me3u6-oqaaa-aaaad-qfkra-cai.icp0.io Open in urlscan Pro
2a0b:21c0:b002:2:5000:59ff:fead:c233  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request units.html Show response me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/public/	3 KB 4 KB	417ms 297ms	Document text/html	2a0b:21c0:b002:2:5000:59ff:fead:c233 ZEN-ECN
General Check archive.org Show headers Download Go to Full URL https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/public/units.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a0b:21c0:b002:2:5000:59ff:fead:c233 Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US), Reverse DNS Software / Resource Hash 0777c5a5076cf8ee13378d8a9ba4fc3e5d35ef6318cc86267925fadb3f89d15a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-origin * access-control-expose-headers accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id content-encoding gzip content-length 1279 content-type text/html date Thu, 12 Dec 2024 07:54:19 GMT ic-certificate certificate=:2dn3o2R0cmVlgwGDAYMBggRYIKZa+jjiJCKIY6ieu3PP5Vz5wLXmyPh1bDmIzXg5dl6LgwJIY2FuaXN0ZXKDAYIEWCCgfK3xmTfXbEgBeu+hLPpfXLqyWjOjDvFr8XgrkiF3XoMBgwGDAYMBggRYINs7vCe5R2DsC/6JJQfMkI8DGV4AY8BzWukAkSyeDKoxgwGCBFggBed8nGI+ygMvesTnO19xyS4dnYMKRhYfsHIXzoEuOouDAYMBgwGDAYIEWCB7fA+ExYCYymSR4bSoDqxBui695gS5YnBS+fwB0AL6joMBggRYIPk1KpQLJi8i/7o8tWNWKhDY8bEADvN6P1eOiBVqdSUAgwGCBFggJ/kqJQUbjy5UByXOACPtbLTZ5EqqDP/rP5PJu/OCKbqDAYMCSgAAAAAAcCqiAQGDAYMBgwJOY2VydGlmaWVkX2RhdGGCA1ggdrAfdWdMI2OGC6o38QotPbq1tJolgPh3c0D02ZUxyx+CBFgg+k3LTMt6nrDVkoFLyoQGbHVQYSJQwGFCByw2mT6lQvaCBFgghRIZEuCkjWKLmBvxtxGAx07lW7hQvAmgDwtWjYnPX4qCBFgg5JwJIeONjyh70qsUa9rN0hFyb6mtrtphccjn697mD4eCBFggiJjbVM62uDeWdVG6T2jUZ6cyrQR9yCbYRxIaqhYaTKyCBFggAMtHwUvbSiYs5d+7WJn52d4M8gifelWgkhjH1HsLPBSCBFggqimGVOjmUc9bOk1AXVSB8aBgHQFnZYRx87ZtRpJVKp6CBFggJMSKN7LQqXzdYvOeHDlIvBTryH7wR+G8vSIRYwbIzPyCBFggJ8PD76hYxxHo7Ipt/rKcszmrMQVGtciMrSWMSpbgD+CCBFgg1muQLcC6KmWkMLNnAQlfw8wjSM0WwuQMHUH8PrGv5+mCBFggX35gZxxn0nxCIzek3g5vnzUIh7yMPDL8AunjkpM/CmODAYIEWCAtXOyW/HHaLB6fP1oPgmbfSHg2djE9XlMhiabls6tZ4oMCRHRpbWWCA0npkvfx2diXiBhpc2lnbmF0dXJlWDCjisRPuPR99XexBCnqc9KTo6geL3ScoWl7XrFBeBbNz+RT9zbcf0evPu9ZfoLPalVqZGVsZWdhdGlvbqJpc3VibmV0X2lkWB1FF4tmpAek1ZwKTWczvaLOPzfBEbQlfsQZCPT4AmtjZXJ0aWZpY2F0ZVkCfdnZ96JkdHJlZYMBggRYIO/1sinR4TjOgO/zfGL46fLQ8ZITqCyUr62Ga6G85QlcgwGDAYIEWCD9K+SDCWGvFUDnyNfA4eWyfQ5CL3vV9ABZfJzTcGNNH4MCRnN1Ym5ldIMBgwGDAYIEWCA6DNT3kKu1QgxjepJySMeoMhLjqlOvjjW4B0ihByZGD4MBggRYIEZqcChs+azpgBylPiKvbuBZoJT9YEmGBtSEtoVAWDB9gwGCBFggPKLFVJCdOfm7gxBgwjXXo6/tTocHi9j5w2KgLNZb9HyDAYMCWB1FF4tmpAek1ZwKTWczvaLOPzfBEbQlfsQZCPT4AoMBgwJPY2FuaXN0ZXJfcmFuZ2VzggNYG9nZ94GCSgAAAAAAcAAAAQFKAAAAAAB///8BAYMCSnB1YmxpY19rZXmCA1iFMIGCMB0GDSsGAQQBgtx8BQMBAgEGDCsGAQQBgtx8BQMCAQNhAJVfUvc8LexZpjeylOULk0211t4p5zu8+E59hqSsQbrXtTn5gXreiRaWHZ3Wv5JXAQ1YVxVuj+aq/Pb9BoeV5wvTOZs0ETAMnMyOug0GjBDkz7b04n0ZWx6teF1hjrOTuYIEWCBMuWZ8ICOS8cNBrUdjkIDhpwYyp2HSspVRssQmTfercYIEWCBpYe8TfCruCwRnCC7208EsA+kwE7YCpMtiFCcOSEhj8YIEWCA6N6JDizdcx3W0KRoBIETX0JmfVKIVHJi9qTzg5rJ45oMCRHRpbWWCA0mQ36WG3+eDiBhpc2lnbmF0dXJlWDCZTXuYxnP9dER435zAaMaCq7tC6wMuUhzqPp5sJcTbvhK0edrnJfFnpiNt6zTLo6M=:, tree=:2dn3gwJLaHR0cF9hc3NldHODAYIEWCCJDpn14MR8faYt+gOuAGHjQWV4zKdQ4bb9+k/3OtxQIoMBggRYIFKwDTeyubVStAdABbdaOO03LB9N5FEM6yq+EXcBH9PSgwGCBFggBY0Uy8P1rGKX+QqnAPGI6ZCugfA8AfWnP9uDeHJx7DuDAYIEWCACFqi9MEaMbw6IqHIcdkLW3z7gYFnKyQ4H6t6wBvZjDYMBggRYIMi9kmu+MycpDjcRNTquV6iJXM6hzGoK0yL5JERXGghbgwGCBFggvEOTCQ9j0b5Y6heG3KHriQl3j3HwlRGnZDPVIlhKsOKDAYMBgwGCBFggqg310UPxw2R14MiamZdxPUpzwfGM5J362INS+m1fY4mDAYIEWCC5VruFZU85AHoQ5rFNGBO8sEGUyDPXX8X9mFRtLNHbqIMBgwJSL3B1YmxpYy91bml0cy5odG1sggNYIAd3xaUHbPjuEzeNipuk/D5dNe9jGMyGJnkl+ts/idFaggRYIPyGOYZ1aH+x5rCP9F15C7r8miU0xXJRGSbpWTp73JpUggRYIPCItSDu4na8auIshkC5bozTqtYgMmYMb64yErqr3M7cggRYIIpxHH1fJ2ibGb3zhuaWRBYxBcYG471PkqQDVJg2H/PS: strict-transport-security max-age=31536000; includeSubDomains vary origin, access-control-request-method, access-control-request-headers x-ic-canister-id me3u6-oqaaa-aaaad-qfkra-cai x-request-id 0193b9dc-90ae-7050-8528-6f679800c406
