herogayabmodeon.net Open in urlscan Pro
2606:4700:3030::6815:297d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://herogayabmodeon.net/
Effective URL:
https://herogayabmodeon.net/
Submission: On December 02 via manual (December 2nd 2021, 12:11:56 pm UTC) from US — Scanned from DE

Summary HTTP 245 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 51 IPs in 9 countries across 40 domains to perform 245 HTTP transactions. The main IP is 2606:4700:3030::6815:297d, located in United States and belongs to CLOUDFLARENET, US. The main domain is herogayabmodeon.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 20th 2021. Valid for: a year.

This is the only time herogayabmodeon.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 57	2606:4700:303... 2606:4700:3030::6815:297d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	23.109.87.118 23.109.87.118	7979 (SERVERS-COM) (SERVERS-COM)
1	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
14	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
45	35.186.238.232 35.186.238.232	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
8	2a04:4e42:a00... 2a04:4e42:a00::282	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6812:9ca	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	168.119.79.223 168.119.79.223	24940 (HETZNER-AS) (HETZNER-AS)
1	185.86.137.113 185.86.137.113	201081 (SMARTADSE...) (SMARTADSERVER)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
7 15	184.51.10.5 184.51.10.5	16625 (AKAMAI-AS) (AKAMAI-AS)
2	157.90.33.68 157.90.33.68	24940 (HETZNER-AS) (HETZNER-AS)
1	184.51.9.34 184.51.9.34	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
3	54.217.138.163 54.217.138.163	16509 (AMAZON-02) (AMAZON-02)
1 3	104.96.145.246 104.96.145.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
4 8	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	52.213.21.126 52.213.21.126	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:640	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
5	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2	37.157.2.235 37.157.2.235	198622 (ADFORM) (ADFORM)
4	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
1 3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1	23.202.54.36 23.202.54.36	16625 (AKAMAI-AS) (AKAMAI-AS)
3	70.42.32.95 70.42.32.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	34.206.191.36 34.206.191.36	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:26d... 2600:1f18:26d4:7e01:316:4277:55f4:202c	14618 (AMAZON-AES) (AMAZON-AES)
2	40.80.160.49 40.80.160.49	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	192.173.31.106 192.173.31.106	13360 (TRITONDIG...) (TRITONDIGITAL)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
4	63.35.242.195 63.35.242.195	16509 (AMAZON-02) (AMAZON-02)
2 2	52.215.67.233 52.215.67.233	() ()
2 2	151.101.66.49 151.101.66.49	() ()
1	37.157.6.247 37.157.6.247	198622 (ADFORM) (ADFORM)
1	66.102.1.154 66.102.1.154	() ()
2	184.51.10.56 184.51.10.56	() ()
2	2a00:1450:400... 2a00:1450:4001:827::2002	() ()
1	2a00:1450:400... 2a00:1450:4001:830::2006	() ()
1	2a00:1450:400... 2a00:1450:4001:809::2002	() ()
2	2404:6800:400... 2404:6800:4004:824::2003	() ()
1	142.250.186.162 142.250.186.162	() ()
245	51

57 2606:4700:3030::6815:297d (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

herogayabmodeon.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.87.118 (Netherlands)

ASN7979 (SERVERS-COM, US)

applescringe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

houndcost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 35.186.238.232 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 232.238.186.35.bc.googleusercontent.com

ads.viralize.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.viralize.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

cdn.ravenjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:4e42:a00::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:9ca (United States)

ASN13335 (CLOUDFLARENET, US)

static.viralize.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.79.223 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.223.79.119.168.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.113 (France)

ASN201081 (SMARTADSERVER, FR)

www8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 184.51.10.5 (Vienna, Austria) 7 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-10-5.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.33.68 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sub1.1push.io

system-notify.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.9.34 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-34.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.217.138.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-138-163.eu-west-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.96.145.246 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pandg.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:1::13 (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.213.21.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-21-126.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:640 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.viralize.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.235 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.202.54.36 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-54-36.deploy.static.akamaitechnologies.com

images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.191.36 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-191-36.compute-1.amazonaws.com

adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:26d4:7e01:316:4277:55f4:202c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ipds.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.80.160.49 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

x3.instreamatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xs3.instreamatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.173.31.106 (Canada)

ASN13360 (TRITONDIGITAL, CA)

cmod576.live.streamtheworld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-ondemand-impression.tritondigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.35.242.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.67.233 (None, ) 2 redirects

ASN- ()

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (None, ) 2 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.247 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.102.1.154 (None, )

ASN- ()

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.51.10.56 (None, )

ASN- ()

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (None, )

ASN- ()

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (None, )

ASN- ()

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:824::2003 (None, )

ASN- ()

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (None, )

ASN- ()

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	herogayabmodeon.net 2 redirects herogayabmodeon.net	864 KB
51	viralize.tv ads.viralize.tv content.viralize.tv static.viralize.tv cdn.viralize.tv	903 KB
26	revcontent.com assets.revcontent.com trends.revcontent.com cdn.revcontent.com images.revcontent.com	181 KB
19	stickyadstv.com 7 redirects ads.stickyadstv.com cdn.stickyadstv.com	307 KB
16	criteo.com 4 redirects gum.criteo.com mug.criteo.com	5 KB
12	googleapis.com fonts.googleapis.com ajax.googleapis.com imasdk.googleapis.com	961 KB
8	polyfill.io polyfill.io	2 KB
5	adsrvr.org match.adsrvr.org	3 KB
4	crwdcntrl.net id.crwdcntrl.net	1 KB
4	doubleclick.net 1 redirects cm.g.doubleclick.net bid.g.doubleclick.net	16 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	ravenjs.com cdn.ravenjs.com	38 KB
4	gstatic.com fonts.gstatic.com csi.gstatic.com	44 KB
3	googlesyndication.com pagead2.googlesyndication.com ade.googlesyndication.com	13 KB
3	outbrainimg.com images.outbrainimg.com log.outbrainimg.com	1 MB
3	adform.net adx.adform.net c1.adform.net Failed	2 KB
3	spotxchange.com search.spotxchange.com	5 KB
3	360yield.com ice.360yield.com	931 B
2	moatads.com z.moatads.com px.moatads.com	106 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	693 B
2	bidr.io 2 redirects match.prod.bidr.io	1 KB
2	instreamatic.com x3.instreamatic.com xs3.instreamatic.com	3 KB
2	adrta.com 1 redirects adrta.com ipds.adrta.com	937 B
2	amazon-adsystem.com s.amazon-adsystem.com	1 KB
2	outbrain.com odb.outbrain.com mcdp-nydc1.outbrain.com	3 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	system-notify.app system-notify.app	6 KB
1	google.com adservice.google.com	549 B
1	2mdn.net s0.2mdn.net r4---sn-4g5lzne6.c.2mdn.net Failed	17 KB
1	tritondigital.com eu-ondemand-impression.tritondigital.com	172 B
1	rlcdn.com api.rlcdn.com	330 B
1	streamtheworld.com cmod576.live.streamtheworld.com	913 B
1	tapad.com pandg.tapad.com	680 B
1	pubmatic.com ads.pubmatic.com	53 KB
1	pghub.io pghub.io	4 KB
1	smartadserver.com www8.smartadserver.com	1 KB
1	richaudience.com sync.richaudience.com	826 B
1	googletagmanager.com www.googletagmanager.com	36 KB
1	houndcost.com houndcost.com
1	applescringe.com applescringe.com
245	40

	Domain	Requested by
57	herogayabmodeon.net	2 redirects herogayabmodeon.net
40	ads.viralize.tv	herogayabmodeon.net ads.viralize.tv static.viralize.tv cdn.ravenjs.com
15	ads.stickyadstv.com	7 redirects herogayabmodeon.net cdn.ravenjs.com cdn.stickyadstv.com
12	trends.revcontent.com	assets.revcontent.com
8	images.revcontent.com
8	mug.criteo.com	herogayabmodeon.net
8	gum.criteo.com	4 redirects
8	polyfill.io	ads.viralize.tv content.viralize.tv herogayabmodeon.net static.viralize.tv
7	imasdk.googleapis.com	ads.viralize.tv content.viralize.tv static.viralize.tv cdn.stickyadstv.com imasdk.googleapis.com
5	match.adsrvr.org	pandg.tapad.com ads.pubmatic.com
5	static.viralize.tv	ads.viralize.tv content.viralize.tv static.viralize.tv
5	content.viralize.tv	herogayabmodeon.net content.viralize.tv
5	assets.revcontent.com	herogayabmodeon.net assets.revcontent.com
4	id.crwdcntrl.net	ads.pubmatic.com
4	cdn.stickyadstv.com	static.viralize.tv cdn.stickyadstv.com
4	ajax.googleapis.com	ads.viralize.tv content.viralize.tv static.viralize.tv
4	cdn.ravenjs.com	ads.viralize.tv content.viralize.tv static.viralize.tv
3	cm.g.doubleclick.net	1 redirects
3	search.spotxchange.com	cdn.ravenjs.com
3	ice.360yield.com	cdn.ravenjs.com
2	csi.gstatic.com	imasdk.googleapis.com
2	pagead2.googlesyndication.com	imasdk.googleapis.com srcdoc
2	sync-tm.everesttech.net	2 redirects
2	match.prod.bidr.io	2 redirects
2	log.outbrainimg.com
2	s.amazon-adsystem.com
2	adx.adform.net	cdn.ravenjs.com
2	eus.rubiconproject.com	www8.smartadserver.com eus.rubiconproject.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	system-notify.app	herogayabmodeon.net system-notify.app
2	fonts.gstatic.com	fonts.googleapis.com
1	ade.googlesyndication.com
1	px.moatads.com
1	adservice.google.com	imasdk.googleapis.com
1	s0.2mdn.net	imasdk.googleapis.com
1	z.moatads.com	cdn.stickyadstv.com
1	bid.g.doubleclick.net	cdn.stickyadstv.com
1	xs3.instreamatic.com
1	eu-ondemand-impression.tritondigital.com
1	api.rlcdn.com	ads.pubmatic.com
1	cmod576.live.streamtheworld.com	cdn.ravenjs.com
1	x3.instreamatic.com	cdn.ravenjs.com
1	ipds.adrta.com
1	adrta.com	1 redirects
1	mcdp-nydc1.outbrain.com
1	images.outbrainimg.com
1	c1.adform.net
1	odb.outbrain.com	cdn.ravenjs.com
1	cdn.revcontent.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	cdn.viralize.tv	herogayabmodeon.net
1	pandg.tapad.com	pghub.io
1	secure-assets.rubiconproject.com	1 redirects
1	ads.pubmatic.com	assets.revcontent.com
1	pghub.io	herogayabmodeon.net
1	www8.smartadserver.com	herogayabmodeon.net
1	sync.richaudience.com	herogayabmodeon.net
1	www.googletagmanager.com	herogayabmodeon.net
1	houndcost.com	herogayabmodeon.net
1	applescringe.com	herogayabmodeon.net
1	fonts.googleapis.com	herogayabmodeon.net
0	r4---sn-4g5lzne6.c.2mdn.net Failed
245	62

This site contains links to these domains. Also see Links.

Domain
trends.revcontent.com
help.revcontent.com
www.revcontent.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-20` - `2022-08-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
applescringe.com R3	`2021-11-22` - `2022-02-20`	3 months	crt.sh
houndcost.com R3	`2021-10-11` - `2022-01-09`	3 months	crt.sh
assets.revcontent.com R3	`2021-11-10` - `2022-02-08`	3 months	crt.sh
*.viralize.tv Sectigo RSA Domain Validation Secure Server CA	`2021-11-10` - `2022-12-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
cdn.ravenjs.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-11-26` - `2022-12-28`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-17` - `2022-03-16`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2021-02-09` - `2022-02-16`	a year	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
system-notify.app R3	`2021-11-04` - `2022-02-02`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.360yield.com Amazon	`2021-07-28` - `2022-08-26`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.tapad.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-13` - `2022-10-14`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
cdn.revcontent.com R3	`2021-11-12` - `2022-02-10`	3 months	crt.sh
images.revcontent.com R3	`2021-11-10` - `2022-02-08`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.stickyadstv.com DigiCert SHA2 High Assurance Server CA	`2019-11-25` - `2022-02-18`	2 years	crt.sh
*.outbrain.com R3	`2021-12-02` - `2022-03-02`	3 months	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
*.instreamatic.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-09-30` - `2022-10-09`	a year	crt.sh
*.live.streamtheworld.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2022-05-10`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.tritondigital.com Go Daddy Secure Certificate Authority - G2	`2021-01-19` - `2022-02-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://herogayabmodeon.net/
Frame ID: 4BAFF5B48CD9BE12A7499E95B67CDA64
Requests: 121 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: 7973C7E7795F155454A56D0AA7A33C1E
Requests: 34 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: 75F3560437C61AF33854D7D6D521D48D
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: 96666B3700B62EDE9A565F6E37B88D1A
Requests: 3 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=1&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fherogayabmodeon.net%2F&owner=P%26G&bp_id=showheroes
Frame ID: 2D326A6EE9AABB67FE65C51756CCD8B2
Requests: 2 HTTP requests in this frame

Frame: https://static.viralize.tv/viralize_vpaid.min.3500125a.js?e=ops
Frame ID: A8F1B661C2F019C3D1DCA7A46272707C
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: 15E7A79561E32D7A5DBFCBA03BCE237B
Requests: 26 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 73C069CCB2DD8E28CC870BA33CA2485D
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: C0F70FFFD86EB645BA9964D0C3EACCA8
Requests: 18 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 3EB58B1DD5E7E3F4B40D080DEC8DFFB5
Requests: 8 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js
Frame ID: 44188E9A3ABFBF6647B3AA6CB790A6B5
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: 1AA776697C97827BB09B2CC13C882551
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3FC83EAF6C6EEE99CFE64AACDCB1126C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hero Gayab Mode On Sab Tv Hindi Series Watch Full Episodes Online

Page URL History Show full URLs

http://herogayabmodeon.net/ HTTP 301
https://herogayabmodeon.net/ Page URL

Page Statistics

245
Requests

93 %
HTTPS

34 %
IPv6

40
Domains

62
Subdomains

51
IPs

9
Countries

4694 kB
Transfer

10460 kB
Size

43
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://trends.revcontent.com/click.php?d=goXm2hCJMTxTgT3ziHh3BwnMoM45290dbGgeThH2lUTCjV2ladf%2FSqp%2FtgRYIshxPK%2B93Xx3r1bkJnFb%2BqYOyhO%2BGUj4At2%2BY07MkL3uDSGXDw1n%2FvVhAZ4LA6%2BojH6th6sIJkn%2B5N4S5RyW8CyzhsS7zAErMhVMuurK6tEEdwoXAbtd3H6HCUvodUQSQcY3FvB3HeGtiJqJMi%2B0ju%2B0BcLiTtkHf7aplbvYTefzdVG%2FZVRxDcz%2F4XeBToRFjzAi%2BMHlGumn9j8twklo6%2B7%2BYyrDdKA4ryHdn4FtKvqquV2owtLZVuK1E4TNFZ9Dn765WvDHIqCivFIOvedju6NB6EC6SrPPjUJuTTZGhf9wwRd%2FoKcTrnuQcGepFnNaLGyxjx8xtzwkKuBi9hLo7wZ4FmitPhSrfzixsG6OXdN%2FG1ygrw7mLfYHLorksUvJWitTCeXF6q%2BE77zXV3Ii5K84YynctF5bhc5wwLB%2FjsJl11AYpRZHLl27%2FBZD9UedEFUzY%2FMroGPJJfx1MXZ4pcSPK7AN2fA5Qds9JHOHWMaIhEpuX4Twc4vAwRfb5FjhHgl7E8KqvVd9QwyNjDeCHRsuOcQkBX41K0NM8zwMsaiMaxuIl6FUOTxOvtqmQRPwi3nGy0Zan0jGpl%2Bh%2F90wN%2FrX6Wy8yf2BExbB7wOPVE9RW73Nx%2FFhRBOojz6JVSfepf8tOFs3%2BaUQqsez9xF%2Bl13tQkJAkHBVO9N%2FpzrNjzqF8rWyotCOHCPpU%2FUnfptM9wWIzAf%2Bn6IJYn8Rso9a8iUmfzbaGOxubnQOjF20Q1d%2BlBoS%2BXwB3qAgMW5BrOE0XjVQ52O7FMNzSUNXN15L%2BRFSSRf6pYVWdngkCMomU3ex86FquXPPJITYuntovi%2FSplwgvOmaJcZsBOcFpShh0%2BaIHfa8TGoSV6dV7OXWujrr6SSoE%2B3MOLgib5sBuI%2F2zc15ZEP28bOviSdehTBq0pi%2FHS31KFNB2nTIfF8g0F17JX8oADUSsot0549jveHuuN1eAAjRrEpCRRCv%2Bnn9ABVPBac496ni7hZubbyDJYhHPVPWzD2MnsWg1adk0nEga9U9oWqQ12wtEmBQ5hq7c9ko%2F9csJPuxB0ZX5tA0ZrwRsCop2asleXeOZ4NHGxMbKrMYDVuabVWTLw5kvCATVY8%2Bp4gNcIu3P5WisdBHd9NqSInuvspOsxzgbH1grK2N63rBq3wC9HrSssp2u7ppdNRu9iD0ctWCX2DJswFdSwYFcq3qzSQ%2FaiEkAS14WkTPNCLK7EJBTxifC6JMbb%2Fl53WWT0Lgfw8%2Fh%2Bmzsl2q6qnSMgBIwkXLMki83%2Fo4lekGCnitjBc4aAIO7Ceg5n4gBtYFW6QjZEHgMqMOFBQOqgI4kPgl2rWGDVfznQ6kzncHxfuAwdACGz4OXNgnZi0vl4blY3EsmBaQOP0eqP9Cvt2co%2BZ1lxtw5z0Ze7iJYptEcPjauh%2Bscw28K5sNuMKJtBodzkSlnAYXkwHq80SrJQ2cs72izeD7te01CeuA69ptKVC6CtMedrOUT1tw4GsMGPgNPQ%3D%3D
Title: Here's the Purpose of That Little Pocket in Women's UnderwearNueey

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=eJPesZudsfoZVlMy0W6jWJR0OTETxD5SWJ9BJa%2FhUskHuhQIi85Do91gjGeFOBM920tgWzz5vV3Hv2CL9tlMgsKKM7k6Y8VDe52eSs4RbNsMc3ZmXbT%2FGXtX03rrUXzdQ8SEIbYKTtEv7dPf0yre%2BuC%2B3%2FDFEmarMph6nQIUU0XTtlpbLyxLLeTKoKuzM86j9c0Q5%2BnEbwQGHFbsCR029v8AiFGgR86PKrtDZ%2BNPnlE0abDrC8xBhh0ARIYdNTC6cp9EKZo3aeDxC7Zg51EnzbTANE0k03a7vpvNhO%2BDEiTbbkIlefke5Nm9XGZtZ8JaZVuwzY23zX%2FaUfwx4XZ7Vn%2BxuWVNSlRHIeOKOEidH2BI%2BbXpJBUQykBNYeHXv112NbFN5wiXRliUpcGvT2DD2HMENY1ox0wpjOu%2Fo4RYnHqvITwBFRe3fokA5ayQDffCj%2FSA6quAJ3CRHNV%2F2QmWhx6Gc5vOqBgWAQ3iSuxnOczSl3icH1Otvc6aN0NbfCvr7r8FVtOj9XzxZZEAXtXRXNEDhZFnY8nhKfuxaIQsw2lneVcusKjtzCiYxb3XliXzao9fUvH65v5tFHu7Y%2FvfEv3Sn81UMqcHJK6v9FwQrQPTz53JygBWJ94D9HJUrUOFFXDkcBfkLeDx0AVZ3tgz6wMYh18XmJyoLl5poLcMZOEiKhWNh%2FHkwumpoLzon6pgoxDvwu94kNK3Punw1zlRqH%2BviqRI2kG6YCNJIoZQ5gOsN73vVJP3oRGTMMcNhKRwVSLfCxEculUJxeT6XjD07QkYBjKGs0APXXqATgPt9%2Bk6r3flHYlXzs3FSNk4FVDOdfxcgXr69exYT6AcPlmE%2FcikNjllOXJX97nrgFahFPwonHKSZmyYkR29QjtHCu0Im7m1B8RDtp0n8oLHbThJrbHjtkUktMETvRIXLGapAAuZbqF%2BHRv0Ug4KHrzU1t2i5rK3x6Du1EA6CgaB7lW7XfUxMaM9y357CpzV2Rv7EVJtmCdVb%2BDSSB159M0qgMS%2FQhlROGpWESURu6KLE9ZlP33iK40lhim8jBzQ6EqgyYvYPok8bWToI30Fwig0zhOTBpGrMTsQfXw%2B9T1r8lgXi1crA4k7ptPiBIbeb%2FIFKQaMckYZa1TEH8E%2B5izAtIXe0eDyGNH%2FZUogmE%2F%2Fm2fmi%2BmbfPWbwemEE9vh5VWtgkryzYM5RfoyJmdrJk58zD9dQcBz73wX9q3xQYva4YdHizvrXhB%2B4GmlBq4sfjo3l9F9lhaTFKGuyp2gSUN3gTQ5E36oKf7A3lP%2FH4s3mA1%2B6tAFCcjl8QirOi0kPK6eM6VbXMxqs9m4OAyBHk%2BTUnPfJ564xDUdaPUq%2FH9dgnr3xQ%3D%3D&s2s=1
Title: 1 Tasse (vor Dem Schlafengehen) Verbrennt Bauchfett Wie Verrückt!Diät Insider

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=ofSUVw75CHFPyf1apYwQj7BIQNqOkvMuxr9iR3ZNAxwAx0%2BnRTIv9ypyR2GEM2%2BEqHMj20D%2BygOxpWZXpq50xZMLyiuEbS1DoaNzrXNDpkwid4KYDr2gQmmsSxRRgGDDkf1A%2F0MB6Xmy5OXpr9ePj1kZ7tK6StbKSf3CBr0wDxIftZUee1F6oKPHNuHGsmoHAQSuyWOtbOCMmx3MPrIrCfBL%2Ffd3dg%2FZ79iPxHqqg59C8QK0MSCuA3oFdhATNSX1G1bfcAWVuFfE6KJDj%2F93HN9NiHMWGNEwFJw9aOzM2QcXWWAR8kq4cPTx7hVrIVB77wRner%2B3tM8Etqh%2BYAxIMV7%2BhU7XMbRMBG6jOu75IJm9zqZp2E8IhP%2BFobI1Dz0Ap74t54f0DLOJ5FjpqI4fTsQFVbZzu4KYF%2BFfj%2FEKaC2qo1n36Wd3562KcuD1ONF8hPYtPBLQLtr6zcHwvH5UsDuTlrecoBgZ%2BQ9s53qUlO9u%2BsQ%2FTucxFFr0UK6MDr5hQ0haSEa%2FFuoC1LdiQw8W7OQCsWqJiQGWO6nXN%2FXqWpaLmC34ey7Ew6T%2BsdcNZbQmjKLo8toA%2Bq0vNa00wwp5Sjf2xAQwMxdxlgtxwgj5g81w5ClhIb9QNcStZzSgkkCq8HUGsii%2FLQlC%2BKzySrTejwPIG0c6Dkc6M6I%2FJRzeTMbKbCRK7LmaLYfYAMxGR0niu0UwaKxLv5QL8WflR8mIXCukDm6jjIMH6oLDwii0MEPdnyIt1ISorh9r7%2BcsJ%2BW%2FEOFtx525A9ea%2FeM7y%2BDbuR2pTfMQJVIovdL%2FE0iQaWB0YUp1pZUOCFHwBZuUEvtJXkwy9EXO%2Bkf%2Fkiz7DXw6N%2B4AR5CuxrPGhmef506ZIi1TNZTJb8aqpukKZhdEFB9Am362N5tfPdAoev7vR%2FwqpW%2BxEOMMwei77jR3IVHxyGZrckRK%2F224IhAlogkQchsmz5%2FhMGVfoCufoCk5GveeouCJIY6OYbhe3vnwSUIYk1fj5lmytlRhLOoI2NcTuaYHqUQwyQClLWQkLdNuzCWPXZBiisKxcGdPhWiveSs1fc%2FyAQiMK2H%2BtOhjD2Ow9i2jLab5mzZkDWEslfRiDCCdLQpQk3vznVE4J6V4%2FL7MTOVE%2BDzY305rl4yL1LB5v2ItRSHD7qKh6F13soa43%2FgbykWgBARyIo7RdGwW65CxQCcmwafoCFkb1J8b1RdSyvinJJaRP1aRluKpdbWDlTzKdA9mZ5BaenswnunDGHJmY6EtrXivIMHpN%2FqF5tgwV1Fsk7sqUbR4JhcSuSNuw6fE1WyxWk20tNpW%2B35UI%2F97PW4173NylLUhFyYDaQO9e%2FHZ&s2s=1
Title: Wundermittel pflanzliches CBD Öl? Jetzt testen!CBD-Bericht

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=8Iiqr1POGY5rccXIvS1f8aPfZ6ZDabQ5ayxK3lTpR2yTBUZKaOSrMOdagg7hZygkBXcrtk8CTyWhyrcpVBRmjD%2Fq7NLNXYWmxWZ0Irz%2FzrieaSgjagPLUh4B5RorOynZ8Mn3Qg3B49XGAiRrurXq2UFpAZ8MFmeqgFT8AbEb0yB5ZCeSu4Xd0%2FNxAgoKgwXb9KP9UxSgbKXV4vV%2F9P7QNP8gDgregjBjeWA60klSC7eHIATJq2bXMF4DjhRi97g7Is0EoankDM%2BC%2Bph2%2FTrnxMCXWZAXnl0qmWXcLtBcfPNe81J57ktOKOvzrcTwU8H6QYTq8mmq4r%2FIinV342fn30hR2T9EzEtGJ3MvYGKP8EVWlyn4%2FfhWm%2FOOBfj8sWz3YgvSZy3t0woMBy7DoBsljEPn42O2s%2FvEmRbfzLm%2BJKnNLZRPSy9C5jKHdoTY1HZpidx1hfMFwJNvaoLbTVRCAqdSkG%2FxxLaj0UcqwqbOWvh%2FMgryhOClShp2Uu88trU8t7UDOis6vDnU9kGZXMpG1z0NBm4Gu6JFova5hj5%2BkPCpaUaUfBRZns2DOholmM5BxAl%2BmXnmOhmaoD58JxklHTCrt0w5vChKMl9fhxRgmTxcsISRDTmCBA2Ty7EygXZhYwxyGJfWF%2BnMQvN079WwOQG0jnTTmlikhYyekcqLyXeRCaE9WVO5tUjsb9oq4r9beMERfRxRTIU868TUvpH86SQRhcoOg5SQ%2FRT7hcIaKrt8mTUGQCI4LidtBOKcJG%2BlGa8uHvwz1xlycukzkzY5HtNXNMsoL7bCA5A%2F%2FHpoJHstsO2AAuj2vPTUd1Q59S5cYd0lChqoayv6sb07z2rnQFWnasyNNHb7lCoHivxTUGniNq6%2F3ZUYVf6mOSIBg888zPsaZ2x4ks8%2B5PPdGsCuuMcfCQWj3QNqAIeX3r3mqrm4naum3LY2bQV3Lnbyr%2F75v2XGekLuxD%2BS80xyg88D%2FMWUzA7m6t%2FDBidHEKMAcB07bMVetLYloV%2BerAyxLrkolFJGr%2FDf6sQdKKQu31jjNKbXQWpR3VZX3DCHDhcL1VW5AkjrXsWThm9j1RBofQXGmSBZnBfi7GpiXayrb5xV38Z%2FJEpy3RDeLcsU6xdD5vjWUFlgW%2FOBJgKW6f75xloGZskmOhqtMG3zrf4MudkESgt%2FalY9lw2KtdGQEfEF21A7Sv4J6%2FjKa7%2BXZZqiipDvivVM7F4bclgsVPy4QO3v8zVUQOOS7dEIxk5LmrIHK8JoaqcTIss2reatD0VkgVly1hbxA5IHIWxFY%2FL3Ph91bieu26zkFlw8zZJSzUNg%2FNCDbCrCZdr9ri9DZp9faN1mMwKA4poYFBtpE17z0cbCOA%3D%3D&s2s=1
Title: Vergiss Die Blaue Pille: Nimm Diese Einfach Einmal TäglichHerren Nachrichten

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/revcontent-privacy-policy
Title: Revcontent's Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.revcontent.com/popup?utm_source=ads&utm_medium=organic&utm_term=signup
Title: Increase Your Engagement Now!

