ad4ada0343e919861eebbc25aae159baba0542d80b
3a6b3996ce3a1200e3b494ed37f4e7f665ddff1faedf145bdef17a51546b0998
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3afca5001b290bb09b9b371385e12e24044a65eb613cb2928394a2ad0ea760d2
3d326ac5d919245c58c8a7b05632f9933a9973d5f16a5df3f472198cb13c3f2c
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
404b9260afb4ca4d67d51bc3ab9c58e6d139d47f9c1218a78ecac1492e0e3002
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6014ed24f631bc0b00eac39fc64762572246d270bd08ff426a8f4ab037cde8
504ccc14f6a939c0c1116e9189c0fb0a620d749b648bc3fd283a3eda0d76ef0f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f4137b148963a755a4e826b955f236553ef6bc69d043082ba583920b712377
5a0df713b4660ba39052ceadce6b19b9945dcc2b8aecea57d84816524eb38b14
5b207e7767f10ca66eaedbaee7e5023f9c55176e70d64fcaabf58656622d5513
5b20a3e55eda8ed582681eb9a05069aaaf5da9c12d9b9d6769cfc05ebb539993
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
6221d85a14aa1c1295dd6246bf5d4358c1aad104ba76b2f44ad1febb1df7db7b
6228ca9e6798424cc37849c7080cdc1d38c4da419a3078d4d4fc2cbb95e8a06f
625a79bd31c2d52c37c07e341ae22b2889d644cd8d9af21786750fa6c4369765
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66198540a512f041dd647ffd3e1f04e0c1d63957b7d8c93761b49920b7e5c70f
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
67c87ffe5e6046e49358a8dbc859d82619ff48eb1b057e608ce821e974fdcc24
71c9214e254a57b8b18d952bde87f2080a70f117a04f103daa5b91ca83e2d591
7320a35f8f5fbfd28be89b5588d9cee9dbdbd09151d4ce002da3fce47140e163
79d9baba45507f98ae7d87a88586ebba5c4fb5e5cea5e0d167764904b7963484
7cccd8f78bd73c79f1281052eb4c9bdf6f38386fca206da9954fdf24ab0784af
85d18c7d6cbce2fb5e6414e404991d559f0a610a26f71e17027042ff4e5cd894
863395d0e38e9c9c42ff78d3c7ecaf11f3423b5734ccf09cf08e0331f444fbbe
8e71afd53d34b1a32c15ee776f34aa51869e45820afcc130ee01477b7e9e275e
94f36b60ffa01cf673284849dc3558bc77f69ade38897f6b9d88d831e803bf7e
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
9786560d7e19066281a96f08fba8dd20db957c9013899f34ec24a7b18dffdd7e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b34452c32ec1393e9f2ae9d849683de6302ffad75c1ea07b272b2612a3e4608
9cf26fb9689fd8a0cca272392d51ec09f0bb015df6ca4301834f56336cdfbbb5
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
a3a41dc5b0785d102a8e91d1dee6066c498857c3195a4a32082a0848d3bdffdb
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff
aa7469f638262821f7ff37616788f67addec2140d47b6d4396a98d0e11391e80
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab54017c0444167aa0373b35754d99768c225d38796dd834057dcd0341f42a00
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3d731e829b5eea677f272ad13fe0de698971774397ca5a3643401dee478d1a8
b7dad492260920af7d4a7996d2d662cca8f0d8aebef97c420eb89e5b4fc2cc9b
b7f62f924ea7b82ad409df09417c32e7ace002d292675841dcfeeecc28a25925
b8666b6a7bda5ea0466128485e57eb867e069582c3709bde90ec39f88d467d0a
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bac62b9a825a47764961c656e99d737ad97e9dfe8f1480607c652b284a1131c5
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
be00c6b021883cb1684551714783bace4a657281ebdf833b2a5ff8a56e206bd0
c3a4d6cf16cfd7b84e2ffe8b57ffd30113246cd709c7f7bd8ac406daa81525f4
c6c572a51db4b19008dfcde69a5aab55e9cdbce88c99c7ad02f4d44eb939c681
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
cb8aa63b3f73eb99a9f475b1bd8235a6ece0c5051a1cbef6fa5f9df8a208f48a
d1b526c5b87c80b5d6b9ec64df85a97e40578e2cd3c91f2f039a0709b1eb02ac
d5280d87baee55df453debab6d2cf4079a730388c6773369fffa6c44ce9f159c
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
df13cdf027f73eca497da1fecd5886b0aa885c006ba1713d53b4dab90eea9078
e06a517c8ef78e142c00c1217c5a3e48c1c31dd55813530c225763ecf688b92f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5a607a148533153dd23f25fd3cbfce24b536794c6f594ed5416dee2fa2103c1
e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4
e96ef4f1f835d6d6e7e7002d42ce745e33791d12264fc4171c8408638aa1d29d
e97979e08037bef7ef53018cd2e9fc623e01b4f94c9eab69a4cb1fb0f727b047
eda0e2def4a4974c931816016ba05c70a4ca4307aa9cf2b86ca11a83a5d8aa6e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01efd39c4db32c2a6b569c952f43abde3799c0631af94c14180caa093b66c1e
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f82333103a1080f1da5da0c384159e0f10307305ea2b611289285f3da136c0f2
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f82eeb7d741fcdd22be2f05939c7196ba620b539243541c6a56ab6cd62462613

lanterman.web.fc2.com Open in urlscan Pro 104.244.99.169 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

160 Requests

74 %HTTPS

44 %IPv6

40 Domains

70 Subdomains

53 IPs

9 Countries

2360 kBTransfer

4936 kBSize

18 Cookies

13 Outgoing links

Redirected requests

160 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lanterman.web.fc2.com Open in urlscan Pro
104.244.99.169 Public Scan

Screenshot
Live screenshot

Full Image

160
Requests

74 %
HTTPS

44 %
IPv6

40
Domains

70
Subdomains

53
IPs

9
Countries

2360 kB
Transfer

4936 kB
Size

18
Cookies

160 HTTP transactions
5 data transactions