GET H2	200	tag.min.js Show response api.adinplay.com/libs/aiptag/pub/SWT/swordbattle.io/	106 KB 39 KB	109ms 45ms	Script application/javascript	2606:4700:20::ac43:47de CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.adinplay.com/libs/aiptag/pub/SWT/swordbattle.io/tag.min.js Requested by Host: me3u6-oqaaa-aaaad-qfkra-cai.icp0.io URL: https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/public/units.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 638d5b6c52bc802dab7267e23d0c43f7367d3de3d58abfd579fae9906ca1b18d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/ Response headers x-host adinplay-2 cf-cache-status HIT etag W/"67585509-1a8da" age 146974 content-encoding br report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bc0MxYmceVqtq9mLI3PGMjQ49uAp81KmWPCCpINQXH%2F5uQ%2Fc%2Fe9Homa64z9gSGOM%2B%2FvtSCZ2eLyc15FwXLLUQTNyxuAZ7wTD%2F%2BYeS6u9QtIaCLuKfcawu7HtkCr3qXE9gKaRewNBkQbsA%2Fa3JL4%3D"}],"group":"cf-nel","max_age":604800} server-timing cfL4;desc="?proto=TCP&rtt=24054&min_rtt=23997&rtt_var=5152&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4033&recv_bytes=2175&delivery_rate=160838&cwnd=228&unsent_bytes=0&cid=e7326e0b810319f7&ts=51&x=0" date Thu, 12 Dec 2024 07:54:20 GMT content-type application/javascript last-modified Tue, 10 Dec 2024 14:49:45 GMT vary Accept-Encoding cache-control max-age=1800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 8f0c2556891f7320-LHR access-control-allow-origin * server cloudflare
GET H2	200	ad-manager.js Show response api.adinplay.com/v4/live/aip/	796 KB 232 KB	48ms 48ms	Script application/javascript	2606:4700:20::ac43:47de CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.adinplay.com/v4/live/aip/ad-manager.js Requested by Host: api.adinplay.com URL: https://api.adinplay.com/libs/aiptag/pub/SWT/swordbattle.io/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54979a57b8bec446a421044649ded15f5e4da6bbffd4b8406280ed46229a1005 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/ Response headers x-host adinplay-2 cf-cache-status HIT etag W/"673efd9b-c7058" age 147570 content-encoding br report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z2EuEwpDPLwsDYDHeGGWJoWAgVFFx4HYIWiQqiPro6QddLXI0xYHSCB4m%2BoByNj7apSpeYcDHpfR%2BKElHN6vZZVrozBJzMzQGkxMtQ%2B0iRh%2B4Q4r%2B9Q7ZT1eL0l1tA%2FMDTN4XoyRrhWdsAuQeCs%3D"}],"group":"cf-nel","max_age":604800} server-timing cfL4;desc="?proto=TCP&rtt=26288&min_rtt=23997&rtt_var=3963&sent=47&recv=26&lost=0&retrans=0&sent_bytes=44732&recv_bytes=2286&delivery_rate=1109203&cwnd=233&unsent_bytes=0&cid=e7326e0b810319f7&ts=114&x=0" date Thu, 12 Dec 2024 07:54:20 GMT content-type application/javascript last-modified Thu, 21 Nov 2024 09:30:03 GMT vary Accept-Encoding cache-control max-age=1800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 8f0c2556e96c7320-LHR access-control-allow-origin * server cloudflare