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/fake-news-complaints
Title: Submit a Report

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=bgZoD5NrVA7C%2F3a4pExokNPZsCzulzQb1i2O4flGEH78SgVvihceSBtj%2Fz3xsWH9h9%2F1g7DWXD7Kq2jHnZLSdUJdSK%2FBILeEvU8V7gNOPmKidCjs88rIHX3OmUwsAa3nkHW0ZGMu46XPYtyZwPj%2Fec4i9Q1UL7xT99gXnE6pLoSYiBifNw8RzNxL%2Bg1tp1%2FHRqNR696l6mA%2BF35A8y%2FudKuVZilyYjDmcrdFnCpLA23xPwRVwxte6jZVgeNyDJGpA%2FmKxTR%2FIZvOu%2FkLeUchDumqBWrCvjA9An56OCIe5Uo2%2Fa3SHF%2FUyvnwVzPUCDgH7sbRQriOdYTNEL6TSZFG7YbNRC%2FkTcK5U7gBcuMu6ZsscCPALG5PyysSFjwF9NXiKrvTuirJ3Dmyz8s3pu2kRUi%2B4xM3KqfiBmAyYKCl6U64V9yTD3gLJR6UBiV9yhX32PtwphW68nrTZnkIpQ4pgjf0Qmf3Jhmkq34U1pkkuP9eLO4MQ9ccQb0dkbIg310Xy7cbt0%2B2EmjM8btrdu7GxwMjIvo%2FWv0DbETwvzSV2Hj7%2FDMFftW4sGsqBOV6C5losOVYTYCi8f8xiP4qUdLnb%2BD3mvc7fKm%2FaprfMKVKv6cm1HvE%2FNYG7cHKBVsTPaQNzU5qlwAM9cE6nfvbXf%2BOziGMJx0mf8TwBCUiQAy7ZmjRfmSU8fYFj74Kd9JI%2FUjx2iek8bVzSPE4iWrSrtPIrXKvjvKRjDXGo70jhMFk8L5RnCMbutCFxOLwo6d8BOHU7Aj0B8tgpbEzcI68ch0ZfAtCaiS%2FxwboI7ZA%2FkDJUENHKfNMzH8zQW4EUj4koszR5vd6O%2BtuvbN29NDryKy6umr4h7FAb%2FmYwalgu%2FQ9TRKNRnXh9jbseizOIVVIQCiFE3YQx4puOzf41VLe59aZJFvcd%2FcAA0MMbfoU4w9Yxgln2bdP69bSrrYnaLFWD7XiqOVX4qIe5HStw%2FfFj%2FP6sdJWOXcXAuVc8F4j4096uopqb8qmat3S2rHfsFyjY6PqDXwyUJekupTv4zV%2BhzxKobqh9jWErHwFvPZzriFNBvtvcPOX3gf3LcUt6ZnMNabl8t3JKJhI9Wg3jpQMhcLg7HG4kolPp0INQ7ThLe0UGMC0ivzh0lKQvEHLSzpuuemz3%2FMz1KtQrrxRQ1BYWTlbvr7cPsbGe0Z8nASPxsGWyfe5F8aNRG5UMCdh5BX9fIMwoshIMGp7vBMicTd%2FM1%2Fj7z%2Baju%2FM9tvQpDpwhrldavzw1ptXsciIIAKJv%2BwI%2FfQvKMildXtgC7TZ9SM%2Fac1NRYVHh6FNfj4Rxhu%2Fdu2pOFRrI%2Bw0xntf0cGdmlqvVHNiRx2IKMODPCkqEMpzx0MlY4mYope7%2BtBaRreQ6ApTLuf1ES0CZSTdy32MP9nZCaA0IRU9xZQwJXeYHIxjWD4M4xUHbUejXwZckBWma3nltaEJJfHxsoov8oAzQucsvbvKd8EJb4sRYsklhkrXiFzC3EuCurqPy0XCg84UO1P5vYeQosNWyCYHX7P1GTDU8J%2F7&s2s=1
Title: This Video Will Soon Be Banned. Watch Before It's DeletedSecrets Revealed

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=DX53kCMDIW3bR7DYh%2Fz%2By83jcbDBl04%2FTacChwqOqKy3DSmwemeovjb8Ca3LTMGzN8Uw9tWeqzbKyl%2BelEpacji910iZTEcOFhNsqQBffHGcq4YbWDsJJKGpa7L8e2CZVhkkZlViG4845xmDvEG91h5oO3760uWyFtRo290L9nmQDsFIr09LrE1ZLnYUYFSm0usTe0EcZ8FcFbRKAqZYylhPnlKOOnUvvShcTvLM2s2mMARBs1oEWPFxg6KExIlgYO4I7kSXpcOMVaGRXKoj6YzDO61r735B50UWWKlfJuooWpUL1aKQzN8K4%2B3JPF%2F35FG0NzGNPmojdVQjuCq6Hy%2BGCHe%2B8MH0nTkhFCyE9F3IThFavuEn5pVP9ohEXRVoxIM0k0dSpRnOSLpljdGJ%2FwCJACyyn4uSNyqzpCPnqk3xNAB9sZWBytFu%2Be3UH9mh2izn1GHzTUsgCcDiakb%2FwhKYy%2Fbab8hm78DArdFTHrIyb4Pkc28ys4VQqARH8G2F3RshD7YguQbjujCB2IiNqFfpTp05YJ0OhnH9WeLtEraX7gWCqr5sSizlTI5sLOAEYb%2B%2F7wVUe9NSSqr8RT17SP7m73aEPAVyNfQufPTwPRntzdSgjnRlmfPtHn7BEHnRgWhtbpQyT01wy%2BfUf9%2FGe1fr%2FK4K4Ehoiqp70YBp4IB1AyMb7cw03kl2glZa4kV0VRgK%2BVJUG67FjchLFkoc%2FStWDdeXR9VrPEaaOM9ahu4DhukQ%2BJedP%2FgQvvIk86psPcmEMO%2FrSRutSEcIchFL0XgwOAULwfRqlJvzKGZw7m2ulfpPvI1gE2f%2FclnqydQCHDO8Ok06ddMgpD1alduYjScfzN1yVaa3DdYsQ2k5iiIsEi3Lz7EW64IxSKc489fXUW%2B0scbOXMGAvgUSpTTb5206zjAQJHXfoKP3bgLm4pWAvF8PdxgFe96yVnRvQzbyNF7q4Zc%2FDVRStJoFjPaPF%2Bv9Fpqsaw8JIG4khXcRvJ%2B2EbxJ69%2BG8xheKN1mLXe%2BklN9NdnZFI%2B67C2n2OKp%2Bt2dc80vLJTT89wTp9437cu3%2BMhHcvG4J9DHjDaSL6vtsEasL4S90H0JalP8TPsFr%2FRdU0PZuO9Oahd5pqFBDLrhqf7EixJEUfpbeS%2Bhjhcx8XdV%2BOr%2BMvr%2BSQXI6hS1wcgZxdPSfCvC37gW4Pxlc8b%2FB41v31d8s1ilJlVpx8RBHH1Vrxbn4nZiuD1MDCQ6k7gf8fP%2FlAfupJ4Za8QLfaw4EZhuFjEqqujrnpN1v%2FsLzK8E2thQ0meSkkeTSnag0gBiKJaMaANTmQ1ap8fnNP2Wau5tGbAchN3FjYYxW4ei&s2s=1
Title: Diese 2 Produkte Töten Ihr Bauchfett über Nacht!Diät Insider

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=eWI5ehgBKF7fHhHjYZLBgpYEXrdbPfBS3W4n%2F%2FwU9KfAPsNSNAb4sCPYQvgYrhmX6KX87akqkw64ldX3QUSjuiyr0v9JFB8610y6NxX4SmQVSCRFsqA%2BdLQAbhr%2BOwrlRJlMdmi1hJOQxvegnpvVfN6NiQjlL0rPSy8OdDTqvxeDrpmdVfdP5G9ZeZQj%2FHU5Yw2nW9A3xiVKcqx7Lgz8nHmOET6gZoPmLUKS8KkS4fhNii6WPIyqXOU02V7V2ExrJACKqbmCaHTctPEtd0ADEehB7DKPLnPk0Kie14cuZzH6cy6AI4YpBCiiS4OfwdkkP30GWZb7Sa5%2FMtS%2F8A7A%2FoePPsnpZfGjJO5ru94nejdgc2PkcK75Q7W%2FPfBEuwSLGSfYokwrFerNsjny7jt2V8G8jh%2B7DZMUXOmGJHNDD8ofgQwFUYYfRtIlV2rGjs5%2FdiFNZe2IUh8K0I8j4CgN3S2vg%2Fz%2FQK0e89Hq7QDrvLN68UpCmurBOUGhgBMvUBLeKb5DPVFkNOMgsDjt3Dy3cAHmt3w9roJsNuMbNm6UzEdURh33Z%2BaO%2FxnXaUfUja3UzbzYr0kmbWLRzQoR7Y6877DU5bLYQmw%2BaFshP7DLeLART96Upr3sk4flEszW8yf6AdeeBFXVCibJlnC9Uq2mC6zAAWKBNo8UXHWblOudRgZva19xFBIVaspwsMlFn6GxHSdrcWyvpYylBfQavf%2FdDktjWMZ96VAQa4TBPw6bCiBANCV9%2BfDc3LXwLTEunzSSh4Stxr0UWElqAS%2FchPkEhL92xQdc2k%2BRaRCuRYq8O%2Fwks1z9KpDqq48zt5YSbUhm4C4X4Q6Jm3C7zLDHQiBEys3EFiwo8ZYn1CV7owt0yu6ae6ZhdD7M0F7gKBnMLICd9JSM9H3%2FiSZ%2BKEUSWqFrjwcAy4sk%2FAPfVfOrYC9Jv%2BdBMvMNNIQ58Vaa9CEGkhqT4LLXVZesVq8p1SZepDefItcysK7WbSvAUzHQzwWQJEdMpLXPXVbJZdtcEWRVYQjzwK2d%2F9hPKGLDYcJNFpQ5aGcYAdy5K1WMVnCFUIKpJRDtyYhoWYwvn9sL220vRPCCu7vYrICYU7w1O1qFwZ%2BGXhFa55Yt2NDCrnqNE2mz0jwdxM74VmwJYD7jdlrTJZ2hBpXAm76uFPOO%2BqEo%2B76k24%2FJtziyo41wV5qai5EWbAIessRQU4r%2Fi%2FfXTd3DLnCK3weqNgszoIh%2BOJiZf29Ws0Os%2BhXS5GuCUTZpUiwTRb8V8WWfyF00ULfhqrof6ALYJ3Xi3fEpouB64Pc9OcPyBTYq6BvsLYWddEwmLOw97%2FIaS8kH%2FTKgABlJrIG2l6nexNfY7JLsohw2kfzaN2PT0z0I3dWwlSgpOAFrzw8N1Zs%3D&s2s=1
Title: Ärzte Verbergen Die Wahrheit! Einfache Methode, Falten Zu Hause Loszuwerden!DermaLab

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=22BAZUlvbFjh0t6%2FQQDeNETNaaqj1eoZa596%2F1bwcPDG5vEq20oyxNls3WoyJMyN23fqPQEIXMwlGDDQGt%2BGJUbnp77zL%2Bhas4urlQnFj6y7WN0aVIlE9BvHhc98YP8WINLbpNYZDnlBQRUUUPOP3TKJFccQqqpcf%2BDtvrz3IQFWmRVd1JmPLt1jSm8ElWB20S%2FrGREkoUslhveLffKoafKneFYYoq11Xa2Vpxf%2Fnf5lmNY0RnsXaBJhVVWiYFnKhK2gj5PyhLlj9C%2FBn%2Btxvv5WHbaN1EE%2Bt8R%2F0GdLE8w6B9yaj4TdpCcUmbKNFX8MFbFPGJNRyvBXe8c3NSd5RH6w%2F5MrOZcrpmm4PZ7LYuAFJvx9ZxTGbvZP%2BASCup%2Bx%2Fkw%2B4FDSeiWD%2FSotfAhqqhGZ5A0ONYMTQJ3%2B%2FYndencX2rNnw64j%2F9H40S9HbXYgyy2T26ASveaecF1AM8lIRM%2BqtnF8XGSGrk0NM6QNqWNEFlyx2X8f4U4Z%2BsQ0NEk0ITZlVYaAbU%2FXOMrfws%2B3wbQFXlOpd72jeVdPDFjcxPFOUtPAYdXyJcRbSGgmC6M8PG0NCV1E3x84iXJt07W%2FEfFrgvyLPzhBi4x%2BB4zFX6nR7YDKYamHwi8WlRXi3qrhfuw4M0h2oph7h9FrL2rIxA3h9%2BsHLWnVDJKzTh8oSl5DNeL6A4FPTPgkgnxIncx7s1z9EznhWkxRuPk4O%2BP5qUkIXZSRptIPYssUKL2j1jgHyFgmfQVWW5FT0D3fmJ%2BOmEoq15hS%2Fq7esaAZNR2tjIs3Cb8CPOdOX3zhX9ZZgxoVEaz10rzhH80wZ%2BeLA9oSNc3dRcCRUcSaGOrqX72uOhpZfHe17%2Bq258LHgUnNR20yKmpnJ6%2FOClirWsD%2FAbF%2Fcx%2FfOILf5J%2BHNqyOhQeR0NmFFRoLtLdDP99JAHewwX29ZshqEKALw%2B%2FMIVprp7znewolrZOC9J%2FoyfqBX0Xyxm3aiimQiFEtb%2BnOQ9LKIxL4F2vuqAS%2FyIBwCFJBOkbHTwuvOmEup3iprRBKszjzcO8j5UDMHOC2IvJkz5xsxMlbSJGFj7xKibDfvQOiXPNj0IYXfXS7mepr1G9GObjsHt3RmkHfKkTVogzi24%2F4g0CxcNX1KF3wYuvnFM2DsmRCScH6eYYZFC65IclfGjnBlpWyabsPGFif1VDWz1f52pfLqCMvaYrVSelPcSUsyNi%2FkseKjt94BL47cOy5hfejamrtFR72zSt8R8BlG2Mka7q%2BWBPCRoyNCF0CsElXR7H5XuutxDQAfHqaxyThdTZOm0ulNYeJcvRbzAu%2F%2FUuA2cwOK0t5vwcrHdDUmcyYdEO2GMDLFJryzQPxGZnag6ZFLa7AOay0oJ9AuPgmQ25WbRI%3D&s2s=1
Title: Ärzte Verbergen Die Wahrheit! Einfache Methode, Falten Zu Hause Loszuwerden!Unbegrenztephantasi

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://herogayabmodeon.net/ HTTP 301
https://herogayabmodeon.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Request Chain 89

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fherogayabmodeon.net%2F&domain=herogayabmodeon.net&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=C0jTJXxRbStYaks1WmdCUVplN2pNY0cvTTZvOGVJWWJ0WTlZVzN0d0ZhSk9zY3VWUFdUTlI5YWlFakJudnJORFQwQTNjbGtUV3M3UW9oWWljdWVrYkR5ZmE1SUczSmU5bStBNGxURk1vVGNUMXUvVlBjR05NZ1Q3VTRPMXlMQ2h3NkRkSTUyY3l2RFNFSTZCaElCSVRUMS9FZ2FRMFJsZThjTUxCbjRFSncrSDRQL0F2d0NnNGQ0ZnQzVUVNT0oxeWpnQWttUExBTXFWVlBsZDA0OGxERnVuVHNiNnBBYzlsUENBKzBIQWVFc3pWMGg1a3U1SzFTRmN4T21hNmpyVGRaTnBrfA&cppv=2

Request Chain 93

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fherogayabmodeon.net%2F&domain=herogayabmodeon.net&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=ogYRZ3xTNTZzT2hjWkRQVm5LNWpQczBKQ1FGbDUvWGFIYlU5bitDSTFVZ085YnYzV3hCV29qSEQxOVI0SExmV2xZWU93U3JmeDB2RWJMNmtMV1U5Nk8rQWpwaTlnS01hSFB0a3pCcWpsdXBNWXNVYmJacXlzcGlWc0gxb3NoVmFvNHFDWE1RcmY0VEQwRWtlODZyY0JuUDEwUDZZZUZvV001T2w2K2tFZHVydXdkSG5mZkxOQ1BoK2NNTk1xV0NJMjJnV3NUTnVjTnZobElKUVFXSmNsZ1BQclNqTS9TZWFDTjBHUHh5TysvSGpQSllvVTdhR3ZRNzQ2Tk9ySjF6QkQ3Qmp1fA&cppv=2

Request Chain 97

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fherogayabmodeon.net%2F&domain=herogayabmodeon.net&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=cBVcCXwvRUxoOG4rcHN5bUxJc0FHa1RkUkc2aXN2MW5nODMvNTFVQkpNVjhza0dWM1dZcm1ZT0hWOS83cGRNb093TXRmQzhDOWVLM1I5cndrNXNOdFFQL01idEtKdC9Ec21vc1lzYTlwZXN6V1pMMmFWeVZINHhvQlZrSis4WW8ybi9JTHJHWUJ1ekN2ek80WmI0ZStEcFlGTmpIRFBtajBidzdDeXFjYlQ1bWxXbVpDMSsrWDYvaHg3Rk8rNm1zelNZVVIxNHo3QWtqaFR4ZDJLTmZZYUIyNGtIOWo4Zkd4UzFFVG8vVzB2YkRoTVZZPXw&cppv=2

Request Chain 99

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fherogayabmodeon.net%2F&domain=herogayabmodeon.net&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=sSEkwHxoZjJYWHpFOTB5M1hNUFZ2eSs5Y1ZTTU5MQ2x4d0cwWnRSNUYwUlFQTzVwVnhXUW95VDJiSHJUL21PZnlDSGhsZU5ScGN6cFlpMlNMa3JHT3ZjR3BZNFdaTFVsMkxsWE84ZTV1OE1Qc0hVNysxdzk1Y3BWbjlyRFk3TmxMVWRZbkNiZnJqNkdIaEJkSFpBaVAzUUxxNXJ3Q1VjRThqMWFDUGxNQ09yVG5pd25JaFRFUWpxdU5pVEZQWEx4aFRKOEthc21la05ERnBhd3RYdE1oL2VRM2JqYlU1VEtlUlVwQ3ZHZWc2OU40c1FvPXw&cppv=2

Request Chain 164

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=15d95ac78624206d4da86b9091903078&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g046_7037076749381021325 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MTVkOTVhYzc4NjI0MjA2ZDRkYTg2YjkwOTE5MDMwNzg=&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc=&google_hm=MTVkOTVhYzc4NjI0MjA2ZDRkYTg2YjkwOTE5MDMwNzg=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEIjGo4UUQGMZOKuaDspoXqo&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=19f654cd-9b19-45ec-8ff0-e960ed92d48c HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/15d95ac78624206d4da86b9091903078?gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-XyNV_k1E2oOUIrzgbptVFLboLYtlMezJhwEGEc90~A HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=5053986235622163336 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=095461a8-b805-4000-a84f-10755b990a6d&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=VCfYSWcy1MSKWi5&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent=

Request Chain 168

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MTVkOTVhYzc4NjI0MjA2ZDRkYTg2YjkwOTE5MDMwNzg=&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MTVkOTVhYzc4NjI0MjA2ZDRkYTg2YjkwOTE5MDMwNzg=&gdpr=0&gdpr_consent=&google_tc=

Request Chain 169

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=15d95ac78624206d4da86b9091903078&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 182

https://herogayabmodeon.net/94395c1413b978da00b82c19ecb6c14f HTTP 301
https://herogayabmodeon.net/

Request Chain 183

https://adrta.com/i?clid=vrl&paid=vrl&dvid=v&plid=bnOdQq4eod4nHhHRsdX-sg&caid=YWRuXzczNzZymIV0D12Chw==&publisherId=5221&siteId=49846&kv1=1920x1080&kv2=https%3A%2F%2Fherogayabmodeon.net%2F&kv7=herogayabmodeon.net&kv11=DDi4fWqiVH&kv12=AAEBcUL8IcPI7WwA&kv24=Desktop_Video_VPAID&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&kv44=autoplay HTTP 302
https://ipds.adrta.com/i?__x=GNHFILEIJDIICG@MKLILMLHMPMKFJIHOMBILIMILNFGQMGM@LMMGMMHMMOGEOJKGNHPBFMKNJILIGNNINAHLPOGLLKFEEKGMIMLIF@IMHOLJMFEQNFOCFAE@H&clid=vrl&paid=vrl&dvid=v&plid=bnOdQq4eod4nHhHRsdX-sg&caid=YWRuXzczNzZymIV0D12Chw==&publisherId=5221&siteId=49846&kv1=1920x1080&kv2=https%3A%2F%2Fherogayabmodeon.net%2F&kv7=herogayabmodeon.net&kv11=DDi4fWqiVH&kv12=AAEBcUL8IcPI7WwA&kv24=Desktop_Video_VPAID&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&kv44=autoplay

Request Chain 223

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=1&gdpr_consent=null&gdpr=1&gdpr_consent=null HTTP 303
https://match.prod.bidr.io/cookie-sync/stv?gdpr=1&gdpr_consent=null&gdpr=1&gdpr_consent=null&_bee_ppp=1 HTTP 303
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAGWqk7DUXAAACnt3LjLdA&gdpr=1&gdpr_consent=null HTTP 302
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=1&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=null HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=1&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=null&_test=Yai4CgAI6esyAgBR HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=Yai4CgAI6esyAgBR&gdpr=1&gdpr_consent=null&_test=Yai4CgAI6esyAgBR HTTP 302
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=1&gdpr_consent=null

Request Chain 228

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MTVkOTVhYzc4NjI0MjA2ZDRkYTg2YjkwOTE5MDMwNzg=&gdpr=0&gdpr_consent=

Request Chain 230

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=15d95ac78624206d4da86b9091903078&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 244

https://gcdn.2mdn.net/videoplayback/id/ec29c76eabfdbb06/itag/344/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3768126023/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/B055810CACAA48A7E3E7ECDA67A758F657AA1044.6D449AB54B2D83BE0826D0CE47EF8173C2AC52F6/key/ck2/file/file.mp4?cpn=rY6DOncTasELF37c HTTP 302
https://r4---sn-4g5lzne6.c.2mdn.net/videoplayback/id/ec29c76eabfdbb06/itag/344/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3768126023/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4FEAF44FB3721B750FEC98B8DD98312BAF480B9F.0DCD069C8AD4A8064A93ECF2DCF97C9128E97A5E/key/cms1/cms_redirect/yes/mh/bf/mip/2001:ac8:20:303::203e/mm/42/mn/sn-4g5lzne6/ms/onc/mt/1638446344/mv/u/mvi/4/pl/54?cpn=rY6DOncTasELF37c&file=file.mp4

245 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
herogayabmodeon.net/
Redirect Chain

http://herogayabmodeon.net/
https://herogayabmodeon.net/

51 KB
10 KB

441ms
403ms

Document
text/html

2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herogayabmodeon.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40940e7b5e53765228e27af202e0650a8f0b87ba396135c2e876b81772a8f7cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 02 Dec 2021 12:11:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://herogayabmodeon.net/wp-json/>; rel="https://api.w.org/", <https://herogayabmodeon.net/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json", <https://herogayabmodeon.net/>; rel=shortlink
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: EXPIRED
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVeE7qzsGVHmpU3y7Hwr7yTwlkgg9jI9g48ci84R6S5pJ4GTapag6IpAdQMMj1vyDkyJljz09su2WvsKYWwokOIUelgW6mIi0m7bNspB7Z72J11akNyTKc8D%2BCKs5IJm04TFD4lzr6Ky9uBuWlgMWUsg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b7475b2696259d1-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Thu, 02 Dec 2021 12:11:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 02 Dec 2021 13:11:46 GMT
Location: https://herogayabmodeon.net/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgm8sFPT4QCtdOezv%2Fo71kh15nsrM1dFd62CAiwbpx%2B9bxJeibxwwX7S5MtQaZvZfzxFlAxQLvwefTTyx0vnDBf2ixKWId027vDnN9XpDzCIGT1V79%2B3TBSEpEG3eJT7DPrBYoAPi2tDH1KQogxiiWtr"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b7475b1f96359a1-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.min.css
herogayabmodeon.net/wp-includes/css/dist/block-library/ 79 KB
11 KB 30ms
29ms Stylesheet
text/css 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herogayabmodeon.net/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 244571
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 21 Jul 2021 05:18:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIBK7v1xYJvKDtbnvYhQ8mitfS1xIpAAEicthU6fQ6OZUmC5f%2Fqy%2BRz0vVIiD7M9g%2BzUv3kMG3ep2lmDfjH9unzfDtQ9pzZrFb0Jw%2FxbvOhHIAO7DlZYb5%2Bh5aOR%2FWG4aEofVEheYH2V37LGjtIjrsac"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6b7475b509df59d1-MXP
expires: Wed, 29 Dec 2021 16:15:36 GMT

GET
H2 200 style.min.css
herogayabmodeon.net/wp-content/plugins/wp-content-copy-protection/assets/css/ 167 B
461 B 29ms
27ms Stylesheet
text/css 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herogayabmodeon.net/wp-content/plugins/wp-content-copy-protection/assets/css/style.min.css

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42b1291f205e30914c1ad28643764cce277a03c4f06d2b828058697c56dcf58f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 329445
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 26 Jul 2021 15:22:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6U5QKUgivkyKzJ8tkGkNajAbF6AlTyekyoYtJm4FBUEMS9MxL9EG1%2FBCFtNkfke5wlOX8Ytb4qLiHtDtdIfI%2BjSQTIcpncsPm8pbVexKxeh2TytXDvCiuaJeaPW0I5IxoF7KZdbhofJgDZV0x3aA0Iuf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6b7475b509e259d1-MXP
expires: Tue, 28 Dec 2021 16:41:02 GMT

GET
H2 200 style.css
herogayabmodeon.net/wp-content/themes/sahifa/ 198 KB
38 KB 37ms
35ms Stylesheet
text/css 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herogayabmodeon.net/wp-content/themes/sahifa/style.css

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

285e5b51d1772ca942a380e84f4aa96547ef5081fe80c119d579a5cf4e198924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 407973
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 23 May 2021 15:34:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvqeKd8pevp4vOn4nux106ud61ynJTsgpq6G%2Bzl3A7Gz9xwZjB2SxSTUr7Wiz5E5QaptrmOYNZ57FictSOTl8zZok661TD3bv%2BfyIwMqQ0s2dlsZmVG%2F6Pe4gETPtItGiqf%2FmyP7n8Lv2TziSai3jOC3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6b7475b509e559d1-MXP
expires: Mon, 27 Dec 2021 18:52:14 GMT

GET
H2 200 skin.css
herogayabmodeon.net/wp-content/themes/sahifa/css/ilightbox/dark-skin/ 7 KB
2 KB 29ms
28ms Stylesheet
text/css 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herogayabmodeon.net/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 551618
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 15 Oct 2013 15:21:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovuv0skDq7GhaH2FDiFzlSRq%2B8sO8EYohUidTgz2oL2vbg%2BzFeT%2BMZB47RcS8wwwMYeW5CCgpbfFohRK9N2%2FTSLuVR7j4SmXuGslLOKsP9MQqUmG56TNbj9XE%2BL2YmZJ76oEPRJA0r9L4dLS3Y25AzJo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6b7475b509e659d1-MXP
expires: Sun, 26 Dec 2021 02:58:09 GMT

GET
H2 200 css
fonts.googleapis.com/ 754 B
834 B 52ms
18ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 12:07:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 02 Dec 2021 12:11:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Dec 2021 12:11:47 GMT

GET
H2 200 jquery.min.js Show response
herogayabmodeon.net/wp-includes/js/jquery/ 87 KB
32 KB 30ms
29ms Script
application/javascript 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herogayabmodeon.net/wp-includes/js/jquery/jquery.min.js

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 551618
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 21 Jul 2021 05:18:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMiKU59CGQOEO1ly%2BhB26yLlhneC5xTyrzhA8tUZl3u7M7vFxyKayijR5s3R5vSG2fwrVb8aXr7%2Ftwu2vl2VrIbyA1AxEXeP%2FNOywFioTSsAeZraxxdsvYItG7siFZ8En1f4xQ8o7YZy2lvOmo52Xd72"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 6b7475b509e959d1-MXP
expires: Sun, 26 Dec 2021 02:58:09 GMT

GET
H2 200 jquery-migrate.min.js Show response
herogayabmodeon.net/wp-includes/js/jquery/ 11 KB
5 KB 46ms
46ms Script
application/javascript 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herogayabmodeon.net/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 244691
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 09 Dec 2020 08:47:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uPgKogkXK5eLn8EQ7VsjF20eIKSIyc%2FG0VdVCf0wOVK7lEeC4tZH2zLxRXk8u2pGSlIsOVsjMbqIcElH2JyC4D4bpapgws6xdRdskdxFiJ2lh8Yay1uSIWSRUf%2Bv1K8AxtM%2Fy56BTA7HeztKRBT5l4dQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 6b7475b509eb59d1-MXP
expires: Wed, 29 Dec 2021 16:13:36 GMT

GET
H/1.1 200
OK 43334 Show response
applescringe.com/ffgHmoTUCHtrjjqG/ 0
0 91ms
22ms Script
text/html 23.109.87.118
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://applescringe.com/ffgHmoTUCHtrjjqG/43334
Requested by: Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 23.109.87.118 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 403 6cffb607e83863201ff1cf1c7f1117e6.js
houndcost.com/6c/ff/b6/ 0
0 803ms
97ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://houndcost.com/6c/ff/b6/6cffb607e83863201ff1cf1c7f1117e6.js
Requested by: Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 02 Dec 2021 12:11:48 GMT
server: nginx/1.17.6
content-type: application/javascript
content-length: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H3 200 Logo.png
herogayabmodeon.net/wp-content/uploads/2020/12/ 16 KB
17 KB 29ms
29ms Image
image/png 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2020/12/Logo.png

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe9dd9ce34a02ec93fc363de5b22b466d268cf052cedbef308fc78f5004e9040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 551614
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16663
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 03 Dec 2020 12:18:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ReW3Pi0jnbRl5GnD%2FVje%2BpZID%2Bs00pMChl7MvwupHjNeU6CACPYYLxbT%2Fgj1%2FnuNJ5WMEQYg5Q1B2otuHFHoNA6rgjvHD8ICnlEPnB7ccMcGSbxjOBoQeO%2FzJECYwtP5%2BUZD7mDmACK%2FhuCpfrrYvew"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475b7ed233744-MXP
expires: Tue, 25 Jan 2022 02:58:13 GMT

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 192 KB
62 KB 37ms
12ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 627f20670c6ae3033f9dfcd9ed34f3e175c51151398618d49f8b26cab9c975d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:47 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 22:26:21 GMT
server: AmazonS3
x-amz-request-id: QFCDS810N2K3RAJB
etag: "ce364c57ff76d25e1d4aa840b6a8bfd3"
x-hw: 1638447107.cds154.fr8.hn,1638447107.cds055.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 63400
x-amz-id-2: AkUB5SiE091MlZspDV+TIi3UBCTKB/x19vX2InkGr8NndPzXJB3rAzlKfuoOeyLSCxsxMVx1yvo=

GET
H2 200 / Show response
ads.viralize.tv/display/ 86 KB
31 KB 45ms
23ms Script
text/javascript 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/display/?zid=AAEBcUL8IcPI7WwA
Requested by: Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: 87e5010c6a6283bb6547a3a4f41065f64e446628a914f1a109972bbe7271441a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 12:11:47 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google
expires: 0

GET
H2 200 / Show response
content.viralize.tv/display/ 125 KB
39 KB 31ms
24ms Script
text/javascript 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://content.viralize.tv/display/?zid=AAEBdP6h29LnlVAo
Requested by: Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: 51185d648f3f3050cefec1a61c5fc64cb45670cf9a6cadabca114eeccbde1f28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 12:11:47 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google
expires: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 41ms
20ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-117514098-1

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25ffebdf1715b6a205ee1ec6e8990617b18e0f250fe02d0e4eedec3b63622313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:47 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36132
x-xss-protection: 0
expires: Thu, 02 Dec 2021 12:11:47 GMT

GET
H3 200 script.min.js Show response
herogayabmodeon.net/wp-content/plugins/wp-content-copy-protection/assets/js/ 1 KB
1 KB 39ms
39ms Script
application/javascript 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herogayabmodeon.net/wp-content/plugins/wp-content-copy-protection/assets/js/script.min.js

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8c1883b9e9af2d6d6f791d51ef4ba5eebb7e06afbb6ab42ac6067e81373460a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82499
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 26 Jul 2021 15:22:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruF80CGzhHKcpWRP1YNn8qJLdDy%2BApG4lnK3KsKUaq213ArVVjbIYPWlAUC2MFMpMAPhMFWANDTAMqpebTfjEwNwHYx8iguJYmxVcFRw4ccKk3mBmdDZ6zgbgw7%2BtTmvbf1CwV65HmPtzD%2FIrQLSHm40"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 6b7475b5fffd3744-MXP
expires: Fri, 31 Dec 2021 13:16:48 GMT

GET
H3 200 tie-scripts.js Show response
herogayabmodeon.net/wp-content/themes/sahifa/js/ 72 KB
22 KB 28ms
28ms Script
application/javascript 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herogayabmodeon.net/wp-content/themes/sahifa/js/tie-scripts.js

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a285337ae3fac1859a2f626f20d9a8d1a46e36e59ef427f85e7deda94afffb62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 162531
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Wed, 22 Jan 2020 14:34:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxkDQCeIhQGZyimzhINw2i4kRsOIhQ%2BLJfLrhPA1Z%2BkbSEAO7BztFQixPBVF1hLa8dJakkXRx5zmsbW3i2V1C6vnD8jJshtl02q2VbotZwxrB30%2BkQV%2Bhn2yRzeWTvV%2BI26Qnk8fTRJlPCVkk4X4UL8s"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 6b7475b6387b3744-MXP
expires: Thu, 30 Dec 2021 15:02:56 GMT

GET
H3 200 ilightbox.packed.js Show response
herogayabmodeon.net/wp-content/themes/sahifa/js/ 78 KB
25 KB 27ms
26ms Script
application/javascript 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herogayabmodeon.net/wp-content/themes/sahifa/js/ilightbox.packed.js

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f560c3e9fb5beeed86da7d5be1ae459c22af6ec1d58f77e2a89a20063ef7ba2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 551617
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 22 Jan 2020 15:03:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HGtV%2FCid3RQFr0flHDYib9H85l0dnZk%2Fohk4n82WbzzbVFfyyF5ifGca3YkGcQMkPAJv8ZJA%2Bd4Y82CMCGYOxhlwmPVcMcC71MbQJa9CI2bfjSHIEdurV9nf4aJNs1Zsckut51zlH15iIaMh5sqbK7h"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 6b7475b6da133744-MXP
expires: Sun, 26 Dec 2021 02:58:10 GMT

GET
H3 200 wp-embed.min.js Show response
herogayabmodeon.net/wp-includes/js/ 1 KB
1 KB 24ms
24ms Script
application/javascript 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herogayabmodeon.net/wp-includes/js/wp-embed.min.js

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 229106
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 04 Feb 2021 04:22:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDvFdY250moQ8L%2FY90HIYEHs%2BEomCtof3g2pC1L3TGfsRBtEuKfnEZWsUnKzGLnBKPP3I3PppbRJkYj7%2BCE0aFha%2FCjHJ49QMpeG9jXt4jXa9YVtsTQBK8AqXI14zZo1Tj0oKeccYrebsVK72bSUZxzn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 6b7475b72ae03744-MXP
expires: Wed, 29 Dec 2021 20:33:21 GMT

GET
H3 200 wp-emoji-release.min.js Show response
herogayabmodeon.net/wp-includes/js/ 18 KB
5 KB 42ms
42ms Script
application/javascript 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herogayabmodeon.net/wp-includes/js/wp-emoji-release.min.js

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 551614
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 21 Jul 2021 05:18:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icWy5SlYbDwqsXriIxJ785XsZ9MY%2F0B6ayOZZztaIPs4mGjOL8iRI4q6eiZiw7mgcc%2Bihq6dzuBO%2F2uziVi7ZGFKmKLOVHOvx2lb5iTxvwz%2FSwLIquQvNHBlrY7x5Bwzuy8PRhcTaaV8WrFzrkuu8JcH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 6b7475b8cf3a3744-MXP
expires: Sun, 26 Dec 2021 02:58:13 GMT

GET
H3 200 body-bg25.png
herogayabmodeon.net/wp-content/themes/sahifa/images/patterns/ 10 KB
10 KB 23ms
23ms Image
image/png 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://herogayabmodeon.net/wp-content/themes/sahifa/images/patterns/body-bg25.png
Requested by: Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86d2d9b569b96e40e9d8d51322980d729cc34f7e299984639ae15aa9a96d4991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Sep 2013 18:30:16 GMT
server: cloudflare
age: 1988737
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCSZ11jz8Q%2BMpCEWl0CHlsT7IkY%2B0CM%2FRRvsZz70h%2F6p5guq0gpIg5zpMZsb7k3zQN5C9sOp3cxDS3aTeskk21N%2BXuEMDF0jf6jbW%2FWi8mB2bb%2Bl9%2FLY4vBkdxINFrTktBgK11tJ8l3IZblTxL6kmDxp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b7475ba1a3e3744-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10042

GET
H2 200 SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v12/ 22 KB
22 KB 37ms
14ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://herogayabmodeon.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 16:11:48 GMT
x-content-type-options: nosniff
age: 72000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22340
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 02:52:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 16:11:48 GMT

GET
H3 200 stripe.png
herogayabmodeon.net/wp-content/themes/sahifa/images/ 93 B
762 B 25ms
25ms Image
image/png 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/themes/sahifa/images/stripe.png

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/wp-content/themes/sahifa/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/wp-content/themes/sahifa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 244572
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 93
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 08 Sep 2012 15:24:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8CE%2BhJEkvA1ZKT%2FOmYY9NCC4azCxyQcZintzATspFOJ24sfdCEYqc3zxTo14JVv%2BVQw%2FWA%2BES3%2B0q0AMC89Wf2jV54TYmzKShmTCRQiMnQsz6QBE3%2F76TvMzNdasKVCkgtT6SixbwXulPRMISUxopzR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba2a6b3744-MXP
expires: Fri, 28 Jan 2022 16:15:36 GMT

GET
H3 200 BebasNeue-webfont.woff
herogayabmodeon.net/wp-content/themes/sahifa/fonts/BebasNeue/ 20 KB
20 KB 27ms
27ms Font
font/woff 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herogayabmodeon.net/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/wp-content/themes/sahifa/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://herogayabmodeon.net/wp-content/themes/sahifa/style.css
Origin: https://herogayabmodeon.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 551584
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19996
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 15 Feb 2015 00:13:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmmrW4C6t8NwEnxxfE1IrdNr63sNeujmtASMTTIm%2Bo46loDAJc1NfAZtNKU%2B7ohgtL0servKW4I6FtPVlA0hzo%2Frdjn8PxkasVZa%2FOHJMtsJvcdFs7H0XdIq%2BD96xvuXQYYPzy%2BqSGf0mO6M0ZCJONib"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba3a853744-MXP
expires: Tue, 25 Jan 2022 02:58:44 GMT

GET
H3 200 fontawesome-webfont.woff2
herogayabmodeon.net/wp-content/themes/sahifa/fonts/fontawesome/ 75 KB
76 KB 31ms
30ms Font
font/woff2 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herogayabmodeon.net/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/wp-content/themes/sahifa/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://herogayabmodeon.net/wp-content/themes/sahifa/style.css
Origin: https://herogayabmodeon.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 244571
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 22 Aug 2019 20:35:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SfJYOnVvKIjE26Diw6ibrbQ0K9sYPVdsL5F4a6O31GPdpFS9APegyx4ddN5Bu8zmO0hSD11gqlLt9Hx%2Byeef1R%2FTMKIXRr0G0J%2BI5YTdw9ua7U%2B1edBkH7XPI%2B61XRvxl2VEEj9LCd7vqt1mA9i77nHE"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba3a893744-MXP
expires: Fri, 28 Jan 2022 16:15:37 GMT

GET
H2 200 SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v12/ 21 KB
21 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://herogayabmodeon.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 23:30:09 GMT
x-content-type-options: nosniff
age: 132099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21232
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 01:56:42 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 23:30:09 GMT

GET
H3 200 Bigg-Boss-15-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 18 KB
19 KB 43ms
42ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Bigg-Boss-15-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ce845d77db4a008981bb059773ae3b8c0243a9366c20e8786544e7594495140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2696180
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18429
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXwTaLzm%2FwUT0BGk8X6%2BrVAuvGRHV%2BCAgt0zZ1MhDMRld0QHhPDJmJ1Dms%2BnwWeLJFbaIjScV%2F4H71q71ijrNFADniPL2Mz4BC0hbqPGTHWc8Vr4%2BnFKCcPFHHQcVuquNjjdj7HBTVCBHtpwOcVt497K"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba5abb3744-MXP
expires: Fri, 31 Dec 2021 07:15:28 GMT

GET
H3 200 Molkki-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 16 KB
17 KB 43ms
42ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Molkki-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18118e9dfbdfd7028ffabdd32a9d492a57d9ce062bd850c2f1bfab2df40d3f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 274787
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16480
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iX4exBOOMrlPeTsqv%2BkJh8HUndHJUYOJjK1CnCRl0K4jEjatmo%2FJqtwEFfbnJGIUWfjZ%2FoEwIFjOJvu4iKpTIxP53%2BMbD7KPmQsVu%2B%2FF60QMtsVtiBI5FRxGLhV8U%2BTcH8aYy0rkxThNzPbU7WhZUzHo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba5abc3744-MXP
expires: Fri, 28 Jan 2022 07:52:01 GMT

GET
H3 200 Thoda-Sa-Badal-Thoda-Sa-Pani-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 14 KB
15 KB 43ms
41ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Thoda-Sa-Badal-Thoda-Sa-Pani-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a351afa5482e6f9f4f6e85e48bc4510e5223af7c06abc66c142986500cb2f45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55028
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14808
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnn0WOdIQmKjeIIiyWgNbirAw5r6oCH8QYVg0eaaqGD87xLAZp56Ae5rNlzB3xYlCYu%2F7JfzeKDcvYXqNk8I6P94uDbxaRBTrfaOUJkY1JSm6LjtRJ2KgV54rQXxaCVxs8zkUzlQiYclh82z6gR3Lpr9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba5ac13744-MXP
expires: Sun, 30 Jan 2022 20:54:40 GMT

GET
H3 200 Nima-Denzongpa-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 14 KB
15 KB 133ms
131ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Nima-Denzongpa-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39a1293abde96ba5de096c5481cc3f55072da676c5a8fd5761b12a7fa83804f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14314
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:23:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5hZfUROrIxQK7gqjMSQfDubud4R733FBsodEP5CcJnW7KLmUjX6%2FJ5EsuH2sZInRFK7NFNlfld%2BAkRN1JajWaZBb4Kbg%2BlXSr3oBp5MvtqK1MgHxOGym%2BFSyl0dpExriZsW%2B97o90x%2BHTj6Ige6Zrn0m"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba5ace3744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Balika-Vadhu-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 15 KB
16 KB 136ms
132ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Balika-Vadhu-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

898e090ddd6e45a345a042f2b99c5340282d62e7765a5eba710a512d0e26c7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15744
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGtpUxt0yN17C1cnc1Ws6kfQPNBMBrZCkTs9221yoAcP1ymIHC1xHxUQKUndhHXrvPjpU07U2Ga24DUShWYFNGLHkNo%2FjtDyVk6toFyfLZs966EmvYtDI1vLXHHlQMWzbO0abVCvae3DOYI9s94mKVr9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba5ad63744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Sirf-Tum-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/11/ 16 KB
17 KB 142ms
138ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/11/Sirf-Tum-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a23774e2075db6c123ed6e0fba7e83fc765bec764bcf56d025c009bb38561c5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16748
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 15 Nov 2021 06:42:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQjEBiiQOGXgLBvaNpBFZRjtTzo8hFxAGP0F5R5IefOiD8WjfvquiUapTIXRbHL7q4qwHDC7MZ9tWRKmg5Gm2VjFTOh3zkT74mHxmlVmAmxV30y%2B%2Bo7v3Qm07N0cpZ6jUX8BgbDP%2BiGB6GORcMm9Ew4z"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba5ad83744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Choti-Sardarni-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 16 KB
17 KB 44ms
40ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Choti-Sardarni-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d376f74d53d54eb8fc75abb8074b33b24c1f5d7fd2673fdb136930ffd0b256a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 356345
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16888
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gd2bmW7QE5OLIcXRofYB55gzmIulTyBqBJ%2BTB1OaEtZLCISY78ZZDbsAgWEbJYqWmzDN%2BdSDRgvDFNvo34JA3AOpZUDMnY4h%2Bvbqx12dFbh3ySwgAy7DTy2vpU1%2FVxnQoVL3xIkvIjFT%2Btz%2FedpiuC3N"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6add3744-MXP
expires: Thu, 27 Jan 2022 09:12:43 GMT

GET
H3 200 Udaariyaan-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 13 KB
13 KB 56ms
51ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Udaariyaan-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f05e586e78d7e085150be0daeaaa18f104f37f5135e67f4d22cc24455ad6a60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78885
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13039
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FF9fVMXl9OufbF72OeR6ErUtaNGntUCxzHSoFfkq0WNBzz8XV74B3JHa9T7qDW%2BgSwVEKKVc6EBixtrx9%2FGBMGMj42Zw%2BiitdZ5IDKOn5ow4kjebhbt4245xZXUn9%2BiasVJDYp7Cfu62IFYDDAVL6yen"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6ae43744-MXP
expires: Sun, 30 Jan 2022 14:17:03 GMT

GET
H3 200 Sasural-Simar-Ka-2-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 16 KB
17 KB 142ms
137ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Sasural-Simar-Ka-2-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33ab56121e594e7e1bbd4e3f438e716d169bb4230a9319d93ab2d06c157ba172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16697
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JdH5w5WHCXsh5nSlrQcseAz%2BMv319bEJwdg0MxPA2ngTb6EENWNESZ32UftBRyjZzhXUuUARd5NYJRIUUrDK0ys3%2F6b9dSKkHrMeUvcDuaC3iCwN%2Ff6P77JJ02qCem3RyhM%2BxqdYXksIxWaFCMKeKZrF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6ae53744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Thapki-Pyar-Ki-2-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 13 KB
13 KB 38ms
33ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Thapki-Pyar-Ki-2-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8f7c139db95be71ca306c97da5f3c4a3ac428a365a3772e80ceee2afdf95b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 955408
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13006
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mu%2FqHbpsr9K6qBOViULwp8Cck%2BT%2FjSOVhqCG4O9mZIIWkv5sUUJjbTqQCo4xuu5CYomFf7w%2FoJfzlkYB1IAlx9BsJq7ez0l%2FOVCoiVDlxN%2B57cb5oKLwHVka8x82fxat775mx5axHtsdY1UvKkk7n6KE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6ae63744-MXP
expires: Thu, 20 Jan 2022 10:48:20 GMT

GET
H3 200 Crime-Patrol-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 11 KB
12 KB 127ms
121ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Crime-Patrol-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a39ab0eb7b414b96c0e934c72070071ba2cb942caa8cd243a16d22efaa7a6276