GET H2	200	31805.js Show response api.adinplay.com/v4/live/aip/	1 KB 873 B	38ms 38ms	Script application/javascript	2606:4700:20::ac43:47de CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.adinplay.com/v4/live/aip/31805.js Requested by Host: api.adinplay.com URL: https://api.adinplay.com/v4/live/aip/ad-manager.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6e9a6b334cb9810f7d25fafab61725edf522f8b7372ac65f1274db79867a6537 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/ Response headers x-host adinplay-1 cf-cache-status HIT etag W/"673efd9b-5dc" age 147570 content-encoding br report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XnyGq7xXElhgkimxuopaPmxdZnVAzqZzkKrs2eD5w1S2zSHwTAPPfcX7WPXfmirxsx2LyJZYLTrx2sgD%2FR%2BiwGAnNr8dn5ArcEpqcDBgzlk3uUpj%2Fs6qutPIep%2ByEw9Y9f8IyQeitzJvEL7ld%2Bs%3D"}],"group":"cf-nel","max_age":604800} server-timing cfL4;desc="?proto=TCP&rtt=24617&min_rtt=23997&rtt_var=196&sent=243&recv=125&lost=0&retrans=0&sent_bytes=283689&recv_bytes=2352&delivery_rate=7064385&cwnd=343&unsent_bytes=0&cid=e7326e0b810319f7&ts=233&x=0" date Thu, 12 Dec 2024 07:54:20 GMT content-type application/javascript last-modified Thu, 21 Nov 2024 09:30:03 GMT vary Accept-Encoding cache-control max-age=1800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 8f0c2557b9f17320-LHR access-control-allow-origin * server cloudflare
GET H/1.1	200 OK	g.txt hb-vntsm-com.global.ssl.fastly.net/v4/srv/	0 0	82ms 25ms	Fetch text/plain	151.101.65.194 FASTLY
General Check archive.org Show headers Download Go to Full URL https://hb-vntsm-com.global.ssl.fastly.net/v4/srv/g.txt Requested by Host: api.adinplay.com URL: https://api.adinplay.com/v4/live/aip/ad-manager.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.65.194 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=300 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/ Response headers Access-Control-Expose-Headers X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo ETag "d41d8cd98f00b204e9800998ecf8427e" Age 5826 Access-Control-Allow-Methods GET, OPTIONS X-Cache HIT, HIT Date Thu, 12 Dec 2024 07:54:20 GMT Last-Modified Tue, 02 Apr 2024 15:20:36 GMT Vary Accept-Encoding X-Served-By cache-dub4365-DUB, cache-lcy-eglc8600081-LCY Content-Type text/plain x-amz-id-2 EHZqmdfZ1NAmHYVGFax02YvGsPl+HA5Gy7lCKWIqiMu1yi021u0xiDTr0RcR7F4m2HU0JkMxmqiHmhczjf/vmkqpsXSk85s1 X-Cache-Hits 9, 317 Strict-Transport-Security max-age=300 Access-Control-Allow-Headers X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo X-Timer S1733990061.856643,VS0,VE0 X-IP 5.187.21.102 Connection keep-alive Via 1.1 varnish, 1.1 varnish Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 0 Geo-Sub GLG X-Geo GB Venatus-CDN-HB-Rule-Version 1.1 x-amz-server-side-encryption AES256
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	424 KB 145 KB	142ms 53ms	Script text/javascript	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: api.adinplay.com URL: https://api.adinplay.com/libs/aiptag/pub/SWT/swordbattle.io/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 18672b5810471e074cd401d06e7cb28d4e9ed527f30d1f044a7edf5c33d3e85c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/ Response headers cache-control private, max-age=900, stale-while-revalidate=3600 content-encoding gzip cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" cross-origin-resource-policy cross-origin report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} x-content-type-options nosniff expires Thu, 12 Dec 2024 07:54:20 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 148092 date Thu, 12 Dec 2024 07:54:20 GMT x-xss-protection 0 content-type text/javascript vary Accept-Encoding server sffe