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11145
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmMabHxtSqrKKX4y6AqFy4BGzXsUuo7yU8NT2dTcBcLh5JCd0vVZ6qHUYzfDKGJ4Om7e8zWwW9dMIZdpKxH2ZbbQXlfGE6kWB13XmQqyFhb0qDrFsW4%2B3jSkjYAcEH%2FRfSQwbwoncn8t2bp8Zq4fTBad"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6ae93744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Kaun-Banega-Crorepati-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 14 KB
14 KB 145ms
138ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Kaun-Banega-Crorepati-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44a000718bb06a5e738c356dbadaaf7484c376fc716021e64f67da1976358aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14044
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kics%2FSH23%2FTFcCXuBzVRaGnkBwe0uxuV4ahNn5SeAC79WcGEoyphosUXShHCR4uA4mB6abpFSMvtAu6KF167zkunkvoweYE4ANdaLkWjb5Yc2%2BE79utGTwV%2Fic%2BtZUESt8NpWeZTQ%2BtTlSwq9bhjTwKA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6aef3744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Taarak-Mehta-Ka-Ooltah-Chashmah-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 16 KB
17 KB 150ms
143ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Taarak-Mehta-Ka-Ooltah-Chashmah-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d33ba6b06fd15f407cecad06aa4bc1184064d9d8a8ee682b870a132c642dbc19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16588
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ln0xrfe2VqAwcfGafVnFfs%2BNDy2aISgXbirhEKiC9zpXdofxTaKBVYR8VW7CR7MpgCO%2FN2qHUKmZtOraOeCD4ls6z4Ff9jfyt4hIe8OjKoRyUA8DfWIy3NXrv4hi96kzjEVOJ23RJIh087OavwWVQMWv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6af53744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Kaamna-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/11/ 14 KB
15 KB 142ms
135ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/11/Kaamna-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee552cb1f80078a5fe8ec6f02a5de13f8c8f02cabad3f4b251e03f6bb58f977b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14469
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 15 Nov 2021 06:42:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ueMZDEZkl37L5mxNgQ5JvpHswv5sbmXowvTIkBk9x%2Fums77lU%2FHfgiUSdSpfmTTE9lPq4ITEQbWsu2ey7l5wh7B8m50YZHbOL4dk2PS%2BnFN7ZYlUcW9uQoJxb%2F%2BTegHJP3UI0PsuDzqqlpMQlZ2noUYb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6af63744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Ziddi-Dil-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 15 KB
15 KB 143ms
136ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Ziddi-Dil-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5575e52a60bf852e45d2b94fb88ba81f52c327dc1cdfa8d1aa5e3721f97132bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15074
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wxx1A0DQEiKkKl61Nn36vpmJcwMt44JV4XYMkwKK2L5J2e5CHAUi%2Bt3N7McCu8XgWhDEuAxQhxmWokcoBUg0UT3xYGLeEt1TASZU9Cbu5NiwbZBO7lJRxwVVhiGZ4eOYWQITT2RPXWZmN4K%2FwRPiUq2n"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6af83744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Bade-Achhe-Lagte-Hain-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 15 KB
15 KB 143ms
136ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Bade-Achhe-Lagte-Hain-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f04461bf185a9b1b98822a1c1215230df88490adf06ad09069823fec75162a83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14876
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEdMloRNBpY%2BrOoAZU9HdbXXPN26167TiOz%2FwotuW3VyUWQq7pEVpnfsZNz6Mru%2Bhde3b9tEKEfAeqaiAK01y76CE5W3nevwcEZl0f1k%2BsiWWIa19j3ABy%2B5DyOFfxZVc9QcMBkDBZ1RhZnoV9qvM7dm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6afc3744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Punyashlok-Ahilyabai-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 14 KB
14 KB 151ms
144ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Punyashlok-Ahilyabai-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccae22216135bfc9963e409fabad85d246903e45bbae363395c9b9b03fa81a69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14060
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:23:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VG9ia5u7S%2BzI%2FrMKA4mqz%2Brv5AMmUVqJVPBJ1SQzOoT4YgzeQmJvciQCbT95qd2nBUcQmJE02ZckRUAvNp3j3h7UhukiCHTUO455iJOsPmRm4xB9pAXPOZG8fPYZsJ9SBvsF3PuIjadvszr1WljRfkpv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6afe3744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Mere-Sai-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 15 KB
15 KB 144ms
138ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Mere-Sai-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec506f58f621892903f2e36a5d515c3760dee3c90d98af1a3be73509f5694e18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15200
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8taOCedCHXe9iVdkTnPVWAG9Frh%2FP%2FJbYL2HF4vxz2jMulLBwnMdzI%2FMtyAegQpy4eIL%2B11%2BXw%2BNZphe2Fvi18RSbgOcp5w3r1VfVocUgfEQyXqVIqxHZFtAaqo9tuHLw2mGAzqwYNhf2TI57VHsjYS5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6b003744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Agar-Tum-Na-Hote-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/11/ 14 KB
15 KB 152ms
145ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/11/Agar-Tum-Na-Hote-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87407ea11ebe411d041d0bf346ff90062558a0dfb56b640ad51bdf0a04ee13f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14354
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 04 Nov 2021 11:21:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYNlU4Vla2jJzyitBN9IxEAvG6%2BRRDQlkhdwaIrOOYOqPauAybHFNkUVQTYx%2BJw4tJTGjtd29fQnZ8P1pXZ3kkplZuxLiGPmzHpYo9gWquzhL6ifjR%2BTkmF%2FicSkm3cYGmiTRlS%2FP9hGPuXEdbwH%2Bbae"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6b013744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Tere-Bina-Jiya-Jaye-Na-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/11/ 16 KB
16 KB 144ms
137ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/11/Tere-Bina-Jiya-Jaye-Na-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95ed7f15fd63a1d18f9ab3742d13f69ef08a08f46da77dac5bb9c7414f42068c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15950
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 04 Nov 2021 11:21:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kd14Q5OHiDmdFOYsbL3jRBGM%2F33aPNvVcSJ%2BanHJxFRvHr%2FdYVJrJxEcvf9wxYMYgowPpF0xvBRfzU5Zr6fTt6afMbRcK6eMu%2BKUMHp1CN%2FNy0Q9jxWmMBl5rSe400Ws1i309P8LtQF7BoR7L%2B59Zs1N"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6b033744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Kundali-Bhagya-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 13 KB
13 KB 125ms
118ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Kundali-Bhagya-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80c4b3e63ba3b3f4597c8511359e3219d9c87f4fe6f31eecab036067ee19ab88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12808
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFjgJPcA3L8GKuDmV0HYdGVLAbuUle%2BMVTBp5DIDRWLkoEUyweauHmqQ3d5HGwBGfuvTw3vBEKQlt7UMxmMKQA%2BYWili4BxuvqQefEMN5cO%2F1jVnYIb%2Flx4zMDHA6i1WTFfwPSoDjPHJXSDdlbnu%2BOBf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6b053744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Kumkum-Bhagya-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 12 KB
13 KB 122ms
116ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Kumkum-Bhagya-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da77f28bc652a3fc9c9e7c5729fa764d8331ec6dd00eec0b7bf2673e2dc8f9ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12544
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rR7XtS2kwpj0meGRMPXUurdS5%2BkEpadR%2FKQp88AHEwLHVAxWXlpHxoE2qM%2BadPgMt8OyM2l9GbuDZhjGVxYRchHNvNuyIz4wY5gHw%2F19KGEoz%2FWMPfzuSE8AiQAINluzRpDLorheHtsRO4NOzxM4laB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6b073744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Bhagya-Lakshmi-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 13 KB
14 KB 144ms
137ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Bhagya-Lakshmi-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4275d92390aa1c2bbece7b51e682942ad59e4e6afa1c0fcd09d057906c292e04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13681
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ue7yyAf%2F2HfJP55CstT9ifYF5uuE8PLQ5dZW%2FKmI511z0b7cVOMcMr%2Fj%2Ftwg1O4n5Ee49q6wg1VAL3MDEgTaCUN4HuexnIx9D8w3D2U5unuFHDhfjl%2F4Xk10U%2F%2BDcpX7geGwpJNgG5rewzuwzs0PK1v"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6b083744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Kashibai-Bajirao-Ballal-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/11/ 17 KB
17 KB 144ms
137ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/11/Kashibai-Bajirao-Ballal-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a80616452f71e470a6d5c562faa5a8d1a9424a716880426cdb08101ea068cfd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16979
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 15 Nov 2021 06:42:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHDLhknHgQK55YdfFt9v8Onp3v21cLfPjiiKx0WmaeorJipsuXlgGyEhoMfC3Qi3XSm9ZZXJrQpotcThe8Zbxu356nAxuusSz2xAn%2FvIWdiO6htpkT5j7OK%2BDqpSgqE%2FtMYJaWuB1J3CxmW3c9OMkc%2B7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6b0a3744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Meet-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 13 KB
13 KB 127ms
120ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Meet-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6252392fbb8815e5e747f2f3c20df427389d03cafa08e6ca7d0abdb020413e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12963
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nziGku8KNynO3ESu3j90Oy9mYwsudgXbUTEbCcuohzOWckbyVz1xa1Bnd9JVYdHu3mtt2LW%2FlOym9MF5w25Uta1rmG2Xyxjn3MuH5kb4QUy8uu0ZRLAfK0SjCPTWtHU2Zs0qIKbyBSKXqm9IAkLI5dIv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6b0b3744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Rishton-Ka-Manjha-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 16 KB
17 KB 143ms
137ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Rishton-Ka-Manjha-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0c1f8ec9e4b6809ae8ff3dff9e5c4e380f51aaa1ba4910df392fc8f875033fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16466
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:23:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kOB83eYdFNxpIWrupJA0WdOLVpgDPN4KAH3a0Gte6mAjr0su%2BW6nErQdcd916yEN%2F6wUAxx64eER0FjLkYgi%2Bn2kQRyJxDWcTbN3koAuTZJ1q4ksCz0AMDWos2SAJlskF5NrstGpMxdlbVO3umI81n%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6b0e3744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Yeh-Hai-Chahatein-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 11 KB
12 KB 129ms
122ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Yeh-Hai-Chahatein-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a42007df8e6aa1888dada928b823a53d50a1edd488b2e7da231287e893e1cebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11593
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGTswJ7aDcnfFPQGRakex7zLqK9zhBnE9GP3pimxiNtWUcL6bmBcPlidyN2ICRHpOon8XcZUcoD7%2FZSp9Dz2zVHphgHjgfJtv%2FekTkifIVVBWxEjQeNGc6qZ%2BYlMM4oIYxfk%2BkRrHpzy55ImhVT25ebd"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6b0f3744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Anupama-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 10 KB
11 KB 34ms
28ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Anupama-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61a7c7ae6249802023a2fcc65cb355bcbd6ddd55c6b256ea6fff16ef1f360f35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 279094
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10135
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZT64tJ6s8xw18hhLWeWWFxWIF7TR4dISZAUHIoDqDAorrcRhOgAsusmcdi9L1LTDHuZDFccWh8Y6gzd%2FIQxWLKJG3i1hdON63yqdZUCPm0Ao0C2NpfJlW%2BYIT8q%2FfimJYKF58VT1FkaAH5poMqoup6VN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6b103744-MXP
expires: Fri, 28 Jan 2022 06:40:14 GMT

GET
H3 200 Yeh-Rishta-Kya-Kehlata-Hai-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 10 KB
11 KB 53ms
47ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Yeh-Rishta-Kya-Kehlata-Hai-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f636bcb706018a1581f27f57642526696d1514fac9e8809203f3dc61433ecfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4751438
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10325
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ks082GJmzmAfiBnxZradfKALrsjf9TEJF8ix1uRiMs%2BZC7nELCmCtsYzph5TXomnpN3%2Byf9YMVU%2B7OGp3MkPKawTTuOQkuRvhXOCO2Ia75b5i7lyHUt1Q%2FE3EVVTjuRRBA89Ka7va7TW4acc9qtQSdAW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6b123744-MXP
expires: Tue, 07 Dec 2021 12:21:10 GMT

GET
H3 200 Saath-Nibhaana-Saathiya-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 11 KB
12 KB 126ms
120ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Saath-Nibhaana-Saathiya-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41016149f06c48b182a5e89359acbfed1684f998e6a671d8bff606f61e57e41e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11444
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTdZoLR%2BnVuuGA4c0cMHrNOl8hTP7G1TRfWIX4HDhlvWnXW6mvefl3DeEbn0JvCPt2of4YcFV5imtjOHBF1ozXA630rszaj7oms7Lsyj769PbLjVv%2BVGldsNUkz9IHY6GO%2BqPXWFsRcFGsuHhz0d0SWx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6b143744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Imlie-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 10 KB
10 KB 128ms
122ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Imlie-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b7229ed0e246c632db97fbd94398a743d394e9a0ebd7ace80ab4d8c1212f018

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9811
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FL9wrGg%2Bj9yg0FPqgCEPrObNs54wgE2IG%2Bt%2FZD1fZSlgMWwfM15Y0cbKQI1Qdyahp2jZUFV2fmBIfz2fy04mqxaBLZCV4RvXGoPqYylu9RRNKLPmNWrvuw%2FCRbSObDYZXAUmXjlHSBfOTbRRfmP%2F%2FDqU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6b153744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Tera-Mera-Saath-Rahe-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 14 KB
15 KB 151ms
146ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Tera-Mera-Saath-Rahe-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2965635f76b231e9d0fc62b5bc9a722c62ca816eb2b0d8546844af3a9affb997

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14230
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tak8ESje4U5y%2BHxv4GjB71LEYRBmJahiRQC3eSoANzHuH5UblECLwjTaSE53djZLBddV3IX6o%2FBWPZQofWOXLuqAjilCsJir%2BtMx%2FzpUzDck5dyGEptBBpA%2B9Q7noklCBgxgclTqU46Pf9m5IC3QGaDI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6b183744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Ghum-Hai-Kisi-Ke-Pyar-Mein-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 12 KB
13 KB 118ms
113ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Ghum-Hai-Kisi-Ke-Pyar-Mein-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6367d049d86c2916c0ec798d5606dae0b887a1305fcc561b8d58586bf38f7f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12679
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZ4DGx3FQcaKqhIQkg5J24EMf1uF%2B3f94LPekPsCPwjla9apFtQNodWRGzyVIYAWPlJZZ3BOtFDfm3%2B6FYXEzchxNMgWJ8euSYhJBhydxgmttip4SyTCa%2FE7EHhiwJfdjqOwf1EXDBYOTdWRuLk1s6S8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6b1a3744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Pandya-Store-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 11 KB
12 KB 52ms
47ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Pandya-Store-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f6f206a5bb3643248ccc27357df92f815decd9e799a1689f4ee7f03863b256b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 276552
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11394
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:23:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LDrEsxPwhJfKTxXU1vGGh5dvizAuhwMWDQlBJwlzFP2rbOiysDAvuQRIY7RusTdWlbwt2SS0lCjx0fYN2Nmb%2FiFeS%2FJ9XqGZLGWjyNkU%2BZcMEZIHKSWfJ3%2FOJYWsTE8LXAbpGKGNIJ0QHN8YtcgC3RNY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6b1c3744-MXP
expires: Fri, 28 Jan 2022 07:22:36 GMT

GET
H3 200 Zindagi-Mere-Ghar-Aana-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 16 KB
17 KB 151ms
147ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Zindagi-Mere-Ghar-Aana-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69d687d954af72ab96a83a5ecc08ecacdd403759f750f0c3761d000bcd296391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16306
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fx5MtPvydjLuRaDQNe5tgNoNBJvDMY42%2B64JV4zYht8OgYkKm6IYHFsXLCWH89Jp%2BOjFLsAViXTDcFw9TBolJFubFMDWKNTp5X7Mcxv9RUD1pBH%2BePsRHHu4IfiIcGWHvfGcy83IvTif9ZBaELHtgqlA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6b1e3744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Vidrohi-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 16 KB
17 KB 152ms
147ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Vidrohi-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa2b2d0cf106a434908cee5c414593d2e10e5f23a4f27a5da17db33c049eb628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16598
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 11 Oct 2021 07:02:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=six2i%2Fgh5klQ08z0pXzwyodO%2Bmzii5jnyUva2oDmB4IikrKOR%2FSCxTijwglE5j3Iv5Or3GGjr6nzKKWJk2vzeT9jryMSOziU900O0Xi%2B4n%2BPgd7wfzBnozJWr5Sfc75VdQeRzx%2BMlFsuBkT2C92vLmUX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6b1f3744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H3 200 Chikoo-Ki-Mummy-Durr-Kei-310x165.jpg
herogayabmodeon.net/wp-content/uploads/2021/10/ 11 KB
12 KB 119ms
114ms Image
image/jpeg 2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/wp-content/uploads/2021/10/Chikoo-Ki-Mummy-Durr-Kei-310x165.jpg

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b351d1d009fa84929b6c3b60ea5a1f2899fd31be136964f52be498e7bdd20ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11625
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 06 Oct 2021 10:24:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFyZze97u%2BSIpfFT1Nyf43nRTK9iLXBOkPRdgP026NXLJUDcJ%2BYDkJaiB4ZWvDwNEZYO9QrY0FMtxMcn9ak3Gib08CDN2LnUMmcNn2aOA%2Fpi4dEX1vny2a8KNzjbR%2BgLm5C04B%2B4DiWilGPgoQIlqGYj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6b7475ba6b213744-MXP
expires: Mon, 31 Jan 2022 12:11:48 GMT

GET
H2 200 / Show response
ads.viralize.tv/player/ 6 KB
2 KB 41ms
36ms XHR
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/player/?zid=AAEBcUL8IcPI7WwA&sid=01ec536905bb2798a1da8bf0c7f2b641&activation=onload&experiment=ops.&u=https%3A%2F%2Fherogayabmodeon.net%2F&ahd=1&player_session=%7B%22page_id%22%3A%22017d7b0ed098b72cfff5c1d3b0af7220%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A3193%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A535%2C%22height%22%3A301%7D%7D&sc=1&gdpr=1&cmp=unavailable&dd=herogayabmodeon.net
Requested by: Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAEBcUL8IcPI7WwA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: f5aa8856c0398f765070f6106712503bf0ea2feca457488212bb70b1319f99af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://herogayabmodeon.net
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.17.0/ Frame 7973 25 KB
10 KB 59ms
17ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by: Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAEBcUL8IcPI7WwA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: 570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
last-modified: Thu, 13 Jul 2017 16:58:06 GMT
server: Fastly
age: 41023
etag: "51d6eff0ea5151f41fa0e2f3310fc7c7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 9634

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.1/ Frame 7973 95 KB
34 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.1/jquery.min.js

Requested by

Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAEBcUL8IcPI7WwA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 07:41:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34056
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Nov 2022 07:41:53 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ Frame 7973 101 B
594 B 64ms
20ms Script
text/javascript 2a04:4e42:a00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated

Requested by

Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAEBcUL8IcPI7WwA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 3331874
detected-user-agent: Chrome Mobile/96.0.4664
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 101
referrer-policy: origin-when-cross-origin
last-modified: Sat, 23 Oct 2021 23:42:31 GMT
date: Thu, 02 Dec 2021 12:11:48 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/96.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 7973 374 KB
124 KB 56ms
29ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAEBcUL8IcPI7WwA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15a3efce4e527795167d6fb4bb107345067176ddfc514a85cf0ee9a031b07e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126291
x-xss-protection: 0
expires: Thu, 02 Dec 2021 12:11:48 GMT

GET
H2 200 viralize_player.min.8824547a.js Show response
static.viralize.tv/ Frame 7973 774 KB
224 KB 91ms
44ms Script
application/javascript 2606:4700::6812:9ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.viralize.tv/viralize_player.min.8824547a.js?e=ops
Requested by: Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAEBcUL8IcPI7WwA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:9ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7318bc5fc8ac665658495b31874188f009d681fd4347e3281c4bfed68b02de0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: br
cf-cache-status: HIT
age: 27
x-guploader-uploadid: ADPycdul_OLTIiJaVOMwJvaO9qrhCqJ-k4HijmbI1qr6TgTo3KNpncadfuEDD-WMN6q1z7YfXcnSEGw9QCAO3NHyBPg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 29 Nov 2021 12:01:23 GMT
server: cloudflare
etag: W/"8824547a7a23c3ff8f493f579fa53c32"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=LBLCBA==, md5=iCRUenojw/+PST9Xn6U8Mg==
x-goog-generation: 1638187283894200
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=2592000
x-goog-stored-content-length: 792364
cf-ray: 6b7475bae9b90f5a-MXP
expires: Sat, 01 Jan 2022 12:11:48 GMT

GET
H2 200 / Show response
sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/js/ 2 KB
826 B 50ms
15ms Script
text/javascript 168.119.79.223
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/js/?r=1817060472
Requested by: Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.223.79.119.168.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: c81d385094258a16ed73e19cfef6b5ddd91ffcd692474281cc7b73b95f71a545

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
server: nginx/1.14.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ 2 KB
1 KB 90ms
34ms Script
application/javascript 185.86.137.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?pgid=1473518&insid=5733718&tmstp=8485653880&out=js
Requested by: Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 6bb57686c77bc147d93f5012eee030116ae9d282651b872e477ab01108a87744

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 12:11:47 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 5733718
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 14 KB
4 KB 31ms
7ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9cd1b5630bcc34ecc71dbcbdfe45ddb9ed3cb4c0464a2abeb76bcc490635e376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 11:51:07 GMT
content-encoding: gzip
age: 1241
x-guploader-uploadid: ADPycdvgXQest14XULzobGPMRNxAOGGN-IdjtMTgsUkAC5_Kma8cbOV96Hw_Tk6SytzunlfA3Iokq0FiKpezXO5V_hY7UfG2pQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3637
last-modified: Mon, 22 Nov 2021 21:22:46 GMT
server: UploadServer
etag: "9f5012774da47c70284c82ae0ce443d7"
vary: Accept-Encoding
x-goog-hash: crc32c=oAHW2w==, md5=n1ASd02kfHAoTIKuDORD1w==
x-goog-generation: 1637616166247508
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 3637
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
601 B 79ms
39ms Image
image/gif 184.51.10.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Requested by: Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.10.5 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-5.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Dec 2021 12:11:48 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1638447108177074-516
Expires: Thu, 02 Dec 2021 12:11:48 GMT

GET
H2 200 / Show response
content.viralize.tv/api/v2/content/ 7 KB
3 KB 76ms
75ms XHR
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://content.viralize.tv/api/v2/content/?zid=AAEBdP6h29LnlVAo&sid=01ec536905c0e1d82cf18e109bb32d01&activation=adfill&experiment=ops.&u=https%3A%2F%2Fherogayabmodeon.net%2F&ahd=1&cs=&gdpr=1&cmp=unavailable&player_session=%7B%22page_id%22%3A%22017d7b0ed098b72cfff5c1d3b0af7220%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A3193%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22x%22%3A998.5%2C%22y%22%3A356%2C%22width%22%3A290%2C%22height%22%3A163.125%2C%22top%22%3A356%2C%22right%22%3A1288.5%2C%22bottom%22%3A519.125%2C%22left%22%3A998.5%7D%2C%22player_position%22%3A%7B%22top%22%3A356%2C%22left%22%3A998.5%7D%7D&dd=herogayabmodeon.net
Requested by: Host: content.viralize.tv
URL: https://content.viralize.tv/display/?zid=AAEBdP6h29LnlVAo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: d3dbf68d8ef621c0f5e3ac5b3be0bbfeef20affc42f5bef08946f48d02f043bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://herogayabmodeon.net
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 sdk.js Show response
system-notify.app/f/ 21 KB
6 KB 55ms
12ms Script
application/javascript 157.90.33.68
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://system-notify.app/f/sdk.js?z=367234
Requested by: Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.33.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sub1.1push.io
Software: nginx /
Resource Hash: 777e6a69bb8dffd6b045f71b955dfdfd55137e72c3199f17da65cc2787fc2d89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
server: nginx
content-encoding: gzip
content-length: 6188
content-type: application/javascript; charset=utf-8

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 165 KB
53 KB 84ms
19ms Script
text/javascript 184.51.9.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-34.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d89ddf30ec7c8687516d93e8cdcdd2b892d47e6fd7cd166cdb839283203edf5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 21:19:34 GMT
server: Apache/2.2.15 (CentOS)
etag: "16a1416-29219-5c85dc6abdd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=87062
accept-ranges: bytes
content-type: text/javascript
content-length: 54050
expires: Fri, 03 Dec 2021 12:22:50 GMT

GET
H2 200 / Show response
content.viralize.tv/player/ 9 KB
4 KB 27ms
27ms XHR
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://content.viralize.tv/player/?zid=AAEBdP6h29LnlVAo&sid=01ec536905c0e1d82cf18e109bb32d01&activation=adfill&experiment=ops.&u=https%3A%2F%2Fherogayabmodeon.net%2F&ahd=1&player_session=%7B%22page_id%22%3A%22017d7b0ed098b72cfff5c1d3b0af7220%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A3261%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A290%2C%22height%22%3A163%7D%2C%22player_position%22%3A%7B%22top%22%3A356%2C%22left%22%3A999%7D%7D&cid=AAkAinBY8U10RCfg&sc=1&gdpr=1&cmp=unavailable&dd=herogayabmodeon.net
Requested by: Host: content.viralize.tv
URL: https://content.viralize.tv/display/?zid=AAEBdP6h29LnlVAo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: 739d18b1ec11338086ac3c72c91834682c937aa8b73cd4f3f4af98cd41ee9536

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://herogayabmodeon.net
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.17.0/ Frame 75F3 25 KB
9 KB 22ms
19ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by: Host: content.viralize.tv
URL: https://content.viralize.tv/display/?zid=AAEBdP6h29LnlVAo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: 570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
last-modified: Thu, 13 Jul 2017 16:58:06 GMT
server: Fastly
age: 41023
etag: "51d6eff0ea5151f41fa0e2f3310fc7c7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 9634

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.1/ Frame 75F3 95 KB
33 KB 28ms
8ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.1/jquery.min.js

Requested by

Host: content.viralize.tv
URL: https://content.viralize.tv/display/?zid=AAEBdP6h29LnlVAo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 07:41:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34056
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Nov 2022 07:41:53 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ Frame 75F3 101 B
144 B 24ms
22ms Script
text/javascript 2a04:4e42:a00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated

Requested by

Host: content.viralize.tv
URL: https://content.viralize.tv/display/?zid=AAEBdP6h29LnlVAo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 3331874
detected-user-agent: Chrome Mobile/96.0.4664
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 101
referrer-policy: origin-when-cross-origin
last-modified: Sat, 23 Oct 2021 23:42:31 GMT
date: Thu, 02 Dec 2021 12:11:48 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/96.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 75F3 374 KB
123 KB 46ms
22ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: content.viralize.tv
URL: https://content.viralize.tv/display/?zid=AAEBdP6h29LnlVAo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15a3efce4e527795167d6fb4bb107345067176ddfc514a85cf0ee9a031b07e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126291
x-xss-protection: 0
expires: Thu, 02 Dec 2021 12:11:48 GMT

GET
H3 200 viralize_player_content.min.939f64d7.js Show response
static.viralize.tv/ Frame 75F3 435 KB
118 KB 63ms
37ms Script
application/javascript 2606:4700::6812:9ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.viralize.tv/viralize_player_content.min.939f64d7.js?e=ops
Requested by: Host: content.viralize.tv
URL: https://content.viralize.tv/display/?zid=AAEBdP6h29LnlVAo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:9ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd8e46fc2eb351c9d21c38ef80fb28a7dba83cc5104a24f2db55aefe3fb8dc86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: br
cf-cache-status: HIT
age: 259547
x-guploader-uploadid: ADPycdshMcAYlFJLwRO15RMAkDdtL0PhXDIXysKy2J1t5Ueu9aWLQeYGYEM-ZZR3pLxXDbDNX_OpIweL5movSIyKQGozRL956w
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 29 Nov 2021 12:01:25 GMT
server: cloudflare
etag: W/"939f64d7240bded0a4b0cca1e86b5857"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=ts6E1g==, md5=k59k1yQL3tCksMyh6GtYVw==
x-goog-generation: 1638187285920252
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=2592000
x-goog-stored-content-length: 445878
cf-ray: 6b7475bbccd859f5-MXP
expires: Sat, 01 Jan 2022 12:11:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117514098-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2205
date: Thu, 02 Dec 2021 11:35:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 02 Dec 2021 13:35:03 GMT

GET
H2 200 advast Show response
ice.360yield.com/ Frame 7973 27 B
445 B 136ms
76ms XHR
application/xml 54.217.138.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/advast?p=22211434&w=16&h=9&minduration=1&maxduration=60&player_width=535&player_height=301&referrer=https%3A%2F%2Fherogayabmodeon.net%2F&gdpr=&vast_version=3&vpaid_version=2&video_format_type=outstream&schain=1.0,1!viralize.com,5221,1,,,
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.138.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-138-163.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://herogayabmodeon.net
date: Thu, 02 Dec 2021 12:11:48 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 7973 0
94 B 21ms
20ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?future=1&zid=AAEBcUL8IcPI7WwA&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fherogayabmodeon.net%2F&t=adn&sid=01ec536905bb2798a1da8bf0c7f2b641&item=YWRuXzQzNjf_m8fOvg-NTw%3D%3D.1.1fltgtkc8-ctlhgr517i8-YWRuXzQzNjf_m8fOvg-NTw%3D%3D-wp1sc1
Requested by: Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 9666
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

281 B
554 B

86ms
17ms

Document
text/html

104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by: Host: www8.smartadserver.com
URL: https://www8.smartadserver.com/ac?pgid=1473518&insid=5733718&tmstp=8485653880&out=js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40334-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Dec 2021 12:11:48 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Date: Thu, 02 Dec 2021 12:11:48 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 tag Show response
pandg.tapad.com/ Frame 2D32 174 B
680 B 41ms
17ms Document
text/html 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pandg.tapad.com/tag?gdpr=1&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fherogayabmodeon.net%2F&owner=P%26G&bp_id=showheroes

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

1b84a3749834419c4f6d8df1f9d4c82c49c5a011f5df6d8df778f6ff6bf69341

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
access-control-max-age: 300
access-control-allow-origin: *
content-type: text/html;charset=utf-8
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 174
via: 1.1 google
alt-svc: clear

GET
H2 200 polyfill.min.js
polyfill.io/v3/ Frame 7973 101 B
144 B 20ms
20ms Other
text/javascript 2a04:4e42:a00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 3331874
detected-user-agent: Chrome Mobile/96.0.4664
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 101
referrer-policy: origin-when-cross-origin
last-modified: Sat, 23 Oct 2021 23:42:31 GMT
date: Thu, 02 Dec 2021 12:11:48 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/96.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 event
system-notify.app/ 0
43 B 11ms
11ms Ping
text/plain 157.90.33.68
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://system-notify.app/event?z=367234
Requested by: Host: system-notify.app
URL: https://system-notify.app/f/sdk.js?z=367234
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.33.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sub1.1push.io
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://herogayabmodeon.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-length: 0
server: nginx

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 61ms
20ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fherogayabmodeon.net%2F&domain=herogayabmodeon.net&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://herogayabmodeon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://herogayabmodeon.net
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1518
date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fherogayabmodeon.net%2F&domain=herogayabmodeon.net&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=C0jTJXxRbStYaks1WmdCUVplN2pNY0cvTTZvOGVJWWJ0WTlZVzN0d0ZhSk9zY3VWUFdUTlI5YWlFakJudnJORFQwQTNjbGtUV3M3UW9oWWljdWVrYkR5ZmE1SUczSmU5bStBNGxURk1vVGNUMXUvVlBjR05NZ1Q3VTRPMX...