GET H2	200	px.gif Show response ad-delivery.net/	43 B 1 KB	105ms 42ms	Fetch image/gif	2606:4700:20::681a:346 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad-delivery.net/px.gif?ch=2 Requested by Host: api.adinplay.com URL: https://api.adinplay.com/v4/live/aip/ad-manager.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/ Response headers x-goog-metageneration 5 access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== cf-cache-status MISS etag "ad4b0f606e0f8465bc4c4c170b37e1a3" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oXwole0j7FpdPpciRePY61X7%2F5rWX9Jy020LpZaeYaI9izOja0V7BssrYN3PuHKrzuCipgP%2FS%2BD0ARtXjxW6rMQpYwRRSKjLAeff9ppEQpQdy5kM2oHYfWYvb2raT5Nv56v6ySWoUjCUkeL7tw%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-encoding identity expires Fri, 13 Dec 2024 07:54:20 GMT server-timing cfL4;desc="?proto=TCP&rtt=24816&min_rtt=24764&rtt_var=5307&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3979&recv_bytes=2265&delivery_rate=155939&cwnd=236&unsent_bytes=0&cid=4b1e33335b3ca787&ts=45&x=0" x-goog-stored-content-length 43 date Thu, 12 Dec 2024 07:54:20 GMT content-type image/gif last-modified Wed, 05 May 2021 19:25:32 GMT vary Accept-Encoding x-guploader-uploadid AFiumC47tene35pJHZBUoVal_GIHohQ4ae4pVowWQVA8TPnNjtD0TxGjrb9WBF2J69_E_VKQEY4 cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-storage-class MULTI_REGIONAL cf-ray 8f0c2558786563b0-LHR accept-ranges bytes access-control-allow-origin * x-goog-generation 1620242732037093 content-length 43 server cloudflare
GET H2	200	content.html Show response hb.vntsm.io/	32 B 650 B	382ms 304ms	Fetch text/html	2606:4700:10::6816:2e8e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.vntsm.io/content.html Requested by Host: api.adinplay.com URL: https://api.adinplay.com/v4/live/aip/ad-manager.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:2e8e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/ Response headers access-control-expose-headers * cf-cache-status MISS etag "2f58b9ff601fd509249a9e7628a21c33" geo GB access-control-allow-methods GET date Thu, 12 Dec 2024 07:54:21 GMT content-type text/html vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding last-modified Thu, 14 Oct 2021 10:47:47 GMT x-amz-id-2 yryUvfbsiqqAUG8M5pff3EEu9NXyoNo3ymJqtdD0apXwq2sC88W70lP6YZYEECu2akNMhXF4TO+qG6tF4pngXw== cache-control max-age=14400 x-amz-request-id 0BYF3M72AB0M9VM1 cf-ray 8f0c25588bbe9455-LHR accept-ranges bytes access-control-allow-origin * content-length 32 server cloudflare
GET H2	200	11613.js Show response api.adinplay.com/v4/live/aip/	3 KB 2 KB	36ms 36ms	Script application/javascript	2606:4700:20::ac43:47de CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.adinplay.com/v4/live/aip/11613.js Requested by Host: api.adinplay.com URL: https://api.adinplay.com/v4/live/aip/ad-manager.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9de64b2d72bc9fca370d00a26f0633b1d3411bc94e8bc8096d45d938b5e838b6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/ Response headers x-host adinplay-1 cf-cache-status HIT etag W/"673efd9b-d58" age 147570 content-encoding br report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xWQfHOFhX%2F8eQ4vEp17OmUrvUqweXg5q8yhB0MSOjruvJ5yJ3rnC4EzIfQoZcJgRX889jdLhjeV5YcnSKmd2LVxVrcPt5SBjzrX7UcNVX2JTdhR9znL0fujyhycNhl9Vcj2VFgt0n3H0KfmV2Cs%3D"}],"group":"cf-nel","max_age":604800} server-timing cfL4;desc="?proto=TCP&rtt=27261&min_rtt=23997&rtt_var=5575&sent=247&recv=129&lost=0&retrans=0&sent_bytes=284628&recv_bytes=2547&delivery_rate=7064385&cwnd=346&unsent_bytes=0&cid=e7326e0b810319f7&ts=291&x=0" date Thu, 12 Dec 2024 07:54:20 GMT content-type application/javascript last-modified Thu, 21 Nov 2024 09:30:03 GMT vary Accept-Encoding cache-control max-age=1800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 8f0c25581a397320-LHR access-control-allow-origin * server cloudflare