350 B
609 B

50ms
19ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=C0jTJXxRbStYaks1WmdCUVplN2pNY0cvTTZvOGVJWWJ0WTlZVzN0d0ZhSk9zY3VWUFdUTlI5YWlFakJudnJORFQwQTNjbGtUV3M3UW9oWWljdWVrYkR5ZmE1SUczSmU5bStBNGxURk1vVGNUMXUvVlBjR05NZ1Q3VTRPMXlMQ2h3NkRkSTUyY3l2RFNFSTZCaElCSVRUMS9FZ2FRMFJsZThjTUxCbjRFSncrSDRQL0F2d0NnNGQ0ZnQzVUVNT0oxeWpnQWttUExBTXFWVlBsZDA0OGxERnVuVHNiNnBBYzlsUENBKzBIQWVFc3pWMGg1a3U1SzFTRmN4T21hNmpyVGRaTnBrfA&cppv=2

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

1959a266232d9d47f99d15eeca6f40ede737f52fc1179c1112c91cb7068d3bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 02 Dec 2021 12:11:48 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2673
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 02 Dec 2021 12:11:48 GMT
location: https://mug.criteo.com/sid?cpp=C0jTJXxRbStYaks1WmdCUVplN2pNY0cvTTZvOGVJWWJ0WTlZVzN0d0ZhSk9zY3VWUFdUTlI5YWlFakJudnJORFQwQTNjbGtUV3M3UW9oWWljdWVrYkR5ZmE1SUczSmU5bStBNGxURk1vVGNUMXUvVlBjR05NZ1Q3VTRPMXlMQ2h3NkRkSTUyY3l2RFNFSTZCaElCSVRUMS9FZ2FRMFJsZThjTUxCbjRFSncrSDRQL0F2d0NnNGQ0ZnQzVUVNT0oxeWpnQWttUExBTXFWVlBsZDA0OGxERnVuVHNiNnBBYzlsUENBKzBIQWVFc3pWMGg1a3U1SzFTRmN4T21hNmpyVGRaTnBrfA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://herogayabmodeon.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1650
content-length: 509
expires: 0

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ 52 B
268 B 104ms
36ms Fetch
text/html 52.213.21.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=217663

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-21-126.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://herogayabmodeon.net
date: Thu, 02 Dec 2021 12:11:48 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 52
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.revcontent.com/ 0
0 97ms
29ms Fetch 52.213.21.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-21-126.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://herogayabmodeon.net
date: Thu, 02 Dec 2021 12:11:48 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 50ms
20ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fherogayabmodeon.net%2F&domain=herogayabmodeon.net&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://herogayabmodeon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://herogayabmodeon.net
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1683
date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fherogayabmodeon.net%2F&domain=herogayabmodeon.net&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=ogYRZ3xTNTZzT2hjWkRQVm5LNWpQczBKQ1FGbDUvWGFIYlU5bitDSTFVZ085YnYzV3hCV29qSEQxOVI0SExmV2xZWU93U3JmeDB2RWJMNmtMV1U5Nk8rQWpwaTlnS01hSFB0a3pCcWpsdXBNWXNVYmJacXlzcGlWc0gxb3...

358 B
608 B

49ms
18ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ogYRZ3xTNTZzT2hjWkRQVm5LNWpQczBKQ1FGbDUvWGFIYlU5bitDSTFVZ085YnYzV3hCV29qSEQxOVI0SExmV2xZWU93U3JmeDB2RWJMNmtMV1U5Nk8rQWpwaTlnS01hSFB0a3pCcWpsdXBNWXNVYmJacXlzcGlWc0gxb3NoVmFvNHFDWE1RcmY0VEQwRWtlODZyY0JuUDEwUDZZZUZvV001T2w2K2tFZHVydXdkSG5mZkxOQ1BoK2NNTk1xV0NJMjJnV3NUTnVjTnZobElKUVFXSmNsZ1BQclNqTS9TZWFDTjBHUHh5TysvSGpQSllvVTdhR3ZRNzQ2Tk9ySjF6QkQ3Qmp1fA&cppv=2

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

3764fb762c4a8ab8b17c1dbb5d71b90ecf59b07302fc5bb5db36944694a8c990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 02 Dec 2021 12:11:48 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2581
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 02 Dec 2021 12:11:48 GMT
location: https://mug.criteo.com/sid?cpp=ogYRZ3xTNTZzT2hjWkRQVm5LNWpQczBKQ1FGbDUvWGFIYlU5bitDSTFVZ085YnYzV3hCV29qSEQxOVI0SExmV2xZWU93U3JmeDB2RWJMNmtMV1U5Nk8rQWpwaTlnS01hSFB0a3pCcWpsdXBNWXNVYmJacXlzcGlWc0gxb3NoVmFvNHFDWE1RcmY0VEQwRWtlODZyY0JuUDEwUDZZZUZvV001T2w2K2tFZHVydXdkSG5mZkxOQ1BoK2NNTk1xV0NJMjJnV3NUTnVjTnZobElKUVFXSmNsZ1BQclNqTS9TZWFDTjBHUHh5TysvSGpQSllvVTdhR3ZRNzQ2Tk9ySjF6QkQ3Qmp1fA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://herogayabmodeon.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1978
content-length: 509
expires: 0

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ 52 B
268 B 88ms
36ms Fetch
text/html 52.213.21.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=217661

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-21-126.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://herogayabmodeon.net
date: Thu, 02 Dec 2021 12:11:48 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 52
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.revcontent.com/ 0
0 81ms
30ms Fetch 52.213.21.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-21-126.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://herogayabmodeon.net
date: Thu, 02 Dec 2021 12:11:48 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 33ms
20ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fherogayabmodeon.net%2F&domain=herogayabmodeon.net&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://herogayabmodeon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://herogayabmodeon.net
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1620
date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fherogayabmodeon.net%2F&domain=herogayabmodeon.net&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=cBVcCXwvRUxoOG4rcHN5bUxJc0FHa1RkUkc2aXN2MW5nODMvNTFVQkpNVjhza0dWM1dZcm1ZT0hWOS83cGRNb093TXRmQzhDOWVLM1I5cndrNXNOdFFQL01idEtKdC9Ec21vc1lzYTlwZXN6V1pMMmFWeVZINHhvQlZrSi...

350 B
609 B

50ms
19ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=cBVcCXwvRUxoOG4rcHN5bUxJc0FHa1RkUkc2aXN2MW5nODMvNTFVQkpNVjhza0dWM1dZcm1ZT0hWOS83cGRNb093TXRmQzhDOWVLM1I5cndrNXNOdFFQL01idEtKdC9Ec21vc1lzYTlwZXN6V1pMMmFWeVZINHhvQlZrSis4WW8ybi9JTHJHWUJ1ekN2ek80WmI0ZStEcFlGTmpIRFBtajBidzdDeXFjYlQ1bWxXbVpDMSsrWDYvaHg3Rk8rNm1zelNZVVIxNHo3QWtqaFR4ZDJLTmZZYUIyNGtIOWo4Zkd4UzFFVG8vVzB2YkRoTVZZPXw&cppv=2

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

826981559fbfab643e8dd512589eae3ac6901097b9417038b344d6da37712069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 02 Dec 2021 12:11:47 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2344
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 02 Dec 2021 12:11:47 GMT
location: https://mug.criteo.com/sid?cpp=cBVcCXwvRUxoOG4rcHN5bUxJc0FHa1RkUkc2aXN2MW5nODMvNTFVQkpNVjhza0dWM1dZcm1ZT0hWOS83cGRNb093TXRmQzhDOWVLM1I5cndrNXNOdFFQL01idEtKdC9Ec21vc1lzYTlwZXN6V1pMMmFWeVZINHhvQlZrSis4WW8ybi9JTHJHWUJ1ekN2ek80WmI0ZStEcFlGTmpIRFBtajBidzdDeXFjYlQ1bWxXbVpDMSsrWDYvaHg3Rk8rNm1zelNZVVIxNHo3QWtqaFR4ZDJLTmZZYUIyNGtIOWo4Zkd4UzFFVG8vVzB2YkRoTVZZPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://herogayabmodeon.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1896
content-length: 482
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 28ms
21ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fherogayabmodeon.net%2F&domain=herogayabmodeon.net&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://herogayabmodeon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://herogayabmodeon.net
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 2470
date: Thu, 02 Dec 2021 12:11:47 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fherogayabmodeon.net%2F&domain=herogayabmodeon.net&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=sSEkwHxoZjJYWHpFOTB5M1hNUFZ2eSs5Y1ZTTU5MQ2x4d0cwWnRSNUYwUlFQTzVwVnhXUW95VDJiSHJUL21PZnlDSGhsZU5ScGN6cFlpMlNMa3JHT3ZjR3BZNFdaTFVsMkxsWE84ZTV1OE1Qc0hVNysxdzk1Y3BWbjlyRF...

350 B
609 B

50ms
18ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=sSEkwHxoZjJYWHpFOTB5M1hNUFZ2eSs5Y1ZTTU5MQ2x4d0cwWnRSNUYwUlFQTzVwVnhXUW95VDJiSHJUL21PZnlDSGhsZU5ScGN6cFlpMlNMa3JHT3ZjR3BZNFdaTFVsMkxsWE84ZTV1OE1Qc0hVNysxdzk1Y3BWbjlyRFk3TmxMVWRZbkNiZnJqNkdIaEJkSFpBaVAzUUxxNXJ3Q1VjRThqMWFDUGxNQ09yVG5pd25JaFRFUWpxdU5pVEZQWEx4aFRKOEthc21la05ERnBhd3RYdE1oL2VRM2JqYlU1VEtlUlVwQ3ZHZWc2OU40c1FvPXw&cppv=2

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

1ac257968156552601d57bf59ae9d2ad6509eba5e3fce756da7437ac9bd92522

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 02 Dec 2021 12:11:48 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2583
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 02 Dec 2021 12:11:48 GMT
location: https://mug.criteo.com/sid?cpp=sSEkwHxoZjJYWHpFOTB5M1hNUFZ2eSs5Y1ZTTU5MQ2x4d0cwWnRSNUYwUlFQTzVwVnhXUW95VDJiSHJUL21PZnlDSGhsZU5ScGN6cFlpMlNMa3JHT3ZjR3BZNFdaTFVsMkxsWE84ZTV1OE1Qc0hVNysxdzk1Y3BWbjlyRFk3TmxMVWRZbkNiZnJqNkdIaEJkSFpBaVAzUUxxNXJ3Q1VjRThqMWFDUGxNQ09yVG5pd25JaFRFUWpxdU5pVEZQWEx4aFRKOEthc21la05ERnBhd3RYdE1oL2VRM2JqYlU1VEtlUlVwQ3ZHZWc2OU40c1FvPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://herogayabmodeon.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1416
content-length: 482
expires: 0

GET
H2 200 polyfill.min.js
polyfill.io/v3/ Frame 75F3 101 B
144 B 24ms
24ms Other
text/javascript 2a04:4e42:a00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 3331874
detected-user-agent: Chrome Mobile/96.0.4664
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 101
referrer-policy: origin-when-cross-origin
last-modified: Sat, 23 Oct 2021 23:42:31 GMT
date: Thu, 02 Dec 2021 12:11:48 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/96.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 c041a46c-8a3a-4e65-b5c7-66964ae40504.jpg
cdn.viralize.tv/video/cre_265/thumbnails/ Frame 75F3 6 KB
7 KB 61ms
19ms Image
image/jpeg 2606:4700::6812:640
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viralize.tv/video/cre_265/thumbnails/c041a46c-8a3a-4e65-b5c7-66964ae40504.jpg
Requested by: Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4221dcbb3fddc78e89ff0a588f836b0782d6893c93f790bc1c726b380fa60632

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
cf-cache-status: HIT
age: 930
x-guploader-uploadid: ADPycdsqRUoZkwHyZ4Xmo1N6xhznc2ivZ4eP5gFCwewMn122E2yon9XV8oNRzxFaxpqyUbmFTD5A51BLXMMqKsF8AxnzkKkirg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6382
last-modified: Wed, 01 Dec 2021 07:55:07 GMT
server: cloudflare
etag: "4840a0a437565812f73e457522b2bb9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=ZEJcTw==, md5=SECgpDdWWBL3PkV1IrK7nA==
x-goog-generation: 1638345307011531
access-control-allow-origin: *
content-type: image/jpeg
expires: Thu, 02 Dec 2021 16:11:48 GMT
cache-control: public, max-age=14400
x-goog-stored-content-length: 6382
accept-ranges: bytes
cf-ray: 6b7475bd0cdd691b-FRA
cf-bgj: h2pri

GET
DATA 200
OK truncated
/ Frame 75F3 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 75F3 6 KB
6 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 036a274edb2fcc34853851c55e307930e8a634aa926224a4781693d62e575f28

Request headers

Referer
Origin: https://herogayabmodeon.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H3 200 viralize_vpaid.min.3500125a.js Show response
static.viralize.tv/ Frame A8F1 66 KB
20 KB 37ms
37ms Script
application/javascript 2606:4700::6812:9ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.viralize.tv/viralize_vpaid.min.3500125a.js?e=ops
Requested by: Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player_content.min.939f64d7.js?e=ops
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:9ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2961723af0339859552678f4f9a6704728d6398b4e7f62611ea5e86477261d12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: br
cf-cache-status: HIT
age: 81489
x-guploader-uploadid: ADPycdtfyyUNTLbsTokzgAFB2zfFkkQaNTngzNqOln_cG01ZiGnKdWYl4-415CwAyifgjUE7lGNmA_6VMkI-Hac3LKinC4iNiw
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 01 Dec 2021 13:29:03 GMT
server: cloudflare
etag: W/"3500125ad61c4a774a7fe4e8218ee9b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=KPnkHQ==, md5=NQASWtYcSndKf+ToIY7ptg==
x-goog-generation: 1638365343601067
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=2592000
x-goog-stored-content-length: 67382
cf-ray: 6b7475bcffdb59f5-MXP
expires: Sat, 01 Jan 2022 12:11:48 GMT

GET
H2 204 /
ads.viralize.tv/track/ Frame 7973 0
39 B 15ms
15ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A10%2C%22type%22%3A%22event%22%2C%22category%22%3A%22player_session%22%2C%22session_id%22%3A%2201ec536905bb2798a1da8bf0c7f2b641%3A0%22%2C%22player_session_id%22%3A%220%22%2C%22label%22%3A%22activation%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A10%2C%22type%22%3A%22event%22%2C%22category%22%3A%22player_session%22%2C%22session_id%22%3A%2201ec536905bb2798a1da8bf0c7f2b641%3A0%22%2C%22player_session_id%22%3A%220%22%2C%22label%22%3A%22viewability_available%22%2C%22reason%22%3A%22ok%22%7D%5D
Requested by: Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 30ms
15ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2074956557&t=pageview&_s=1&dl=https%3A%2F%2Fherogayabmodeon.net%2F&ul=en-us&de=UTF-8&dt=Hero%20Gayab%20Mode%20On%20Sab%20Tv%20Hindi%20Series%20Watch%20Full%20Episodes%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=569760293&gjid=638387960&cid=966286993.1638447109&tid=UA-117514098-1&_gid=1154363193.1638447109&_r=1&gtm=2ouba1&z=722998512

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://herogayabmodeon.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://herogayabmodeon.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 287569 Show response
search.spotxchange.com/vast/2.0/ Frame 7973 67 B
2 KB 108ms
37ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/287569?VPAID=JS&content_page_url=https%3A%2F%2Fherogayabmodeon.net%2F&cb=1638447108&player_width=535&player_height=301&gdpr=1&gdpr_consent=&custom[format]=outstream&schain=1.0,1!viralize.com,5221,1,,,
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-spotx-Exception-RESULT: exception
Content-Encoding: gzip
X-spotx-Exception-ID: SPOTMARKET.HALTED
X-spotx-Exception-Message: SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID: SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require: 0.000304
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000043
X-SpotX-Timing-Page: 0.019197
Pragma: no-cache
Date: Thu, 02 Dec 2021 12:11:48 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://herogayabmodeon.net
X-SpotX-Timing-Page-Exception: 0.000023
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI: 0.000010
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary: 0.013053
X-SpotX-Timing-Transform: 0.000364
X-SpotX-Timing-SpotMarket: 0.013053
X-fe: 008
X-SpotX-Timing-Page-Misc: 0.004895
Content-Length: 77
X-SpotX-Timing-Page-Context: 0.000268
Last-Modified: Thu, 02 Dec 2021 12:11:48 GMT
Server: nginx
X-spotx-Exception-global_blacklist-RESULT: failure
X-spotx-Exception-global_blacklist-Message: The referer 'herogayabmodeon.net' is blacklisted.
Access-Control-Allow-Credentials: true
X-SpotX-Timing-Page-Mux: 0.000237

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 7973 0
82 B 17ms
17ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?future=1&zid=AAEBcUL8IcPI7WwA&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fherogayabmodeon.net%2F&t=adn&sid=01ec536905bb2798a1da8bf0c7f2b641&item=YWRuXzUyNjkjAwD0cIbD_w%3D%3D.2.1fltgtkc8-ctlhgr517i8-YWRuXzUyNjkjAwD0cIbD_w%3D%3D-wp2sc1
Requested by: Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 62ms
16ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1071
date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 57ms
17ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1093
date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 57ms
17ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1100
date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 57ms
17ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1141
date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 204 /
content.viralize.tv/track/ Frame 75F3 0
39 B 16ms
16ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A4%2C%22type%22%3A%22event%22%2C%22category%22%3A%22thumb_session%22%2C%22session_id%22%3A%2201ec536905c0e1d82cf18e109bb32d01%3A0%3Athumb~NTg5OTYycFjxTXREJ-A%3D~0%22%2C%22thumb_session_id%22%3A%220%3Athumb~NTg5OTYycFjxTXREJ-A%3D~0%22%2C%22label%22%3A%22thumb_impression%22%2C%22reason%22%3A%22ok%22%2C%22item_owner_id%22%3A%22265%22%2C%22item_id%22%3A%22NTg5OTYycFjxTXREJ-A%3D%22%2C%22item_type%22%3A%22content%22%2C%22thumb_position%22%3A1%7D%2C%7B%22ver%22%3A10%2C%22type%22%3A%22event%22%2C%22category%22%3A%22player_session%22%2C%22session_id%22%3A%2201ec536905c0e1d82cf18e109bb32d01%3A0%22%2C%22player_session_id%22%3A%220%22%2C%22label%22%3A%22activation%22%2C%22reason%22%3A%22ok%22%7D%5D
Requested by: Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2D32 70 B
265 B 101ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=573a2b5d-2dc7-4f9b-b9b5-f8061311438d&gdpr=1&gdpr_consent=
Requested by: Host: pandg.tapad.com
URL: https://pandg.tapad.com/tag?gdpr=1&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fherogayabmodeon.net%2F&owner=P%26G&bp_id=showheroes
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pandg.tapad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 12:11:48 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 18 KB
8 KB 158ms
157ms Fetch
text/html 52.213.21.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=217661&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fherogayabmodeon.net%2F&icr_url=&va=0&time=1638447108702&up=pc&bn=chrome&bv=96&widget_width=1045&style_id=0&idhub[pubcid]=14244b4f-08da-494b-b1b0-d23daebf50e7

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-21-126.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

76f8a9eb466d7518c04006ff4dcd2d949867935b686a96d1d80786c9ecf593bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://herogayabmodeon.net
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 7518

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 18 KB
8 KB 99ms
99ms Fetch
text/html 52.213.21.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=217663&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fherogayabmodeon.net%2F&icr_url=&va=0&time=1638447108703&up=pc&bn=chrome&bv=96&widget_width=290&style_id=0&idhub[pubcid]=14244b4f-08da-494b-b1b0-d23daebf50e7

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-21-126.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

c9c26b3f327581fb64a6a01e8bafdfc56f98c6aa1cd7e46fe53404d7cb47b079

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://herogayabmodeon.net
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 7506

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9666 32 KB
10 KB 18ms
18ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1d199cbfbe034723111a3a8f15fe532d4405742181305a8cb74a7b0b0a921690

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 02 Dec 2021 12:11:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=23839
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9514
Expires: Thu, 02 Dec 2021 18:49:07 GMT

GET
H2 200 / Show response
ads.viralize.tv/player/ Frame A8F1 5 KB
2 KB 38ms
38ms XHR
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/player/?zid=AAEBdP6h29LnlVAo&sid=01ec536905c0e1d82cf18e109bb32d01&activation=adfill&experiment=ops.&u=https%3A%2F%2Fherogayabmodeon.net%2F&ahd=1&player_session=%7B%22page_id%22%3A%22017d7b0ed098b72cfff5c1d3b0af7220%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A3261%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A290%2C%22height%22%3A163%7D%2C%22player_position%22%3A%7B%22top%22%3A356%2C%22left%22%3A999%7D%7D&sc=1&gdpr=1&cmp=unavailable&dd=herogayabmodeon.net&content_adplayer=1&hcid=NTg5OTYycFjxTXREJ-A%3D&enable_branding=0&player_session=%7B%22page_id%22%3A%22017d7b0ed098b72cfff5c1d3b0af7220%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A3261%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A290%2C%22height%22%3A163%7D%7D&pub_platform=&dd=herogayabmodeon.net&sc=1&gdpr=1&cs=&cmp=unavailable
Requested by: Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.3500125a.js?e=ops
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: 8a29bfb897febc93d00195daf48215fd3c85cb47fb5f67f1677aa294b187f80c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://herogayabmodeon.net
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.17.0/ Frame 15E7 25 KB
9 KB 16ms
16ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by: Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.3500125a.js?e=ops
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: 570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
last-modified: Thu, 13 Jul 2017 16:58:06 GMT
server: Fastly
age: 41024
etag: "51d6eff0ea5151f41fa0e2f3310fc7c7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 9634

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.1/ Frame 15E7 95 KB
33 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.1/jquery.min.js

Requested by

Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.3500125a.js?e=ops

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 07:41:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34056
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Nov 2022 07:41:53 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ Frame 15E7 101 B
144 B 21ms
20ms Script
text/javascript 2a04:4e42:a00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated

Requested by

Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.3500125a.js?e=ops

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 3331874
detected-user-agent: Chrome Mobile/96.0.4664
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 101
referrer-policy: origin-when-cross-origin
last-modified: Sat, 23 Oct 2021 23:42:31 GMT
date: Thu, 02 Dec 2021 12:11:48 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/96.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 15E7 374 KB
123 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.3500125a.js?e=ops

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15a3efce4e527795167d6fb4bb107345067176ddfc514a85cf0ee9a031b07e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126291
x-xss-protection: 0
expires: Thu, 02 Dec 2021 12:11:48 GMT

GET
H3 200 viralize_player.min.8824547a.js Show response
static.viralize.tv/ Frame 15E7 774 KB
224 KB 35ms
34ms Script
application/javascript 2606:4700::6812:9ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.viralize.tv/viralize_player.min.8824547a.js?e=ops
Requested by: Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.3500125a.js?e=ops
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:9ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7318bc5fc8ac665658495b31874188f009d681fd4347e3281c4bfed68b02de0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: br
cf-cache-status: HIT
age: 19
x-guploader-uploadid: ADPycdul_OLTIiJaVOMwJvaO9qrhCqJ-k4HijmbI1qr6TgTo3KNpncadfuEDD-WMN6q1z7YfXcnSEGw9QCAO3NHyBPg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 29 Nov 2021 12:01:23 GMT
server: cloudflare
etag: W/"8824547a7a23c3ff8f493f579fa53c32"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=LBLCBA==, md5=iCRUenojw/+PST9Xn6U8Mg==
x-goog-generation: 1638187283894200
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=2592000
x-goog-stored-content-length: 792364
cf-ray: 6b7475bd99c459f5-MXP
expires: Sat, 01 Jan 2022 12:11:48 GMT

GET
H2 204 /
ads.viralize.tv/track/ Frame 7973 0
39 B 24ms
24ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec536905bb2798a1da8bf0c7f2b641%3A0%3A1fltgtkc8-ctlhgr517i8-YWRuXzQzNjf_m8fOvg-NTw%3D%3D-wp1sc1%22%2C%22bid_opportunity_id%22%3A%221fltgtkc8-ctlhgr517i8-YWRuXzQzNjf_m8fOvg-NTw%3D%3D-wp1sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Requested by: Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 9666 284 B
536 B 33ms
9ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/jpg

GET
H2 204 /
content.viralize.tv/track/ Frame 75F3 0
39 B 20ms
20ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A10%2C%22type%22%3A%22event%22%2C%22category%22%3A%22player_session%22%2C%22session_id%22%3A%2201ec536905c0e1d82cf18e109bb32d01%3A0%22%2C%22player_session_id%22%3A%220%22%2C%22label%22%3A%22viewability_available%22%2C%22reason%22%3A%22ok%22%7D%5D
Requested by: Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 200 polyfill.min.js
polyfill.io/v3/ Frame 15E7 101 B
144 B 19ms
18ms Other
text/javascript 2a04:4e42:a00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 3331874
detected-user-agent: Chrome Mobile/96.0.4664
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 101
referrer-policy: origin-when-cross-origin
last-modified: Sat, 23 Oct 2021 23:42:31 GMT
date: Thu, 02 Dec 2021 12:11:48 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/96.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 7973 67 B
725 B 153ms
153ms XHR
application/xml 184.51.10.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=12944433&domain=herogayabmodeon.net&loc=herogayabmodeon.net&_fw_gdpr=1&_fw_gdpr_consent=&schain=1.0,1!viralize.com,5221,1,,,
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.10.5 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-5.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Dec 2021 12:11:48 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://herogayabmodeon.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1638447108813070-402
Expires: Thu, 02 Dec 2021 12:11:48 GMT

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 7973 0
82 B 16ms
16ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?future=1&zid=AAEBcUL8IcPI7WwA&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fherogayabmodeon.net%2F&t=adn&sid=01ec536905bb2798a1da8bf0c7f2b641&item=YWRuXzU5NzLojpU_jUeQ4A%3D%3D.3.1fltgtkc8-ctlhgr517i8-YWRuXzU5NzLojpU_jUeQ4A%3D%3D-wp3sc1
Requested by: Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 advast Show response
ice.360yield.com/ Frame 15E7 27 B
243 B 83ms
83ms XHR
application/xml 54.217.138.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/advast?p=22424692&w=16&h=9&minduration=1&maxduration=60&player_width=290&player_height=163&referrer=https%3A%2F%2Fherogayabmodeon.net%2F&gdpr=&vast_version=3&vpaid_version=2&video_format_type=instream&schain=1.0,1!viralize.com,5221,1,,,
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.138.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-138-163.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://herogayabmodeon.net
date: Thu, 02 Dec 2021 12:11:48 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 15E7 0
82 B 36ms
35ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?future=1&zid=AAEBdP6h29LnlVAo&hcid=NTg5OTYycFjxTXREJ-A%3D&u=https%3A%2F%2Fherogayabmodeon.net%2F&t=adn&sid=01ec536905c0e1d82cf18e109bb32d01&item=YWRuXzU4ODcoXcQ2RbU9tg%3D%3D.1.1fltgtkmn-iivqvckggjg-YWRuXzU4ODcoXcQ2RbU9tg%3D%3D-wp1sc1
Requested by: Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
DATA 200
OK truncated
/ Frame 15E7 6 KB
0 Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
Origin: https://herogayabmodeon.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H2 204 /
ads.viralize.tv/track/ Frame 7973 0
39 B 18ms
17ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec536905bb2798a1da8bf0c7f2b641%3A0%3A1fltgtkc8-ctlhgr517i8-YWRuXzUyNjkjAwD0cIbD_w%3D%3D-wp2sc1%22%2C%22bid_opportunity_id%22%3A%221fltgtkc8-ctlhgr517i8-YWRuXzUyNjkjAwD0cIbD_w%3D%3D-wp2sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