GET H2	200	73469.js Show response api.adinplay.com/v4/live/aip/	18 KB 7 KB	39ms 39ms	Script application/javascript	2606:4700:20::ac43:47de CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.adinplay.com/v4/live/aip/73469.js Requested by Host: api.adinplay.com URL: https://api.adinplay.com/v4/live/aip/ad-manager.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d627d32bf260395d4ab41c340e67ad705eaf944ab513b170b83ed30785a94d7c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/ Response headers x-host adinplay-2 cf-cache-status HIT etag W/"673efd9b-486c" age 147569 content-encoding br report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o6NqJ8ELncxxjX8O3dl%2BfL25uf8Z8DBupZH%2FjCAN4uoFdLOKe%2FS4oxoLUcouDnFjq5pngZPxcpYrKDGIsPb47iQshopRUIHUtKTdfab2F6r2OszOH%2FnN9Pq2GBRXPwfIysHlfAZ22SFTDuf4pd8%3D"}],"group":"cf-nel","max_age":604800} server-timing cfL4;desc="?proto=TCP&rtt=27261&min_rtt=23997&rtt_var=5575&sent=255&recv=129&lost=0&retrans=0&sent_bytes=289710&recv_bytes=2547&delivery_rate=7064385&cwnd=346&unsent_bytes=0&cid=e7326e0b810319f7&ts=292&x=0" date Thu, 12 Dec 2024 07:54:20 GMT content-type application/javascript last-modified Thu, 21 Nov 2024 09:30:03 GMT vary Accept-Encoding cache-control max-age=1800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 8f0c25581a3a7320-LHR access-control-allow-origin * server cloudflare
GET H2	200	56466.js Show response api.adinplay.com/v4/live/aip/	6 KB 3 KB	36ms 36ms	Script application/javascript	2606:4700:20::ac43:47de CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.adinplay.com/v4/live/aip/56466.js Requested by Host: api.adinplay.com URL: https://api.adinplay.com/v4/live/aip/ad-manager.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a070bf8b094322fc676f3820f25ddb360933959709d18b086a67fdbcfb65b52d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/ Response headers x-host adinplay-2 cf-cache-status HIT etag W/"673efd9b-165f" age 147569 content-encoding br report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2BU2H6iW6F5xtEoxmnNlNatPEpdN1AXANIPDH2iSOT1mHMdvg51H%2Buf7U21SSXMSZ8sWeeYZ0mNoUvBbofCNIgG%2BbDFekU2OErzcKpYhf9mZjVAS6nB8%2FJx7MRd781wFg5X8zqiMJc26cRB9sdM%3D"}],"group":"cf-nel","max_age":604800} server-timing cfL4;desc="?proto=TCP&rtt=27261&min_rtt=23997&rtt_var=5575&sent=251&recv=129&lost=0&retrans=0&sent_bytes=286673&recv_bytes=2547&delivery_rate=7064385&cwnd=346&unsent_bytes=0&cid=e7326e0b810319f7&ts=291&x=0" date Thu, 12 Dec 2024 07:54:20 GMT content-type application/javascript last-modified Thu, 21 Nov 2024 09:30:03 GMT vary Accept-Encoding cache-control max-age=1800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 8f0c25581a3b7320-LHR access-control-allow-origin * server cloudflare
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 1 KB	81ms 25ms	Fetch application/json	2a04:4e42:400::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20241212 Requested by Host: api.adinplay.com URL: https://api.adinplay.com/v4/live/aip/ad-manager.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 8a15b0e2840ad35ba425ca104a0347f35384f15e78a9e1df58a7880d3da02106 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type text/plain Referer https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/ Response headers access-control-expose-headers * content-encoding br etag W/"63a-GsvC7YaRC59eIJRYso/wAeO4PyM" age 14005 x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT, HIT date Thu, 12 Dec 2024 07:54:20 GMT content-type application/json; charset=utf-8 x-served-by cache-fra-eddf8230103-FRA, cache-lcy-eglc8600081-LCY vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 838 x-jsd-version 1.0.2267