POST
H2 204 impression
trends.revcontent.com/event/ 0
0 89ms
31ms Fetch 52.213.21.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-21-126.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://herogayabmodeon.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://herogayabmodeon.net
date: Thu, 02 Dec 2021 12:11:48 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
H2 200 defaultWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 42 KB
12 KB 15ms
15ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0cd9d800b44b9345b3f5e1b84a990b090ebcb531f66d1ed0389eb98dfdc9634b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 22:26:24 GMT
server: AmazonS3
x-amz-request-id: QFCESAYKPW6NQ63P
etag: "1fb705966fb339630de22e8275ac7f2e"
x-hw: 1638447108.cds154.fr8.hn,1638447108.cds154.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 11869
x-amz-id-2: 2uvP9M+y5t1877NH1Fkv5BLmhz+6T4vOIVVUX1fdDYG0Z9uzlynF+lFbKcBlBfuF7QFHyeUfp/U=

GET
H2 200 defaultWidget.delivery.js Show response
assets.revcontent.com/master/ 16 KB
6 KB 15ms
15ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9f81e200ad3c710663c8802ccf0ae07f31f633b050b7a0951e1ca477013dfba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 22:26:21 GMT
server: AmazonS3
x-amz-request-id: QFC0AAKGXMVWVCSB
etag: "30da8afc2a220e275f0951f44514ae2d"
x-hw: 1638447108.cds154.fr8.hn,1638447108.cds280.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 6208
x-amz-id-2: jPmruEcbQHdA27LHq6QJErDIJA7ZCeh6HBwMtZQ2wp0L9XXHATWf2aNQp4eJ/21wNASYFvlk4Ro=

GET
H2 200 commonModal.delivery.js Show response
assets.revcontent.com/master/ 3 KB
2 KB 15ms
15ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/commonModal.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a80590eff46011debf23e3df98e78a7a8f59adf6887e63587c0248699290e3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 22:26:23 GMT
server: AmazonS3
x-amz-request-id: QFCE88TH4MEC14BJ
etag: "cf5977b19334aead4bc6be34804a5c2d"
x-hw: 1638447108.cds154.fr8.hn,1638447108.cds002.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 1645
x-amz-id-2: ubKPY+VjDz2z6Ra+fBrm874EHe+khEcGYwowj5Ci6ITsCX+KC/ijmPt8TRc47eSkTDZBgrz5l0Y=

GET
H2 200 rc-logo.png
cdn.revcontent.com/assets/img/ 4 KB
4 KB 68ms
21ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revcontent.com/assets/img/rc-logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
last-modified: Wed, 01 Dec 2021 16:11:10 GMT
etag: "1638375070"
x-hw: 1638447108.cds035.lo4.hn,1638447108.cds256.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=57841
accept-ranges: bytes
content-length: 4298

POST
H2 204 impression
trends.revcontent.com/event/ 0
0 47ms
32ms Fetch 52.213.21.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-21-126.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://herogayabmodeon.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://herogayabmodeon.net
date: Thu, 02 Dec 2021 12:11:48 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
H2 200 defaultWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 42 KB
12 KB 11ms
11ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0cd9d800b44b9345b3f5e1b84a990b090ebcb531f66d1ed0389eb98dfdc9634b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 22:26:24 GMT
server: AmazonS3
x-amz-request-id: QFCESAYKPW6NQ63P
etag: "1fb705966fb339630de22e8275ac7f2e"
x-hw: 1638447108.cds154.fr8.hn,1638447108.cds154.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 11869
x-amz-id-2: 2uvP9M+y5t1877NH1Fkv5BLmhz+6T4vOIVVUX1fdDYG0Z9uzlynF+lFbKcBlBfuF7QFHyeUfp/U=

GET
H/1.1 200
OK 307367 Show response
search.spotxchange.com/vast/2.0/ Frame 15E7 67 B
2 KB 46ms
45ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/307367?VPAID=JS&content_page_url=https%3A%2F%2Fherogayabmodeon.net%2F&cb=1638447108&player_width=290&player_height=163&gdpr=1&gdpr_consent=&custom[format]=instream&schain=1.0,1!viralize.com,5221,1,,,
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-spotx-Exception-RESULT: exception
Content-Encoding: gzip
X-spotx-Exception-ID: SPOTMARKET.HALTED
X-spotx-Exception-Message: SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID: SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require: 0.000480
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000022
X-SpotX-Timing-Page: 0.024014
Pragma: no-cache
Date: Thu, 02 Dec 2021 12:11:48 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://herogayabmodeon.net
X-SpotX-Timing-Page-Exception: 0.000016
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary: 0.013975
X-SpotX-Timing-Transform: 0.001034
X-SpotX-Timing-SpotMarket: 0.013975
X-fe: 062
X-SpotX-Timing-Page-Misc: 0.006220
Content-Length: 77
X-SpotX-Timing-Page-Context: 0.000450
Last-Modified: Thu, 02 Dec 2021 12:11:48 GMT
Server: nginx
X-spotx-Exception-global_blacklist-RESULT: failure
X-spotx-Exception-global_blacklist-Message: The referer 'herogayabmodeon.net' is blacklisted.
Access-Control-Allow-Credentials: true
X-SpotX-Timing-Page-Mux: 0.001804

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 15E7 0
82 B 26ms
26ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?future=1&zid=AAEBdP6h29LnlVAo&hcid=NTg5OTYycFjxTXREJ-A%3D&u=https%3A%2F%2Fherogayabmodeon.net%2F&t=adn&sid=01ec536905c0e1d82cf18e109bb32d01&item=YWRuXzU5NDHJ0eC78wxsUg%3D%3D.2.1fltgtkmn-iivqvckggjg-YWRuXzU5NDHJ0eC78wxsUg%3D%3D-wp2sc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 / Show response
ads.viralize.tv/d-vast/ Frame 7973 67 B
156 B 20ms
19ms XHR
text/xml 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/d-vast/?zid=AAEBcUL8IcPI7WwA&sid=01ec536905bb2798a1da8bf0c7f2b641&activation=onload&experiment=ops.&u=https%3A%2F%2Fherogayabmodeon.net%2F&ahd=1&player_session=%7B%22page_id%22%3A%22017d7b0ed098b72cfff5c1d3b0af7220%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A3193%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A535%2C%22height%22%3A301%7D%7D&sc=1&gdpr=1&cmp=unavailable&dd=herogayabmodeon.net&wfp=4&rcx=460.cfa73dab.1.14
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: 2c32c331c6e8de3b9aa3cfaec1cd5c295e848484d7925832a6aae6c2e0c3ea14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://herogayabmodeon.net
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 15749573270374684817.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 10 KB
10 KB 47ms
19ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/15749573270374684817.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

b5734271e1c5bf3b2eba0e22d76c41cd7917e9f85734e11aa5e0256a2e16fa5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
server-timing: fastly;dur=1;cpu=0;start=2021-11-11T17:41:23.856Z;desc=hit,rtt;dur=0
content-length: 10348
x-request-id: 952f65d52e225ae2dedd4d5860f5fa85
last-modified: Mon, 12 Oct 2020 18:14:31 GMT
server: Cloudinary
etag: "41908003786668259a2016e7bd20f597"
strict-transport-security: max-age=604800
x-hw: 1638447108.cds011.fr8.hn,1638447108.cds290.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 15263283421593005855.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 8 KB
8 KB 56ms
31ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/15263283421593005855.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

1af1c038d36afd0883ffefdb8a5e1de2112b854d130bda87b6865603983e8fe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Nov 2021 17:39:08 GMT
server: Cloudinary
etag: "9661a07d2b30adff1e8d4e3aaf6c0bf7"
strict-transport-security: max-age=604800
x-hw: 1638447108.cds011.fr8.hn,1638447108.cds251.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=2;cpu=1;start=2021-11-20T12:33:51.142Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 7761

GET
H2 200 616d5fc71107f9-92670354.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 7 KB
7 KB 43ms
19ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/616d5fc71107f9-92670354.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

4e723d109acbb6de9c7dbb952d0bdf89f204d94de46dc5f0a6675c88d45915e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
server-timing: fastly;dur=365;cpu=0;start=2021-12-01T06:44:56.186Z;desc=miss,rtt;dur=0,cloudinary;dur=271;start=2021-12-01T06:44:56.230Z,cld-id;desc=902ccee36657a1caeff63e9e0d581760
content-length: 7168
x-request-id: 902ccee36657a1caeff63e9e0d581760
last-modified: Mon, 25 Oct 2021 12:38:50 GMT
server: Cloudinary
etag: "31afd803db7a8a91b09ba28e84067900"
strict-transport-security: max-age=604800
x-hw: 1638447108.cds011.fr8.hn,1638447108.cds245.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 6179e9dfddde76-18821747.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 9 KB
9 KB 49ms
26ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/6179e9dfddde76-18821747.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

3539e71564ed1010478020e559b88b87b3d72245ecccdad41de7b9d25d1ee788

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
server-timing: fastly;dur=1;cpu=0;start=2021-12-02T06:15:51.895Z;desc=hit,rtt;dur=0
content-length: 8933
x-request-id: c2f7dc71ed72bf39733374a194aaad2b
last-modified: Thu, 28 Oct 2021 12:08:30 GMT
server: Cloudinary
etag: "0fc321693ae863bbdcdd10e033749a81"
strict-transport-security: max-age=604800
x-hw: 1638447108.cds011.fr8.hn,1638447108.cds215.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 15640404341084736444.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 7 KB
7 KB 51ms
31ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/15640404341084736444.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

d8338b3d869968da36ed7d843b798b64276fa0ffca33c6dc605d066b2c044eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:49 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Nov 2021 21:36:24 GMT
server: Cloudinary
etag: "4b523b22febb517f33322f9f8ca93739"
strict-transport-security: max-age=604800
x-hw: 1638447108.cds011.fr8.hn,1638447109.cds167.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=113;cpu=1;start=2021-11-12T21:42:01.412Z;desc=miss,rtt;dur=0,cloudinary;dur=21;start=2021-11-12T21:42:01.459Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 6695

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 15E7 1 KB
2 KB 50ms
50ms XHR
application/xml 184.51.10.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11644593&domain=herogayabmodeon.net&loc=herogayabmodeon.net&_fw_gdpr=1&_fw_gdpr_consent=&schain=1.0,1!viralize.com,5221,1,,,
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.10.5 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-5.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 89c1c7438228f135a6e7aa0a9ad3d3b7e1a5090b3d18548c190bb7fa494267db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Dec 2021 12:11:48 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://herogayabmodeon.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1356
x-sticky-va: 1
x-sticky-vk: 1638447108820090-334
Expires: Thu, 02 Dec 2021 12:11:48 GMT

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 15E7 0
82 B 19ms
18ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?future=1&zid=AAEBdP6h29LnlVAo&hcid=NTg5OTYycFjxTXREJ-A%3D&u=https%3A%2F%2Fherogayabmodeon.net%2F&t=adn&sid=01ec536905c0e1d82cf18e109bb32d01&item=YWRuXzUwODCARic6oZNXgQ%3D%3D.3.1fltgtkmn-iivqvckggjg-YWRuXzUwODCARic6oZNXgQ%3D%3D-wp3sc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 617b4e2c873a27-75747035.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 13 KB
14 KB 35ms
26ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/617b4e2c873a27-75747035.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

1cdccef0f0b71be16cb6109b6aca4712143bb7ffb860c7a0fb582de592807037

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
server-timing: fastly;dur=1;cpu=0;start=2021-12-02T06:15:51.901Z;desc=hit,rtt;dur=0
content-length: 13815
x-request-id: 1608b63ba47ba658aaa38daa0763076c
last-modified: Fri, 29 Oct 2021 12:22:34 GMT
server: Cloudinary
etag: "72e600ab67d7494eea9c807c304d9aa7"
strict-transport-security: max-age=604800
x-hw: 1638447108.cds011.fr8.hn,1638447108.cds122.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 616510e8c843a8-82046314.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 7 KB
7 KB 23ms
16ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/616510e8c843a8-82046314.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

648c8ed5533d6eb5b55fee8978addbd18810e38d01d942c1fd8850b4d306c45c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
server-timing: fastly;dur=1;start=2021-11-30T09:16:18.307Z;desc=hit,rtt;dur=1
content-length: 6861
x-request-id: 6e32fbe53b4debe8dd7a1c228d2d9181
last-modified: Tue, 12 Oct 2021 11:58:44 GMT
server: Cloudinary
etag: "6865005797d40ffe838acb7d8eb48553"
strict-transport-security: max-age=604800
x-hw: 1638447108.cds011.fr8.hn,1638447108.cds052.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 615b9f5a1d7fc9-86815355.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 5 KB
5 KB 21ms
16ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/615b9f5a1d7fc9-86815355.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

4703654c25ba10f637d0e7be84ec8d1e195a224588c75e6e34c07a45d6ef281b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
x-content-type-options: nosniff
server-timing: fastly;dur=410;cpu=0;start=2021-11-29T08:49:16.232Z;desc=miss,rtt;dur=0,cloudinary;dur=310;start=2021-11-29T08:49:16.278Z,cld-id;desc=20f852ab48d59b16a7fd964528ec59ab
content-length: 4936
x-request-id: 20f852ab48d59b16a7fd964528ec59ab
last-modified: Thu, 07 Oct 2021 14:55:38 GMT
server: Cloudinary
etag: "4c78657192a1f90fa709ce8c776b2c5f"
strict-transport-security: max-age=604800
x-hw: 1638447108.cds011.fr8.hn,1638447108.cds002.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 7973 65 B
651 B 146ms
87ms XHR
text/xml 37.157.2.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=759674&t=2&url=https%3A%2F%2Fherogayabmodeon.net%2F&gdpr=1&gdpr_consent=&w=535&h=301&t=1&random=1638447108

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:49 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://herogayabmodeon.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 7973 0
82 B 16ms
16ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?future=1&zid=AAEBcUL8IcPI7WwA&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fherogayabmodeon.net%2F&t=adn&sid=01ec536905bb2798a1da8bf0c7f2b641&item=YWRuXzQzOTV46FD37iBK-A%3D%3D.5.1fltgtkc8-ctlhgr517i8-YWRuXzQzOTV46FD37iBK-A%3D%3D-wp5sc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 204 /
ads.viralize.tv/track/ Frame 15E7 0
39 B 15ms
15ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec536905c0e1d82cf18e109bb32d01%3A0%3A1fltgtkmn-iivqvckggjg-YWRuXzU4ODcoXcQ2RbU9tg%3D%3D-wp1sc1%22%2C%22bid_opportunity_id%22%3A%221fltgtkmn-iivqvckggjg-YWRuXzU4ODcoXcQ2RbU9tg%3D%3D-wp1sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec536905c0e1d82cf18e109bb32d01%3A0%3A1fltgtkmn-iivqvckggjg-YWRuXzU5NDHJ0eC78wxsUg%3D%3D-wp2sc1%22%2C%22bid_opportunity_id%22%3A%221fltgtkmn-iivqvckggjg-YWRuXzU5NDHJ0eC78wxsUg%3D%3D-wp2sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 204 /
ads.viralize.tv/track/ Frame 7973 0
39 B 18ms
18ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec536905bb2798a1da8bf0c7f2b641%3A0%3A1fltgtkc8-ctlhgr517i8-YWRuXzU5NzLojpU_jUeQ4A%3D%3D-wp3sc1%22%2C%22bid_opportunity_id%22%3A%221fltgtkc8-ctlhgr517i8-YWRuXzU5NzLojpU_jUeQ4A%3D%3D-wp3sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:48 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 200 /
ads.viralize.tv/t-bid-done/ Frame 15E7 0
82 B 20ms
20ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-done/?future=1&zid=AAEBdP6h29LnlVAo&hcid=NTg5OTYycFjxTXREJ-A%3D&u=https%3A%2F%2Fherogayabmodeon.net%2F&t=adn&gcid=YWRuXzUwODCARic6oZNXgQ%3D%3D&bid_opportunity_id=1fltgtkmn-iivqvckggjg-YWRuXzUwODCARic6oZNXgQ%3D%3D-wp3sc1&l=vpaid&as=stickyADStv&ct=application%2Fjavascript&sid=01ec536905c0e1d82cf18e109bb32d01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:49 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 73C0 337 KB
114 KB 76ms
16ms Script
application/x-javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.8824547a.js?e=ops
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6250724039ed93b9a935e138a4bfb656f576e84950c56e719168f4b8a8cc731b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 02 Dec 2021 12:11:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1638447109.dop006.ml1.t,1638447109.cds001.ml1.shn,1638447109.cds001.ml1.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 116217

GET
H2 204 /
ads.viralize.tv/track/ Frame 15E7 0
39 B 15ms
14ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ec536905c0e1d82cf18e109bb32d01%3A0%3A1fltgtkmn-iivqvckggjg-YWRuXzUwODCARic6oZNXgQ%3D%3D-wp3sc1%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:49 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 200 platforms Show response
odb.outbrain.com/utils/ Frame 7973 4 KB
3 KB 187ms
156ms XHR
text/xml 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fherogayabmodeon.net%2F&widgetJSId=APP_1&key=SHOWH17F9OA6C5I1O3841IK2K&idx=0&format=vast&cors=true&cnsntv2=
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 51b5e77f332b52c78b493347f2a9c4e16c40f2e8b5f896b2b55b989d50dadea0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:49 GMT
content-encoding: gzip
traffic-path: NYDC1, LGA, HHN, Europe1
access-control-allow-origin: https://herogayabmodeon.net
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.117.60
x-cache-hits: 0, 0
x-traceid: a68366038837a92f00a17dfc551c27a4
content-length: 2163
x-served-by: cache-lga21960-LGA, cache-hhn4047-HHN
x-timer: S1638447109.153543,VS0,VE149
vary: Accept-Encoding, User-Agent
content-type: text/xml; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 7973 0
82 B 18ms
17ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?future=1&zid=AAEBcUL8IcPI7WwA&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fherogayabmodeon.net%2F&t=adn&sid=01ec536905bb2798a1da8bf0c7f2b641&item=YWRuXzczNzZymIV0D12Chw%3D%3D.6.1fltgtkc8-ctlhgr517i8-YWRuXzczNzZymIV0D12Chw%3D%3D-wp6sc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:49 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 73C0 25 KB
25 KB 75ms
18ms XHR
application/octet-stream 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1638447109162
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 02 Dec 2021 12:11:49 GMT
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1638447109.dop025.ml1.t,1638447109.cds213.ml1.shn,1638447109.cds213.ml1.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://herogayabmodeon.net
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET

/
c1.adform.net/serving/cookie/match/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=15d95ac78624206d4da86b9091903078&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g046_7037076749381021325
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MTVkOTVhYzc4NjI0MjA2ZDRkYTg2YjkwOTE5MDMwNzg=&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc=&google_hm=MTVkOTVhYzc4NjI0MjA2ZDRkYTg2YjkwOTE5MDMwNzg=&gdpr=0&gdpr_consent=&google_tc=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEIjGo4UUQGMZOKuaDspoXqo&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=19f654cd-9b19-45ec-8ff0-e960ed92d48c
https://pr-bh.ybp.yahoo.com/sync/stickyads/15d95ac78624206d4da86b9091903078?gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-XyNV_k1E2oOUIrzgbptVFLboLYtlMezJhwEGEc90~A
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=5053986235622163336
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=095461a8-b805-4000-a84f-10755b990a6d&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=VCfYSWcy1MSKWi5&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent=

0
0

GET
H2 204 /
ads.viralize.tv/track/ Frame 7973 0
39 B 16ms
15ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec536905bb2798a1da8bf0c7f2b641%3A0%3A1fltgtkc8-ctlhgr517i8-YWRuXzQzOTV46FD37iBK-A%3D%3D-wp5sc1%22%2C%22bid_opportunity_id%22%3A%221fltgtkc8-ctlhgr517i8-YWRuXzQzOTV46FD37iBK-A%3D%3D-wp5sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:49 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 73C0 301 B
861 B 70ms
39ms XHR
text/xml 184.51.10.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=11644593&loc=https%3A%2F%2Fherogayabmodeon.net%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.10.5 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-5.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: https://herogayabmodeon.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Dec 2021 12:11:49 GMT
Server: nginx
Access-Control-Allow-Origin: https://herogayabmodeon.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1638447109188072-521
Expires: Thu, 02 Dec 2021 12:11:49 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 73C0 67 B
725 B 175ms
144ms XHR
application/xml 184.51.10.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=11644593&loc=https%3A%2F%2Fherogayabmodeon.net%2F&domain=herogayabmodeon.net&reqType=AdsSetup&_fw_gdpr=1&protocolVersion=2.0&_fw_gdpr_consent=&schain=1.0%2C1!viralize.com%2C5221%2C1%2C%2C%2C&auction=1&vav=773329ddb44d639d8ca87b25bcd2c2fb&vaviv=57efc76ee36c608a866c4fc032b8f7a2&mustangVersion=1.12.1.6&focus=true&percentViewable=100&componentId=vpaid-adapter&playerSize=290x163&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.10.5 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-5.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: https://herogayabmodeon.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Dec 2021 12:11:49 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://herogayabmodeon.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1638447109242005-599
Expires: Thu, 02 Dec 2021 12:11:49 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MTVkOTVhYzc4NjI0MjA2ZDRkYTg2YjkwOTE5MDMwNzg=&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MTVkOTVhYzc4NjI0MjA2ZDRkYTg2YjkwOTE5MDMwNzg=&gdpr=0&gdpr_consent=&google_tc=

170 B
188 B

49ms
35ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MTVkOTVhYzc4NjI0MjA2ZDRkYTg2YjkwOTE5MDMwNzg=&gdpr=0&gdpr_consent=&google_tc=

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 12:11:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Dec 2021 12:11:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MTVkOTVhYzc4NjI0MjA2ZDRkYTg2YjkwOTE5MDMwNzg=&gdpr=0&gdpr_consent=&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 363
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=15d95ac78624206d4da86b9091903078&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

318ms
106ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=15d95ac78624206d4da86b9091903078&ex=freewheel.tv&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Dec 2021 12:11:49 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: B957GZVDKFJ3C54SY3AS
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Dec 2021 12:11:49 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=15d95ac78624206d4da86b9091903078&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1638447109277082-512
Expires: Thu, 02 Dec 2021 12:11:49 GMT

GET
H2 200 /
ads.viralize.tv/t-bid-done/ Frame 7973 0
82 B 24ms
24ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-done/?future=1&zid=AAEBcUL8IcPI7WwA&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fherogayabmodeon.net%2F&t=adn&gcid=YWRuXzczNzZymIV0D12Chw%3D%3D&bid_opportunity_id=1fltgtkc8-ctlhgr517i8-YWRuXzczNzZymIV0D12Chw%3D%3D-wp6sc1&l=vast&as=iabtechlab&ct=video%2Fmp4&sid=01ec536905bb2798a1da8bf0c7f2b641
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:49 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 206 eyJpdSI6IjNiMmJhZTgwYzUwMDQ4ODc4Yjg4ODM2MmY3YjFlMTFiOGNiMWI5YjNjYTI3NGRkYzNhZDdiMjljMzU0N2FlMTgiLCJ3IjozMDAsImgiOjI1MCwiZCI6MS41LCJjcyI6MCwiZiI6NSwiYmkiOnsicyI6eyJmZiI6bnVsbCwiZnMiOjEwLCJ0eCI6ImNkb...
images.outbrainimg.com/transform/v3/ Frame 7973 1 MB
1 MB 88ms
33ms Media
video/mp4 23.202.54.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjNiMmJhZTgwYzUwMDQ4ODc4Yjg4ODM2MmY3YjFlMTFiOGNiMWI5YjNjYTI3NGRkYzNhZDdiMjljMzU0N2FlMTgiLCJ3IjozMDAsImgiOjI1MCwiZCI6MS41LCJjcyI6MCwiZiI6NSwiYmkiOnsicyI6eyJmZiI6bnVsbCwiZnMiOjEwLCJ0eCI6ImNkbi50YWJvb2xhLmNvbSJ9LCJ0bCI6eyJmZiI6bnVsbCwiZnMiOjE0LCJ0eCI6IltGb3Rvc10gRGllIGdpZnRpZ3N0ZW4gUGZsYW56ZW4gdW5kIFRpZXJlIGRlciBXZWx0LCBiZXLDvGhyZSBzaWUgbmllIn0sImN0YSI6eyJmZiI6bnVsbCwiZnMiOjEwLCJ0eCI6IlJlYWQgbW9yZSJ9LCJydGwiOmZhbHNlLCJiZCI6IlczMDBfSDI1MCIsInRuIjoidmlkZW8tMTBfc2Vjb25kcyJ9fQ.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.54.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-54-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ea48b9aa482544eca9263ad3cd25a90883711d5fb20581271e84ce7bc0fbc6de

Request headers

Referer: https://herogayabmodeon.net/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 02 Dec 2021 12:11:49 GMT
last-modified: Fri, 03 Sep 2021 19:10:43 GMT
content-type: video/mp4
Content-Range: bytes 0-1110122/1110123
cache-control: max-age=2410364
x-traceid: f72d4902a744b69d518502a24a3cec80
timing-allow-origin: *
Content-Length: 1110123

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 32ms
31ms Fetch 52.213.21.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/generic

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-21-126.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://herogayabmodeon.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://herogayabmodeon.net
date: Thu, 02 Dec 2021 12:11:49 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 31ms
31ms Fetch 52.213.21.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/generic

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-21-126.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://herogayabmodeon.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://herogayabmodeon.net
date: Thu, 02 Dec 2021 12:11:49 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
H2 204 /
ads.viralize.tv/track/ Frame 7973 0
39 B 16ms
16ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ec536905bb2798a1da8bf0c7f2b641%3A0%3A1fltgtkc8-ctlhgr517i8-YWRuXzczNzZymIV0D12Chw%3D%3D-wp6sc1%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:49 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 36ms
35ms Fetch 52.213.21.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/generic

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-21-126.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://herogayabmodeon.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://herogayabmodeon.net
date: Thu, 02 Dec 2021 12:11:49 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
H2 200 / Show response
ads.viralize.tv/d-vast/ Frame 15E7 67 B
137 B 20ms
20ms XHR
text/xml 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/d-vast/?zid=AAEBdP6h29LnlVAo&sid=01ec536905c0e1d82cf18e109bb32d01&activation=adfill&experiment=ops.&u=https%3A%2F%2Fherogayabmodeon.net%2F&ahd=1&player_session=%7B%22page_id%22%3A%22017d7b0ed098b72cfff5c1d3b0af7220%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A3261%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A290%2C%22height%22%3A163%7D%7D&sc=1&gdpr=1&cmp=unavailable&dd=herogayabmodeon.net&content_adplayer=1&hcid=NTg5OTYycFjxTXREJ-A%3D&enable_branding=0&wfp=4&rcx=460.cfa73dab.1.14
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: 2c32c331c6e8de3b9aa3cfaec1cd5c295e848484d7925832a6aae6c2e0c3ea14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:49 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://herogayabmodeon.net
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 15E7 65 B
650 B 81ms
81ms XHR
text/xml 37.157.2.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=952579&t=2&url=https%3A%2F%2Fherogayabmodeon.net%2F&gdpr=1&gdpr_consent=&w=290&h=163&t=1&random=1638447108