GET H2	200	45496.js Show response api.adinplay.com/v4/live/aip/	3 KB 2 KB	37ms 37ms	Script application/javascript	2606:4700:20::ac43:47de CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.adinplay.com/v4/live/aip/45496.js Requested by Host: api.adinplay.com URL: https://api.adinplay.com/v4/live/aip/ad-manager.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bf4baebad5bfea80098680bf3037f54fe7129285e246d37e61afc9f0cf3f611c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/ Response headers x-host adinplay-2 cf-cache-status HIT etag W/"673efd9b-a56" age 147569 content-encoding br report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R9arfE1myB6WRJ1vj3kAm3kM%2FMj2oPz7hQEDjbkIeKm%2BbX0T4wR%2BTPEe2AUMKat6V8JBGr8eB8nk2JS%2BZe%2BE70J%2Br%2Fi5LWSegIw3s6dQ81LpTDwDII29QktuYpmr4XDFNDIvOd52sGVCNSYTf%2BQ%3D"}],"group":"cf-nel","max_age":604800} server-timing cfL4;desc="?proto=TCP&rtt=25331&min_rtt=23997&rtt_var=1861&sent=268&recv=139&lost=0&retrans=0&sent_bytes=299018&recv_bytes=2677&delivery_rate=7064385&cwnd=362&unsent_bytes=0&cid=e7326e0b810319f7&ts=333&x=0" date Thu, 12 Dec 2024 07:54:20 GMT content-type application/javascript last-modified Thu, 21 Nov 2024 09:30:03 GMT vary Accept-Encoding cache-control max-age=1800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 8f0c25585a8b7320-LHR access-control-allow-origin * server cloudflare
GET H2	200	70931.js Show response api.adinplay.com/v4/live/aip/	4 KB 2 KB	36ms 36ms	Script application/javascript	2606:4700:20::ac43:47de CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.adinplay.com/v4/live/aip/70931.js Requested by Host: api.adinplay.com URL: https://api.adinplay.com/v4/live/aip/ad-manager.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f71aa0c67cfc824ca1ff2afbe9e2b0f4e3ce145fb774533faf532ffeca79b3a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/ Response headers x-host adinplay-1 cf-cache-status HIT etag W/"673efd9b-ef6" age 147569 content-encoding br report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9QW0NpcBYS9jrGf3QuBnQz40is8PJgrW7vE0NwQkUnypVZ4hzdJ1gE5DoFfFrpz65YIE4d6NSPGWQCesJSFMs27sBB%2BNsRZ0%2Fi%2FUFIgCO7HWuFgcfdYxrgkMiTXAB52nek71Mjho6NkFuIJUOQ0%3D"}],"group":"cf-nel","max_age":604800} server-timing cfL4;desc="?proto=TCP&rtt=25331&min_rtt=23997&rtt_var=1861&sent=264&recv=139&lost=0&retrans=0&sent_bytes=296869&recv_bytes=2677&delivery_rate=7064385&cwnd=362&unsent_bytes=0&cid=e7326e0b810319f7&ts=332&x=0" date Thu, 12 Dec 2024 07:54:20 GMT content-type application/javascript last-modified Thu, 21 Nov 2024 09:30:03 GMT vary Accept-Encoding cache-control max-age=1800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 8f0c25585a8d7320-LHR access-control-allow-origin * server cloudflare
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	104 KB 33 KB	133ms 53ms	Script text/javascript	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js?network-code=421469808 Requested by Host: api.adinplay.com URL: https://api.adinplay.com/v4/live/aip/ad-manager.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software cafe / Resource Hash 8e4161d435ab9a6311fc918977a05d6750e6c80a9dc26e238fbb7ae09e70973e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io Referer https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/ Response headers content-encoding br etag 258 / 20069 / m202412050101 / config-hash: 11587532401022182272 x-content-type-options nosniff expires Thu, 12 Dec 2024 07:54:20 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Thu, 12 Dec 2024 07:54:20 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding content-disposition attachment; filename="f.txt" cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 33576 x-xss-protection 0 server cafe
OPTIONS H2	200	json gum.criteo.com/sid/	0 0	106ms 31ms	Preflight application/json	2a02:2638:3::c ASN-CRITEO-EUROPE...