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:49 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://herogayabmodeon.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 15E7 0
82 B 17ms
17ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?future=1&zid=AAEBdP6h29LnlVAo&hcid=NTg5OTYycFjxTXREJ-A%3D&u=https%3A%2F%2Fherogayabmodeon.net%2F&t=adn&sid=01ec536905c0e1d82cf18e109bb32d01&item=YWRuXzU5MDPAbZbCBWpFiQ%3D%3D.5.1fltgtkmn-iivqvckggjg-YWRuXzU5MDPAbZbCBWpFiQ%3D%3D-wp5sc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:49 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK l
mcdp-nydc1.outbrain.com/ Frame 7973 2 B
214 B 347ms
86ms Image
text/plain 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mcdp-nydc1.outbrain.com/l?token=94395c1413b978da00b82c19ecb6c14f_116433_1638447109253
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 02 Dec 2021 12:11:49 GMT
content-encoding: gzip
X-TraceId: 399e3d71406b208e3c5a28a9a2a4e591
Content-Length: 28
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK widgetGlobalEvent
log.outbrainimg.com/loggerServices/ Frame 7973 4 B
325 B 389ms
91ms Image
application/json 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=94395c1413b978da00b82c19ecb6c14f&pvId=94395c1413b978da00b82c19ecb6c14f&sid=8415936&pid=116433&idx=0&wId=140&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Dec 2021 12:11:49 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: bd95a84ee585c91bf6138874a700e75f
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK log-viewability
log.outbrainimg.com/loggerServices/ Frame 7973 4 B
325 B 396ms
92ms Image
application/json 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.outbrainimg.com/loggerServices/log-viewability?requestId=94395c1413b978da00b82c19ecb6c14f&position=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Dec 2021 12:11:49 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 5642df1598170af81b29c804dfd7c876
Content-Length: 4
Expires: 0

GET
H3

200

/
herogayabmodeon.net/ Frame 7973
Redirect Chain

https://herogayabmodeon.net/94395c1413b978da00b82c19ecb6c14f
https://herogayabmodeon.net/

51 KB
51 KB

285ms
285ms

Image
text/html

2606:4700:3030::6815:297d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herogayabmodeon.net/

Protocol

Server

2606:4700:3030::6815:297d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmskUMdbZ%2BcqcsTmMOyRaOnMJlrqytXMkQ1q%2F3faksgpYZBdy0I8WoRCa6Sr8LQikMCE2RIWhheu4Qbcd3glra1YLInQsjEbsKOGK%2B%2B6kTiwqMk2tP0a1G5mHztOflomWUlHRNrh2AGDY2yr%2BXIyT4HJ"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 6b7475c389ba3744-MXP
link: <https://herogayabmodeon.net/wp-json/>; rel="https://api.w.org/", <https://herogayabmodeon.net/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json", <https://herogayabmodeon.net/>; rel=shortlink

Redirect headers

date: Thu, 02 Dec 2021 12:11:49 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-redirect-by: WordPress
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFDKlYfASPgdAIqB9nL7yYqTMxwoCKL1hH7lDHr2%2BzytOPTStqF8k2fkyQwaaqcJUakMWVQGjPBbVLLR2htTOpRky9JrxgN4qQ1bgfvKQ%2BdgMp8z%2F025kf7ikDs0i7G5rSZqdMcbhxKO4yODZtaQTnc1"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://herogayabmodeon.net
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 6b7475c21de73744-MXP
link: <https://herogayabmodeon.net/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2

200

i
ipds.adrta.com/
Redirect Chain

https://adrta.com/i?clid=vrl&paid=vrl&dvid=v&plid=bnOdQq4eod4nHhHRsdX-sg&caid=YWRuXzczNzZymIV0D12Chw==&publisherId=5221&siteId=49846&kv1=1920x1080&kv2=https%3A%2F%2Fherogayabmodeon.net%2F&kv7=herog...
https://ipds.adrta.com/i?__x=GNHFILEIJDIICG@MKLILMLHMPMKFJIHOMBILIMILNFGQMGM@LMMGMMHMMOGEOJKGNHPBFMKNJILIGNNINAHLPOGLLKFEEKGMIMLIF@IMHOLJMFEQNFOCFAE@H&clid=vrl&paid=vrl&dvid=v&plid=bnOdQq4eod4nHhHR...

43 B
211 B

347ms
95ms

Image
image/gif

2600:1f18:26d4:7e01:316:4277:55f4:202c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipds.adrta.com/i?__x=GNHFILEIJDIICG@MKLILMLHMPMKFJIHOMBILIMILNFGQMGM@LMMGMMHMMOGEOJKGNHPBFMKNJILIGNNINAHLPOGLLKFEEKGMIMLIF@IMHOLJMFEQNFOCFAE@H&clid=vrl&paid=vrl&dvid=v&plid=bnOdQq4eod4nHhHRsdX-sg&caid=YWRuXzczNzZymIV0D12Chw==&publisherId=5221&siteId=49846&kv1=1920x1080&kv2=https%3A%2F%2Fherogayabmodeon.net%2F&kv7=herogayabmodeon.net&kv11=DDi4fWqiVH&kv12=AAEBcUL8IcPI7WwA&kv24=Desktop_Video_VPAID&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&kv44=autoplay
Protocol: H2
Server: 2600:1f18:26d4:7e01:316:4277:55f4:202c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 12:11:50 GMT
cache-control: no-cache
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://ipds.adrta.com/i?__x=GNHFILEIJDIICG@MKLILMLHMPMKFJIHOMBILIMILNFGQMGM@LMMGMMHMMOGEOJKGNHPBFMKNJILIGNNINAHLPOGLLKFEEKGMIMLIF@IMHOLJMFEQNFOCFAE@H&clid=vrl&paid=vrl&dvid=v&plid=bnOdQq4eod4nHhHRsdX-sg&caid=YWRuXzczNzZymIV0D12Chw==&publisherId=5221&siteId=49846&kv1=1920x1080&kv2=https%3A%2F%2Fherogayabmodeon.net%2F&kv7=herogayabmodeon.net&kv11=DDi4fWqiVH&kv12=AAEBcUL8IcPI7WwA&kv24=Desktop_Video_VPAID&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&kv44=autoplay
date: Thu, 02 Dec 2021 12:11:49 GMT
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-length: 0

GET
H/1.1 200
OK 2021 Show response
x3.instreamatic.com/v3/vast/ Frame 15E7 2 KB
3 KB 530ms
208ms XHR
application/xml 40.80.160.49
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x3.instreamatic.com/v3/vast/2021
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.80.160.49 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 57a443bc798739908014bc1b3e4a0e1db178a2e8d00d90f889a7840693d7c928

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://herogayabmodeon.net
Date: Thu, 02 Dec 2021 12:11:49 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Content-Length: 2537
Content-Type: application/xml

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 15E7 0
82 B 19ms
19ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?future=1&zid=AAEBdP6h29LnlVAo&hcid=NTg5OTYycFjxTXREJ-A%3D&u=https%3A%2F%2Fherogayabmodeon.net%2F&t=adn&sid=01ec536905c0e1d82cf18e109bb32d01&item=YWRuXzc5NDBcHpAJ4fjY7Q%3D%3D.6.1fltgtkmn-iivqvckggjg-YWRuXzc5NDBcHpAJ4fjY7Q%3D%3D-wp6sc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:49 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 204 /
ads.viralize.tv/track/ Frame 7973 0
39 B 17ms
16ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A7%2C%22type%22%3A%22event%22%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ec536905bb2798a1da8bf0c7f2b641%3A0%3A1fltgtkc8-ctlhgr517i8-YWRuXzczNzZymIV0D12Chw%3D%3D-wp6sc1%3A0%3A0%22%2C%22creativity_session_id%22%3A%220%22%2C%22label%22%3A%22start%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A7%2C%22type%22%3A%22event%22%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ec536905bb2798a1da8bf0c7f2b641%3A0%3A1fltgtkc8-ctlhgr517i8-YWRuXzczNzZymIV0D12Chw%3D%3D-wp6sc1%3A0%3A0%22%2C%22creativity_session_id%22%3A%220%22%2C%22label%22%3A%22impression%22%2C%22reason%22%3A%22ok%22%2C%22adsystem%22%3A%22iabtechlab%22%2C%22aspect_ratio%22%3A%2216%2F9%22%2C%22content_type%22%3A%22video%2Fmp4%22%2C%22creativity_id%22%3A%22bnOdQq4eod4nHhHRsdX-sg%22%2C%22creativity_width%22%3A1920%2C%22duration%22%3A10%2C%22format%22%3A%22thumbstream-autoplay%22%2C%22linear%22%3Atrue%2C%22loader%22%3A%22vast%22%2C%22wrappers_count%22%3A1%7D%2C%7B%22ver%22%3A7%2C%22type%22%3A%22event%22%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ec536905bb2798a1da8bf0c7f2b641%3A0%3A1fltgtkc8-ctlhgr517i8-YWRuXzczNzZymIV0D12Chw%3D%3D-wp6sc1%3A0%3A0%22%2C%22creativity_session_id%22%3A%220%22%2C%22label%22%3A%22play%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:49 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 204 /
ads.viralize.tv/track/ Frame 7973 0
39 B 18ms
18ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A7%2C%22type%22%3A%22event%22%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ec536905bb2798a1da8bf0c7f2b641%3A0%3A1fltgtkc8-ctlhgr517i8-YWRuXzczNzZymIV0D12Chw%3D%3D-wp6sc1%3A0%3A0%22%2C%22creativity_session_id%22%3A%220%22%2C%22label%22%3A%22viewable_start%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:49 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 204 /
ads.viralize.tv/track/ Frame 15E7 0
39 B 15ms
15ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec536905c0e1d82cf18e109bb32d01%3A0%3A1fltgtkmn-iivqvckggjg-YWRuXzU5MDPAbZbCBWpFiQ%3D%3D-wp5sc1%22%2C%22bid_opportunity_id%22%3A%221fltgtkmn-iivqvckggjg-YWRuXzU5MDPAbZbCBWpFiQ%3D%3D-wp5sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:49 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

POST
H2 204 view
trends.revcontent.com/event/ 0
0 31ms
31ms Fetch 52.213.21.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/view

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-21-126.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://herogayabmodeon.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://herogayabmodeon.net
date: Thu, 02 Dec 2021 12:11:49 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
H2 200 ars Show response
cmod576.live.streamtheworld.com/ondemand/ Frame 15E7 330 B
913 B 885ms
405ms XHR
application/xml 192.173.31.106
TRITONDIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cmod576.live.streamtheworld.com/ondemand/ars?type=preroll&stid=170713&version=1.7.1&ttag=publishername:showheroes25&dist=showheroes25
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.173.31.106 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software: /
Resource Hash: 4ca49dec008b754bfd970cf2a7e4fde52eb914e00658f680b168ed945d6c21aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 12:11:50 GMT
x-stw-ps: par-cl02-mesos03
x-stw-site: PAR
x-stw-dc: par
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://herogayabmodeon.net
cache-control: no-cache
access-control-allow-credentials: true
content-cache: no-cache
content-length: 330
expires: -1

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 44 B
330 B 31ms
15ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1258

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://herogayabmodeon.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Dec 2021 12:11:50 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://herogayabmodeon.net
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
338 B 214ms
141ms XHR
application/json 63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: e7808fcae9eddc6c81908f43c593e4bdc4b9b2a54e2195f2dcb95ea4e299e444

Request headers

Referer: https://herogayabmodeon.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 12:11:50 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://herogayabmodeon.net
cache-control: no-cache
x-server: 10.45.9.63
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
651 B 31ms
31ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: c89be6283119e6a5e0697631c33c4eb5f2f86cd6ef09f9ce3272f491ca54e263

Request headers

Referer: https://herogayabmodeon.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Dec 2021 12:11:50 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://herogayabmodeon.net
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Sat, 01 Jan 2022 12:11:50 GMT

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
338 B 156ms
95ms XHR
application/json 63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 20fe16a01a216b2d4f0f006f1e3853545ee782e1a8df25d850aeb358dfe52309

Request headers

Referer: https://herogayabmodeon.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 12:11:50 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://herogayabmodeon.net
cache-control: no-cache
x-server: 10.45.23.75
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
651 B 31ms
31ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: c89be6283119e6a5e0697631c33c4eb5f2f86cd6ef09f9ce3272f491ca54e263

Request headers

Referer: https://herogayabmodeon.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Dec 2021 12:11:50 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://herogayabmodeon.net
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Sat, 01 Jan 2022 12:11:50 GMT

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
339 B 111ms
64ms XHR
application/json 63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: c018976d0fe1b2745dec151ddc9eeb1242b8ea1b4503a807daaf4d33db360c3a

Request headers

Referer: https://herogayabmodeon.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 12:11:50 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://herogayabmodeon.net
cache-control: no-cache
x-server: 10.45.25.208
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
651 B 31ms
31ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: c89be6283119e6a5e0697631c33c4eb5f2f86cd6ef09f9ce3272f491ca54e263

Request headers

Referer: https://herogayabmodeon.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Dec 2021 12:11:50 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://herogayabmodeon.net
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Sat, 01 Jan 2022 12:11:50 GMT

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
340 B 83ms
41ms XHR
application/json 63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 6e5260e9bf3e362932a235270cd5d9a6053f17398de223bbbe77339cc200b8a5

Request headers

Referer: https://herogayabmodeon.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 12:11:50 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://herogayabmodeon.net
cache-control: no-cache
x-server: 10.45.19.252
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
651 B 32ms
31ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: c89be6283119e6a5e0697631c33c4eb5f2f86cd6ef09f9ce3272f491ca54e263

Request headers

Referer: https://herogayabmodeon.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Dec 2021 12:11:50 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://herogayabmodeon.net
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Sat, 01 Jan 2022 12:11:50 GMT

GET
H2 200 missed-op
eu-ondemand-impression.tritondigital.com/ondemand/ Frame 15E7 0
172 B 81ms
20ms Image
text/plain 192.173.31.106
TRITONDIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-ondemand-impression.tritondigital.com/ondemand/missed-op?position=preroll&listenerId=cookie:df2d9926-0158-4a13-a549-9cec3f4bb70e&stationId=170713&publisherId=28003&adRequestId=1caa60b8-3c5e-4eb2-830f-563a05869eee&durSec=%5BTD_DURATION%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.173.31.106 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 02 Dec 2021 12:11:50 GMT
x-stw-ps: par-cl02-mesos05
access-control-allow-credentials: true
x-stw-site: PAR
content-length: 0
access-control-allow-methods: GET, OPTIONS

GET
H/1.1 200
OK error.gif
xs3.instreamatic.com/stat/ Frame 15E7 42 B
238 B 494ms
165ms Image
image/gif 40.80.160.49
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xs3.instreamatic.com/stat/error.gif?r=89177081&v=5CBf55DBcd0882BA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.80.160.49 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 02 Dec 2021 12:11:51 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

GET
H2 204 /
ads.viralize.tv/track/ Frame 15E7 0
39 B 16ms
15ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec536905c0e1d82cf18e109bb32d01%3A0%3A1fltgtkmn-iivqvckggjg-YWRuXzc5NDBcHpAJ4fjY7Q%3D%3D-wp6sc1%22%2C%22bid_opportunity_id%22%3A%221fltgtkmn-iivqvckggjg-YWRuXzc5NDBcHpAJ4fjY7Q%3D%3D-wp6sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:50 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 204 /
ads.viralize.tv/track/ Frame 7973 0
39 B 16ms
15ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A7%2C%22type%22%3A%22event%22%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ec536905bb2798a1da8bf0c7f2b641%3A0%3A1fltgtkc8-ctlhgr517i8-YWRuXzczNzZymIV0D12Chw%3D%3D-wp6sc1%3A0%3A0%22%2C%22creativity_session_id%22%3A%220%22%2C%22label%22%3A%22viewable%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:51 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 204 /
ads.viralize.tv/track/ Frame 7973 0
39 B 17ms
17ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A7%2C%22type%22%3A%22event%22%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ec536905bb2798a1da8bf0c7f2b641%3A0%3A1fltgtkc8-ctlhgr517i8-YWRuXzczNzZymIV0D12Chw%3D%3D-wp6sc1%3A0%3A0%22%2C%22creativity_session_id%22%3A%220%22%2C%22label%22%3A%22first_quartile%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A7%2C%22type%22%3A%22event%22%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ec536905bb2798a1da8bf0c7f2b641%3A0%3A1fltgtkc8-ctlhgr517i8-YWRuXzczNzZymIV0D12Chw%3D%3D-wp6sc1%3A0%3A0%22%2C%22creativity_session_id%22%3A%220%22%2C%22label%22%3A%22viewable_first_quartile%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:52 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 200 / Show response
ads.viralize.tv/player/ Frame A8F1 5 KB
2 KB 28ms
27ms XHR
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/player/?zid=AAEBdP6h29LnlVAo&sid=01ec536905c0e1d82cf18e109bb32d01&activation=adfill&experiment=ops.&u=https%3A%2F%2Fherogayabmodeon.net%2F&ahd=1&player_session=%7B%22page_id%22%3A%22017d7b0ed098b72cfff5c1d3b0af7220%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A3261%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A290%2C%22height%22%3A163%7D%2C%22player_position%22%3A%7B%22top%22%3A356%2C%22left%22%3A999%7D%7D&sc=1&gdpr=1&cmp=unavailable&dd=herogayabmodeon.net&content_adplayer=1&hcid=NTg5OTYycFjxTXREJ-A%3D&enable_branding=0&player_session=%7B%22page_id%22%3A%22017d7b0ed098b72cfff5c1d3b0af7220%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A3587%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A290%2C%22height%22%3A163%7D%7D&pub_platform=&dd=herogayabmodeon.net&sc=2&gdpr=1&cs=&cmp=unavailable
Requested by: Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.3500125a.js?e=ops
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: a8d3322a908bcec706e8ac772a3810a045682d7cf3f1c77a59afa6c11a58bddb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:53 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://herogayabmodeon.net
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.17.0/ Frame C0F7 25 KB
9 KB 19ms
18ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by: Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.3500125a.js?e=ops
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: 570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:53 GMT
content-encoding: gzip
last-modified: Thu, 13 Jul 2017 16:58:06 GMT
server: Fastly
age: 41029
etag: "51d6eff0ea5151f41fa0e2f3310fc7c7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 9634

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.1/ Frame C0F7 95 KB
33 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.1/jquery.min.js

Requested by

Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.3500125a.js?e=ops

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 07:41:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34056
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Nov 2022 07:41:53 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ Frame C0F7 101 B
174 B 19ms
18ms Script
text/javascript 2a04:4e42:a00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated

Requested by

Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.3500125a.js?e=ops

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 3331879
detected-user-agent: Chrome Mobile/96.0.4664
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 101
referrer-policy: origin-when-cross-origin
last-modified: Sat, 23 Oct 2021 23:42:31 GMT
date: Thu, 02 Dec 2021 12:11:53 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/96.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame C0F7 374 KB
123 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.3500125a.js?e=ops

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15a3efce4e527795167d6fb4bb107345067176ddfc514a85cf0ee9a031b07e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126291
x-xss-protection: 0
expires: Thu, 02 Dec 2021 12:11:53 GMT

GET
H3 200 viralize_player.min.8824547a.js Show response
static.viralize.tv/ Frame C0F7 774 KB
224 KB 36ms
35ms Script
application/javascript 2606:4700::6812:9ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.viralize.tv/viralize_player.min.8824547a.js?e=ops
Requested by: Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.3500125a.js?e=ops
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:9ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7318bc5fc8ac665658495b31874188f009d681fd4347e3281c4bfed68b02de0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:53 GMT
content-encoding: br
cf-cache-status: HIT
age: 24
x-guploader-uploadid: ADPycdul_OLTIiJaVOMwJvaO9qrhCqJ-k4HijmbI1qr6TgTo3KNpncadfuEDD-WMN6q1z7YfXcnSEGw9QCAO3NHyBPg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 29 Nov 2021 12:01:23 GMT
server: cloudflare
etag: W/"8824547a7a23c3ff8f493f579fa53c32"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=LBLCBA==, md5=iCRUenojw/+PST9Xn6U8Mg==
x-goog-generation: 1638187283894200
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=2592000
x-goog-stored-content-length: 792364
cf-ray: 6b7475de1fb259f5-MXP
expires: Sat, 01 Jan 2022 12:11:53 GMT

GET
H2 200 polyfill.min.js
polyfill.io/v3/ Frame C0F7 101 B
144 B 19ms
18ms Other
text/javascript 2a04:4e42:a00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated

Requested by

Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 3331879
detected-user-agent: Chrome Mobile/96.0.4664
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 101
referrer-policy: origin-when-cross-origin
last-modified: Sat, 23 Oct 2021 23:42:31 GMT
date: Thu, 02 Dec 2021 12:11:53 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/96.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 advast Show response
ice.360yield.com/ Frame C0F7 27 B
243 B 94ms
93ms XHR
application/xml 54.217.138.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/advast?p=22211303&w=16&h=9&minduration=1&maxduration=60&player_width=290&player_height=163&referrer=https%3A%2F%2Fherogayabmodeon.net%2F&gdpr=&vast_version=3&vpaid_version=2&video_format_type=instream&schain=1.0,1!viralize.com,5221,1,,,
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.138.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-138-163.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://herogayabmodeon.net
date: Thu, 02 Dec 2021 12:11:54 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame C0F7 0
82 B 17ms
17ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?future=1&zid=AAEBdP6h29LnlVAo&hcid=NTg5OTYycFjxTXREJ-A%3D&u=https%3A%2F%2Fherogayabmodeon.net%2F&t=adn&sid=01ec536905c0e1d82cf18e109bb32d01&item=YWRuXzQzNzbOAbfE4S3miQ%3D%3D.1.1fltgtprd-ulji7do558g-YWRuXzQzNzbOAbfE4S3miQ%3D%3D-wp1sc2
Requested by: Host: herogayabmodeon.net
URL: https://herogayabmodeon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:54 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
DATA 200
OK truncated
/ Frame C0F7 6 KB
0 Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
Origin: https://herogayabmodeon.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H/1.1 200
OK 307362 Show response
search.spotxchange.com/vast/2.0/ Frame C0F7 67 B
2 KB 38ms
38ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/307362?VPAID=JS&content_page_url=https%3A%2F%2Fherogayabmodeon.net%2F&cb=1638447113&player_width=290&player_height=163&gdpr=1&gdpr_consent=&custom[format]=instream&schain=1.0,1!viralize.com,5221,1,,,
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-spotx-Exception-RESULT: exception
Content-Encoding: gzip
X-spotx-Exception-ID: SPOTMARKET.HALTED
X-spotx-Exception-Message: SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID: SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require: 0.000752
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000028
X-SpotX-Timing-Page: 0.019405
Pragma: no-cache
Date: Thu, 02 Dec 2021 12:11:54 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://herogayabmodeon.net
X-SpotX-Timing-Page-Exception: 0.000019
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI: 0.000015
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary: 0.013064
X-SpotX-Timing-Transform: 0.000454
X-SpotX-Timing-SpotMarket: 0.013064
X-fe: 075
X-SpotX-Timing-Page-Misc: 0.004184
Content-Length: 77
X-SpotX-Timing-Page-Context: 0.000523
Last-Modified: Thu, 02 Dec 2021 12:11:54 GMT
Server: nginx
X-spotx-Exception-global_blacklist-RESULT: failure
X-spotx-Exception-global_blacklist-Message: The referer 'herogayabmodeon.net' is blacklisted.
Access-Control-Allow-Credentials: true
X-SpotX-Timing-Page-Mux: 0.000366

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame C0F7 0
82 B 21ms
20ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?future=1&zid=AAEBdP6h29LnlVAo&hcid=NTg5OTYycFjxTXREJ-A%3D&u=https%3A%2F%2Fherogayabmodeon.net%2F&t=adn&sid=01ec536905c0e1d82cf18e109bb32d01&item=YWRuXzU5NDBR2c45QymL8Q%3D%3D.2.1fltgtprd-ulji7do558g-YWRuXzU5NDBR2c45QymL8Q%3D%3D-wp2sc2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:54 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame C0F7 1 KB
2 KB 52ms
52ms XHR
application/xml 184.51.10.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11644593&domain=herogayabmodeon.net&loc=herogayabmodeon.net&_fw_gdpr=1&_fw_gdpr_consent=&schain=1.0,1!viralize.com,5221,1,,,
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.10.5 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-5.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 73f36ae658ee52f531604d525fb136c92980465fd9902e60d17f3018ebe7b38d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Dec 2021 12:11:54 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://herogayabmodeon.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1356
x-sticky-va: 1
x-sticky-vk: 1638447114215029-520
Expires: Thu, 02 Dec 2021 12:11:54 GMT

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame C0F7 0
82 B 19ms
19ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?future=1&zid=AAEBdP6h29LnlVAo&hcid=NTg5OTYycFjxTXREJ-A%3D&u=https%3A%2F%2Fherogayabmodeon.net%2F&t=adn&sid=01ec536905c0e1d82cf18e109bb32d01&item=YWRuXzUwODCARic6oZNXgQ%3D%3D.3.1fltgtprd-ulji7do558g-YWRuXzUwODCARic6oZNXgQ%3D%3D-wp3sc2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:54 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 204 /
ads.viralize.tv/track/ Frame C0F7 0
39 B 17ms
17ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec536905c0e1d82cf18e109bb32d01%3A0%3A1fltgtprd-ulji7do558g-YWRuXzQzNzbOAbfE4S3miQ%3D%3D-wp1sc2%22%2C%22bid_opportunity_id%22%3A%221fltgtprd-ulji7do558g-YWRuXzQzNzbOAbfE4S3miQ%3D%3D-wp1sc2%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec536905c0e1d82cf18e109bb32d01%3A0%3A1fltgtprd-ulji7do558g-YWRuXzU5NDBR2c45QymL8Q%3D%3D-wp2sc2%22%2C%22bid_opportunity_id%22%3A%221fltgtprd-ulji7do558g-YWRuXzU5NDBR2c45QymL8Q%3D%3D-wp2sc2%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:54 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 200 /
ads.viralize.tv/t-bid-done/ Frame C0F7 0
82 B 19ms
18ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-done/?future=1&zid=AAEBdP6h29LnlVAo&hcid=NTg5OTYycFjxTXREJ-A%3D&u=https%3A%2F%2Fherogayabmodeon.net%2F&t=adn&gcid=YWRuXzUwODCARic6oZNXgQ%3D%3D&bid_opportunity_id=1fltgtprd-ulji7do558g-YWRuXzUwODCARic6oZNXgQ%3D%3D-wp3sc2&l=vpaid&as=stickyADStv&ct=application%2Fjavascript&sid=01ec536905c0e1d82cf18e109bb32d01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:54 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 3EB5 337 KB
114 KB 17ms
17ms Script
application/x-javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.8824547a.js?e=ops
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6250724039ed93b9a935e138a4bfb656f576e84950c56e719168f4b8a8cc731b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 02 Dec 2021 12:11:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1638447109.dop006.ml1.t,1638447114.cds001.ml1.shn,1638447114.cds001.ml1.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 116217