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fme3u6-oqaaa-aaaad-qfkra-cai.icp0.io%2F&domain=me3u6-oqaaa-aaaad-qfkra-cai.icp0.io&cw=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Thu, 12 Dec 2024 07:54:20 GMT expires 0 pragma no-cache server Kestrel server-processing-duration-in-ticks 240321 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	json Show response gum.criteo.com/sid/	2 B 394 B	95ms 32ms	Fetch application/json	2a02:2638:3::c ASN-CRITEO-EUROPE...
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fme3u6-oqaaa-aaaad-qfkra-cai.icp0.io%2F&domain=me3u6-oqaaa-aaaad-qfkra-cai.icp0.io&cw=1&lsw=1 Requested by Host: api.adinplay.com URL: https://api.adinplay.com/v4/live/aip/ad-manager.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR), Reverse DNS Software Kestrel / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type application/json Referer https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/ Response headers strict-transport-security max-age=31536000; preload; cache-control no-cache, no-store, must-revalidate content-encoding gzip pragma no-cache access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 200564 expires 0 access-control-allow-origin https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io date Thu, 12 Dec 2024 07:54:20 GMT content-type application/json; charset=utf-8 vary Accept-Encoding server Kestrel
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/	496 KB 154 KB	37ms 36ms	Script text/javascript	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js?network-code=421469808 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software cafe / Resource Hash 3e63ee66b9db436c0738fdcfad9340135b640f2ac85eb04498fdb7ad2067592b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io Referer https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/ Response headers content-encoding br etag 2279107579115022503 age 80315 x-content-type-options nosniff expires Thu, 11 Dec 2025 09:35:46 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Wed, 11 Dec 2024 09:35:46 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, immutable, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 157504 x-xss-protection 0 server cafe
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	122 B 112 B	46ms 46ms	XHR application/json	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=me3u6-oqaaa-aaaad-qfkra-cai.icp0.io&pppnc=421469808 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js?network-code=421469808 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software cafe / Resource Hash 29d536f6a4a98ad02cbb514697195cb4bdbcc9a216ec1bb6965df796c9c264aa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/ Response headers cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * content-encoding br cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Thu, 12 Dec 2024 07:54:21 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 87 date Thu, 12 Dec 2024 07:54:21 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H3	200	gpt securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/	63 KB 22 KB	97ms 97ms	Other text/plain	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt Requested by Host: me3u6-oqaaa-aaaad-qfkra-cai.icp0.io URL: https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/public/units.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software cafe / Resource Hash 3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers content-encoding br etag 4443559573512225521 age 21083 x-content-type-options nosniff expires Fri, 13 Dec 2024 02:02:58 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Thu, 12 Dec 2024 02:02:58 GMT content-type text/plain; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=86400, stale-while-revalidate=7200 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 22952 x-xss-protection 0 server cafe use-as-dictionary match="/gampad/ads", id="m202412050101"
GET H3	200	ima_ppub_config Show response securepubads.g.doubleclick.net/pagead/	18 B 40 B	48ms 48ms	XHR application/json	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fme3u6-oqaaa-aaaad-qfkra-cai.icp0.io%2Fpublic%2Funits.html Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software cafe / Resource Hash fb4ce9bca5bdc15e76e3f7ad190a83bca6a0b499257acc7281c31231697da075 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/ Response headers cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * content-encoding br cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Thu, 12 Dec 2024 07:54:21 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 16 date Thu, 12 Dec 2024 07:54:21 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	421469808 Show response fundingchoicesmessages.google.com/i/	25 KB 11 KB	206ms 105ms	Script application/javascript	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/421469808?ers=3 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f95980d70b0539b4cbc5a4518e2e1c26f0cd879d975b6d7a1b8d6645f5747288 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-JS3hNvlLZ9ofT4mqEU8T-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 12 Dec 2024 07:54:21 GMT content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw0ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcKxd-2oXm0BHw4zFjEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhkYGlnoGxvEFxgBvA0US" content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-JS3hNvlLZ9ofT4mqEU8T-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-xss-protection 0 server ESF
GET H2	500	favicon.ico me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/	51 B 142 B	295ms 295ms	Other text/plain	2a0b:21c0:b002:2:5000:59ff:fead:c233 ZEN-ECN
General Check archive.org Show headers Download Go to Full URL https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a0b:21c0:b002:2:5000:59ff:fead:c233 Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US), Reverse DNS Software / Resource Hash 2c07efd1f26aa5c9fb83bdd0fdd03093570c5456ce4d51d01205bf068160bd27 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/public/units.html Response headers strict-transport-security max-age=31536000; includeSubDomains x-request-id 0193b9dc-955e-7be0-961f-a6c66957ee3e x-ic-canister-id me3u6-oqaaa-aaaad-qfkra-cai access-control-expose-headers accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id access-control-allow-origin * content-length 51 date Thu, 12 Dec 2024 07:54:20 GMT vary origin, access-control-request-method, access-control-request-headers
POST H3	204	ping pagead2.googlesyndication.com/pagead/	0 0	143ms 68ms	Fetch text/html	172.217.18.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/ping?e=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f98.1e100.net Software / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/ Response headers
GET		choice.js cmp.inmobi.com/choice/Hwnr8j7tWA3Nu/me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cmp.inmobi.com

URL

https://cmp.inmobi.com/choice/Hwnr8j7tWA3Nu/me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/choice.js?tag_version=V3

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| show_preroll object| aiptag object| aipAPItag object| __VM object| __VM_WPK_C_LR__m object| prebidEvents object| aipDisplayTag function| aipPlayer object| googlefc object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| google_reactive_ads_global_state function| __an6na521li18__ string| bG9hZGVyX2pz string| Y2FjaGVkX2pz object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.icp0.io/	1970-01-21 10:25:26	Name: _sharedid Value: bb9b467a-0497-48a1-a825-44bc7a96d027
			.icp0.io/	1970-01-21 10:25:26	Name: _sharedid_cst Value: zix7LPQsHA%3D%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://me3u6-oqaaa-aaaad-qfkra-cai.icp0.io/favicon.ico Message: Failed to load resource: the server responded with a status of 500 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
api.adinplay.com
cdn.jsdelivr.net
cmp.inmobi.com
fundingchoicesmessages.google.com
gum.criteo.com
hb-vntsm-com.global.ssl.fastly.net
hb.vntsm.io
imasdk.googleapis.com
me3u6-oqaaa-aaaad-qfkra-cai.icp0.io
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
cmp.inmobi.com
151.101.65.194
172.217.18.2
172.217.18.98
2606:4700:10::6816:2e8e
2606:4700:20::681a:346
2606:4700:20::ac43:47de
2a00:1450:4001:827::200e
2a00:1450:4001:82f::200a
2a02:2638:3::c
2a04:4e42:400::485
2a0b:21c0:b002:2:5000:59ff:fead:c233
0777c5a5076cf8ee13378d8a9ba4fc3e5d35ef6318cc86267925fadb3f89d15a
18672b5810471e074cd401d06e7cb28d4e9ed527f30d1f044a7edf5c33d3e85c
29d536f6a4a98ad02cbb514697195cb4bdbcc9a216ec1bb6965df796c9c264aa
2c07efd1f26aa5c9fb83bdd0fdd03093570c5456ce4d51d01205bf068160bd27
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3e63ee66b9db436c0738fdcfad9340135b640f2ac85eb04498fdb7ad2067592b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
54979a57b8bec446a421044649ded15f5e4da6bbffd4b8406280ed46229a1005
638d5b6c52bc802dab7267e23d0c43f7367d3de3d58abfd579fae9906ca1b18d
6e9a6b334cb9810f7d25fafab61725edf522f8b7372ac65f1274db79867a6537
6f71aa0c67cfc824ca1ff2afbe9e2b0f4e3ce145fb774533faf532ffeca79b3a
8a15b0e2840ad35ba425ca104a0347f35384f15e78a9e1df58a7880d3da02106
8e4161d435ab9a6311fc918977a05d6750e6c80a9dc26e238fbb7ae09e70973e
9de64b2d72bc9fca370d00a26f0633b1d3411bc94e8bc8096d45d938b5e838b6
a070bf8b094322fc676f3820f25ddb360933959709d18b086a67fdbcfb65b52d
bf4baebad5bfea80098680bf3037f54fe7129285e246d37e61afc9f0cf3f611c
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d627d32bf260395d4ab41c340e67ad705eaf944ab513b170b83ed30785a94d7c
f95980d70b0539b4cbc5a4518e2e1c26f0cd879d975b6d7a1b8d6645f5747288
fb4ce9bca5bdc15e76e3f7ad190a83bca6a0b499257acc7281c31231697da075