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 3EB5 25 KB
25 KB 23ms
23ms XHR
application/octet-stream 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1638447114373
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 02 Dec 2021 12:11:54 GMT
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1638447109.dop025.ml1.t,1638447114.cds213.ml1.shn,1638447114.cds213.ml1.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://herogayabmodeon.net
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET
H2

403

/
c1.adform.net/serving/cookie/match/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
https://match.prod.bidr.io/cookie-sync/stv?gdpr=1&gdpr_consent=null&gdpr=1&gdpr_consent=null
https://match.prod.bidr.io/cookie-sync/stv?gdpr=1&gdpr_consent=null&gdpr=1&gdpr_consent=null&_bee_ppp=1
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAGWqk7DUXAAACnt3LjLdA&gdpr=1&gdpr_consent=null
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=1&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=1&gdp...
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=1&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=1&...
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=Yai4CgAI6esyAgBR&gdpr=1&gdpr_consent=null&_test=Yai4CgAI6esyAgBR
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=1&gdpr_consent=null

0
330 B

21ms
20ms

Image
text/plain

37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=18&gdpr=1&gdpr_consent=null

Protocol

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 12:11:55 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

Redirect headers

Pragma: no-cache
Date: Thu, 02 Dec 2021 12:11:54 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://c1.adform.net/serving/cookie/match/?party=18&gdpr=1&gdpr_consent=null
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1638447114905048-550
Expires: Thu, 02 Dec 2021 12:11:54 GMT

GET
H2 204 /
ads.viralize.tv/track/ Frame C0F7 0
39 B 17ms
15ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ec536905c0e1d82cf18e109bb32d01%3A0%3A1fltgtprd-ulji7do558g-YWRuXzUwODCARic6oZNXgQ%3D%3D-wp3sc2%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:54 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 3EB5 301 B
861 B 51ms
50ms XHR
text/xml 184.51.10.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=11644593&loc=https%3A%2F%2Fherogayabmodeon.net%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.10.5 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-5.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: https://herogayabmodeon.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Dec 2021 12:11:54 GMT
Server: nginx
Access-Control-Allow-Origin: https://herogayabmodeon.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1638447114620012-415
Expires: Thu, 02 Dec 2021 12:11:54 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 3EB5 15 KB
16 KB 142ms
142ms XHR
application/xml 184.51.10.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=11644593&loc=https%3A%2F%2Fherogayabmodeon.net%2F&domain=herogayabmodeon.net&reqType=AdsSetup&_fw_gdpr=1&protocolVersion=2.0&_fw_gdpr_consent=&schain=1.0%2C1!viralize.com%2C5221%2C1%2C%2C%2C&auction=1&vav=657abce79cd7770f5eff4c86969d1394&vaviv=1477ff39e2b40d2cdba69e1915dabec1&mustangVersion=1.12.1.6&focus=true&percentViewable=100&componentId=vpaid-adapter&playerSize=290x163&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.10.5 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-5.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9b9b1c3f6d11d47f2243ef68c094f0e06432285f48ca0f62b832fccfcaf108c3

Request headers

Accept: application/xml, text/xml
Referer: https://herogayabmodeon.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Dec 2021 12:11:54 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://herogayabmodeon.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 15387
x-sticky-vk: 1638447114405020-383
Expires: Thu, 02 Dec 2021 12:11:54 GMT

GET user-matching
ads.stickyadstv.com/ Frame 3EB5 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MTVkOTVhYzc4NjI0MjA2ZDRkYTg2YjkwOTE5MDMwNzg=&gdpr=0&gdpr_consent=

170 B
188 B

37ms
36ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MTVkOTVhYzc4NjI0MjA2ZDRkYTg2YjkwOTE5MDMwNzg=&gdpr=0&gdpr_consent=

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 12:11:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Dec 2021 12:11:54 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MTVkOTVhYzc4NjI0MjA2ZDRkYTg2YjkwOTE5MDMwNzg=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1638447114353089-585
Expires: Thu, 02 Dec 2021 12:11:54 GMT

GET user-matching
ads.stickyadstv.com/ Frame 3EB5 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=15d95ac78624206d4da86b9091903078&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

108ms
108ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=15d95ac78624206d4da86b9091903078&ex=freewheel.tv&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Dec 2021 12:11:54 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 12RGWFGNVC20PXX3HG78
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Dec 2021 12:11:54 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=15d95ac78624206d4da86b9091903078&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1638447114520003-406
Expires: Thu, 02 Dec 2021 12:11:54 GMT

GET
H2 204 /
ads.viralize.tv/track/ Frame 7973 0
39 B 19ms
18ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A7%2C%22type%22%3A%22event%22%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ec536905bb2798a1da8bf0c7f2b641%3A0%3A1fltgtkc8-ctlhgr517i8-YWRuXzczNzZymIV0D12Chw%3D%3D-wp6sc1%3A0%3A0%22%2C%22creativity_session_id%22%3A%220%22%2C%22label%22%3A%22midpoint%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A7%2C%22type%22%3A%22event%22%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ec536905bb2798a1da8bf0c7f2b641%3A0%3A1fltgtkc8-ctlhgr517i8-YWRuXzczNzZymIV0D12Chw%3D%3D-wp6sc1%3A0%3A0%22%2C%22creativity_session_id%22%3A%220%22%2C%22label%22%3A%22viewable_midpoint%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:54 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 3EB5 40 KB
15 KB 315ms
46ms XHR
text/xml 66.102.1.154

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BJHcmxMalxto3GMYMHLwJRy0thtSZHLgehXQ_lseRuxiW7TrxC4BbEGeoJLT_Q5B8XsBs6t9FALerSZE6hbQH74U1roA&dbm_d=AKAmf-Bn6P2vlwJoAEQOYnBu4v79g1TvFF4kBPmS723UnUgUDjpanmnuk09Jrv7sPwnnWg7WQS_3SSEIa3VeMTdqzycKZEJvonv6BUnfOmVJY1SjU4EML0LGs_l_rjbikpm1Q6ujtguRrIzUaBiC1eZdKyxgNsajsjfxdipHFrQkvR8YbpEMnO0x79tpe2TavLb5JOveTDzUuDZQA--9Ho7TiWM9GaYLdY69JAZHuI-34FOHmqhz9edSCV8aj_Kdq8wcg4XgbKpvKti0JcTIheFDaCSciN3KQyQKqsS_7g5H4CkaRfUaFrZ_TaZu5e-XnXn_GsSnXjFv9HYafsQ--sofOhNcFtwJ4bcqej0DX-sgedf5imA4a0_hex_tnOV0rG7zVhwsgO60Zl08BSN5MBJsQUG9DTjg7HlCQypKu_UBOJq301hUQvZKq_7sbZy7ae2kZtMtMIvzmAK2HD2nbVqonVMM4V6dCgOqotVWyhe3_B3SMjpw5Hs0d2kddcidKb8gwY8ljad5yZaTWKoVwefGRr46Qx0HL2ngoRzWmpKrqRA9puhlLKXsO7oru_LKvXTyHVrqqhpA1MaGJDfyC4tnyiSevuwoqzRvFv3INM1YSUPd0hQEFFyYHhh6qXEqHZj8NkLFGUnZBPte7t18H0hY20aiaLaGWXTA_KbFqu_HiJUq2rd9mxXxfSnJKHL_Z8X17kdnREF5P3JfXflyo6YX2ILgPLmpUraj0rNNN9TP4kevSK3B0CSUDlaXWYBsa83Gi3qBI0REi81Y8fbW-cs3pA1R1X6x3PEO0YGJVTc_BAfrTjS_ISWMhJ81ehs0mWbZrknEgzaLS4WHOx8WUbOG8iLW_d8BZJpvegtt446qT4kHuGp1R7-HwrA63UEtn6rbE4tcTkONFNS-aKKVo7xWSSXtulP6cg2ogvYcCn_ES5qmOwKuFaSmXqyjBZpYVUUi5IC4f_LJTB7Jw8XumUwfha7T6NzF5bj4wcj1gufM-zgwussMcwuJtMzHZZNVCtW7LaPsVoO1s59jHFbJGSHcT_vKCoC4bQmX7JOGqay7FIta9PQ-aavl-gAwUOCKr7byrAIwURmJANQLKoeUSEYxkbOtX3gerzquvPp6D3Pto6xnzs7U_LEMEgj5WS3R9tsAhBlV48bZFR1BbMHK0NRAlYXe5sMVHBxF4M73rRx82cJpVcAr6-SSD0fg7BaCneZxcTDjsxLhBEgi97cL__WxxGSypC1z5_RqmvsAdALzfNymUaPR_RhZSus7SYNVH9l7dE0zgueoNJvdiY5qx8O5WUjXRXd62ubfoD3P0CP48g16ZKRbfX2l7_Gfsx66tZFRV3JaDGkalkJJY_4rg4TAfp8ssQklfn4U5qk1WIv0f7_uOywh-m8NHtU-B0-wmDUE82I7ZK25xhDxXrGzyjjOnS0O9Ytvnn53oMjDzVm10VoYXWfjhc9QEJJYQoDgF0IgkD99-nL9joT4CRJLPhrqrOxof_84bKP5XdRzPCstRws1zUVasnfyEF__YDVvAzpNkMC44ZTF9K6woR83QW1vvQxeau9NgsWVwhpiNyYDQwC3PfwspZMCqWghJMCo6wJooJR2pPYam3S5YItpu5jp9I1OLCudSdaoYhbZz6yEqjJyyvlYkHoeX17cOpDMSOtvLoxG39e_l5hsywXp5dXagBRxU--Z5icReSsTNYKShKyGIN_x9SVHr8u0HD78CDS9F7kWlsYDIKuzlgbtEYlWSWXdaze9ukeMZpp2-Py0u7IGh42NzYSxSyuk_QHpfItdCP0i22yvp6tTi6A0JuxoOMU_hmcfJDJfOobHXUxu6NVIeXu9T0VzphitdKHfFce97O9RkM29yUUysL_8wwh38wLUUN8G9vdjTfaJIw31ZwhmdRbIcw86xDWCBK3N__Y7X8517PRtXjMgyOZ6CtP1HnAAUZn1GCHDo0w48jdloopL_chjzgJalyhiTjp1soMQdrRlnLMAdDHEhlP9hFeE5r7-svPgMQt3qIfxNpoIY2ohycwoiy-gjeIEyV9ST_vsBfU7HlIuVimrAuRj20JmRUBwWPKO7wchSsk12CI3Zr1xSOFZm_akEh_km7L2hbJDuo0Z4SzIXkUC1a958MywaCc7MadLfO5f3hQBvXoGmc0SDePkgc5hkN3BNwFlT-5xGallc5qXBgPdAnouGJb3id58HBbI938xgmYuo7uHQhBXc6Q_7xUXw7n1QwXGHP3fv_-ZHcuc-m-YdEJqPvCvRavDHIg7A6PMV--OFTpere0d8EKjtkr25RE2FPlfSFj-qNRyFXB8yL6SAhKYbZNsNHMDN_9HSlVzyPeBKsknS5R1DWLNUTMmRqvK8u8pu1soRoeT4LhTi172U-9P4r3gcCMBxRcvGybWSR0sXs5VV3CkbAO3UrFRBlIdIBk7k0egRlOSw_cnJnMF3PhQi372iGU9fwig7BotYFecIIZACwmv0xZlgZyovbEN7HVixgR07FML6kWaulIdY0WGsMinTD38j7T7Y0X8hlsMdEL2CeGswLgLM6PDgftu4_TwbV4VnwT38CrNX2WisVYBNjDmm76paEgW56sIDsCG6EdFnqwwgEmsJHpf-5IfndRec9pWB7hk-rRkNOvHU1EzB8t972r9LrDGR9KABKYtTLIBn1qD78hXPmG1DRSmsCnhq-Z4qCtg_WsFxNe7pJBLSEIGgfs9yddsc4QMgFeCHumVpeEk9I4dA7qBvBXBmvmolASKn2poRWXdzWzQzbj2x0ixRoLdX-N5gWdCR_MO6ka4CcpcBsHViMToa5eFJwtyNamz5AIU1iBRumTjz1Cubqe6lfy5qx_jQQJCck_o4dqIZmevF9X7TjoKqfC3PUhgBsriSSS2Kwo3m6ur-gYQR54QSNNSMmLOYyt2b7blAXeNIcgvW7vG9fWUjMUOCuO5roa-Fe7b7GvEQ_mKrtnUJx0EODkhMUNi59gjAa_2JjuXLCNpk6PmvXlbmz6i_SldSksbCFScYYHOOQ0qSaimSKBBdDQBWBChTFG5mA6Na04IKJz6P4CorC8YdI5NmX8vNLzawcTLS-eUGMjjKTq8Mt2Gnb2h_AZxcebju6eHPY5PfKMpYf3_DRUVzOddMOfHSFcbp0B_zWRS8A9cWGu1VGtDfgp7uKrj6IkkxX5UaLOGsCOa2HIP4Oc&cid=CAASPeRodHwumJQTBMKwl-cb_eosRK8keDfcPr1aauWDlc0DG0UWRFqwTKBFFb4tuY1scmFYyPCJfcQnW4zUwVk&pr=42:5.3100000000

Requested by

Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.154 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

f26913c044bacea79b8c5c9088b324c70f50d6cf34d2f5ec39b2996761f228a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/xml, text/xml
Referer: https://herogayabmodeon.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14999
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://herogayabmodeon.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 moatvideo.js Show response
z.moatads.com/stickyadsjsint111745259950/ Frame 3EB5 315 KB
106 KB 57ms
19ms Script
application/x-javascript 184.51.10.56

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/stickyadsjsint111745259950/moatvideo.js
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.10.56 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7daae6341dd400b47dc7a719159ad9ec3134f91bd90b715485c5f98ffa067ba8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:54 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 14:49:08 GMT
server: AmazonS3
x-amz-request-id: P9CPE8PM86F11QYH
etag: "57996a371bc6c5b115579d3f17d9f7f5"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=64205
accept-ranges: bytes
content-length: 107979
x-amz-id-2: WsaT+bpgBgmGAl7rcL0gPhqZsggJtp3j1+Z0fi/2rKiwngO89HepmZgMAK7Y+Zms05pcMO72HJY=

GET
H3 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 4418 44 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js

Requested by

Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a6e1b9a0b4aa644418834c83099c3f0b7656ca2c8d95b3429843db58e9f017e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16335
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 18:03:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Thu, 02 Dec 2021 12:21:41 GMT

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 4418 374 KB
123 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15a3efce4e527795167d6fb4bb107345067176ddfc514a85cf0ee9a031b07e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126291
x-xss-protection: 0
expires: Thu, 02 Dec 2021 12:11:54 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4418 0
442 B 67ms
43ms Ping
image/gif 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init&vps=0.7955265875153039&wt=1638447114949&sdkv=h.3.490.0&xai=AKAOjstEckyeo0nbpWtm5OoO-KnGeCnEcgjlhcFetYv59AH7cNuRPteSnMdSLbMTFLGFF9AKVhSkWUcdw2IxFLJKq46jfUEGbNPrp1TLzHk6Hr1yJF3lY_fw57xNCI280JsEpb8SyTFp2Z5TupX2GB0pPvDZL_JKeNN27hKGXUzaq2gPrwEgpTJeTzEIOzyHDI48KKWwhYnljFRzvPvk-0r8lfB6OcBa4p3aCubfWIsCBXji3ll-mGq8cxA1cJm91CTx1x7rjMm4nXJNqnmuogqkBdirh5WSFzhvI8okUnoZBKqi1LVr2g999jBlL4ZJoV7WYEPP3AeUnRa_R1vFdNaqxfocVse8QV3HqJ0oLvOfeMoJgcLNQlBE-SxNrhZJlv9y3zCSuXB1PDrKt6F7Kqs9Ra90iit0cUDqeJoq0rpaUXIt5gyUtI_G8NLxugKp8r_TXcRJQz2ORubjG1emIZNmzf9MFcXOVOsaEzas33ATpCTm_F4EvzMFkOGjMmHB0VdQ1OU3mPG6r5s7es_GdHA5zNkCk14OCz0Q7xdOUljkU45qdsVMaW8EQ5yq0KulHLkoFwB8ATNXbWe5_eXnrm28NK04bGw9Gyn3bskL3Juj-nxP8RN1wFPfc4G-ORdTbxNZIvK_i1twSHndA7qs26sdgHQ0bXOWffoixxQrXnvjTreJQN0V3fIfOAm6uEFo-h4YNe0cOCyUyfTE5hF9FbmXz_o1Vl1a54W6byLTQdk2W4CEOGqzjR4eB98ESRKUTBT3JMXioneMnBO52GMdlFZQJadD77X3i67H1RvEsajO-ha6ETHchYM68P1BeLzJffKEdaO9peUeYwkLI7cmSvFMWkjO4xvHMktOwn6DmJp8_P0c9FJ1OsDqcc1WxpcRcKKLZj7zLc17sMEe5eKtUsYo3VdNtQjPpGHzudfX4ySC4E-b6eZ2oA2ElisWPPft_zcT3mfA40fiq3YP9ZG2OwZNQ1BJmuao1IUG3d26bXgvbiCO4bxHhrFZfIqG4SQiWUy7Mx5Xnu4msdgZx-rX5VkSWnhRC-0XBep-yg0jhFcK5S4FGMNHSfHj6-p6RtbNfGz4XIt9OC2TLxu_kRYtAnvKCwvV_5M6cW-Duc3Vb7UXAgOgKt0e0hgZgFEdDJ0WuPLQ45fOo1y_6fmZ6DBaibcMth1a991i8SZEaP2jGNebcDJTCnNn-TnR1GsGQ6DxqSDe5ZVB720&aid=499028467&len=00%3A00%3A15&url=5,https%3A%2F%2Fherogayabmodeon.net%2F$0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 12:11:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bridge3.490.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1AA7 595 KB
193 KB 7ms
7ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 197951
date: Wed, 01 Dec 2021 03:09:00 GMT
expires: Thu, 01 Dec 2022 03:09:00 GMT
last-modified: Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 118975
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 4418 44 KB
17 KB 47ms
19ms Script
text/javascript 2a00:1450:4001:830::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Dec 2021 12:11:55 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4418 107 B
549 B 58ms
23ms Script
application/javascript 2a00:1450:4001:809::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Dec 2021 12:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3FC8 37 KB
13 KB 27ms
10ms Script
text/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 11:22:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 02 Dec 2021 12:22:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 26ms
18ms Image
image/gif 184.51.10.56

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=STICKYADS_JS_INT1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1638447115052&de=485703358939&m=0&ar=553ffc12ef5-clean&iw=588b5a4&q=2&cb=0&ym=0&cu=1638447115052&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=1134609%3A7649553%3A11644609%3Aundefined&zMoatPrivateEx=123&zMoatGSR=1&ph=&pj=standard&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fherogayabmodeon.net%2F&id=1&ii=4&bo=N%2FA&bd=2104357071&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=2104357071&zMoatDomain=herogayabmodeon.net&zMoatSubdomain=herogayabmodeon.net&gw=stickyadsjsint111745259950&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1344%3A1344%3A1961%3A1484&fs=195402&na=1770481605&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.10.56 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 12:11:55 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 02 Dec 2021 12:11:55 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 1AA7 0
327 B 767ms
267ms Ping
image/gif 2404:6800:4004:824::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kwox3x63&c=3620154799765&slotId=1810077399882.5&fb=ima_html5-lima&sdkv=h.3.490.0%2Fvpaid_adapter&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=18&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:824::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 12:11:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4418 0
54 B 733ms
268ms Ping
image/gif 2404:6800:4004:824::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kwox3x10&c=3620154799765&slotId=1810077399882.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:824::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 12:11:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

54
r4---sn-4g5lzne6.c.2mdn.net/videoplayback/id/ec29c76eabfdbb06/itag/344/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3768126023/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame C0F7
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/ec29c76eabfdbb06/itag/344/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3768126023/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r4---sn-4g5lzne6.c.2mdn.net/videoplayback/id/ec29c76eabfdbb06/itag/344/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3768126023/sparams/acao,ctier,expire,id,ip,ipbits,i...

0
0

GET
H2 204 /
ads.viralize.tv/track/ Frame C0F7 0
39 B 16ms
15ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A10%2C%22type%22%3A%22event%22%2C%22category%22%3A%22player_session%22%2C%22session_id%22%3A%2201ec536905c0e1d82cf18e109bb32d01%3A0%22%2C%22player_session_id%22%3A%220%22%2C%22label%22%3A%22activation%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A10%2C%22type%22%3A%22event%22%2C%22category%22%3A%22player_session%22%2C%22session_id%22%3A%2201ec536905c0e1d82cf18e109bb32d01%3A0%22%2C%22player_session_id%22%3A%220%22%2C%22label%22%3A%22viewability_available%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://herogayabmodeon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 12:11:55 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 200 dc_oe=ChMIudmOkovF9AIVh97eCh0qewq6EAAYACDC6-ZIOhoI0N6nrQEQ9K3n2s4DGO69od0DIPfap9aCDkITCJqy9pGLxfQCFc_a3godrJoGJg;dc_rmcid=CAASPeRodHwumJQTBMKwl-cb_eosRK8keDfcPr1aauWDlc0DG0UWRFqwTKBFFb4tuY1scmFYyPC...
ade.googlesyndication.com/ddm/activity/ Frame 1AA7 42 B
494 B 79ms
42ms Image
image/gif 142.250.186.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIudmOkovF9AIVh97eCh0qewq6EAAYACDC6-ZIOhoI0N6nrQEQ9K3n2s4DGO69od0DIPfap9aCDkITCJqy9pGLxfQCFc_a3godrJoGJg;dc_rmcid=CAASPeRodHwumJQTBMKwl-cb_eosRK8keDfcPr1aauWDlc0DG0UWRFqwTKBFFb4tuY1scmFYyPCJfcQnW4zUwVk;eps=CIDhgHAQARgf;av=1;acvw=sv%3D908%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D662,999,662,999%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D-1%26vmtime%3D-1%26is%3D0%26cs%3D4096%26c%3D0%26mc%3D-1%26nc%3D-1%26mv%3D-1%26nv%3D-1%26lte%3D-2%26ces%26femt%3D94%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D302820592%26psm%3D0%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D537%26pngs%3D9,14,15%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1638447115271;ecn1=0;etm1=0;eid1=210006;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 12:11:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST csi
csi.gstatic.com/ Frame 1AA7 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c1.adform.net
URL: https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: r4---sn-4g5lzne6.c.2mdn.net
URL: https://r4---sn-4g5lzne6.c.2mdn.net/videoplayback/id/ec29c76eabfdbb06/itag/344/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3768126023/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4FEAF44FB3721B750FEC98B8DD98312BAF480B9F.0DCD069C8AD4A8064A93ECF2DCF97C9128E97A5E/key/cms1/cms_redirect/yes/mh/bf/mip/2001:ac8:20:303::203e/mm/42/mn/sn-4g5lzne6/ms/onc/mt/1638446344/mv/u/mvi/4/pl/54?cpn=rY6DOncTasELF37c&file=file.mp4

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kwox3x7l&c=3620154799765&slotId=1810077399882.5&fb=ima_html5-lima&sdkv=h.3.490.0%2Fvpaid_adapter&mrd=4&aab=1&itv=1&gpm_i=18&gpm_c=18&gpm_a=15&smb=1000&br=878&mt=video%2Fmp4&vs=640x360&webm=4&vp9=0&vamt=video%2F3gpp%2Cvideo%2F3gpp%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Capplication%2Fx-mpegurl&hvmf=false&vms=1&bit=344&vsrc=doubleclick_dmm

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
applescringe.com/	1970-01-19 23:08:53	Name: GL_UI4 Value: eJw9jUtugzAYhHnTKAV1JA6QIzgRUFhWPUSXyGCbuAH%2FkXGDevtaldrVfJqHJgiCqCoRPrIY8RdvcBpr1nWK1e2oet68MnXp21qpqWvFpemUwkFvg%2BPjIl2C51kaafU0TCRkgRcf%2FTk3Q7tJkI6WG1EgXX1jKZCPlvZN2ipGYvgqkb1fLXlNV%2F5JFlHfetTGY8gQ0VbF5QH5hzbC78ojojMriyzA8b5wp8iugxZZiHS2XEiEb3iauJMz2W%2FkQm43R3eAFjH8939v4%2F3MkAn50JP%2FJneV9gd3Ukq3
applescringe.com/	1970-01-19 23:08:53	Name: GL_GI10 Value: eJxljNGKwjAURGu6VkVRBvyA%2FoCFakF8Xuv6oN8QQr0tQZobkrjY%2FfrtKoiwb8OZORNFkVjOIbTFLN9tsvU2y4usKBA3xBD7ErOKbya4ThrVEkZf5FplOiSOGs0G4lhi%2Bsyy4gthuC9Xb%2BxhDY%2FkPeGj0qEDDk6Za31zIVVtelbaYPJXPPVlr%2F8fxNpbjM%2FrYpuewgUTQ0F6S9THT3aWnQqE%2BYs%2BrpIYY%2B2ldXzvkgEWQbf0w4Yk17Wn0KPBdyJ%2BAYbUTFE%3D
ads.stickyadstv.com/	1970-01-19 23:50:39	Name: UID Value: 15d95ac78624206d4da86b9091903078
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: c5a46cc53db71abc582c701fae66869b
herogayabmodeon.net/	1970-01-19 23:50:39	Name: _pbjs_userid_consent_data Value: 3524755945110770
.herogayabmodeon.net/	1970-01-20 03:26:39	Name: _pubcid Value: 14244b4f-08da-494b-b1b0-d23daebf50e7
.tapad.com/	1970-01-20 00:33:51	Name: TapAd_TS Value: 1638447108533
.tapad.com/	1970-01-20 00:33:51	Name: TapAd_DID Value: 573a2b5d-2dc7-4f9b-b9b5-f8061311438d
.360yield.com/	1970-01-20 01:17:03	Name: tuuid Value: 588794ed-6fef-44a1-85fd-2d7b55f2bc00
.360yield.com/	1970-01-20 01:17:03	Name: tuuid_lu Value: 1638447108
.herogayabmodeon.net/	1970-01-20 16:38:39	Name: _ga Value: GA1.2.966286993.1638447109
.herogayabmodeon.net/	1970-01-19 23:08:53	Name: _gid Value: GA1.2.1154363193.1638447109
.herogayabmodeon.net/	1970-01-19 23:07:27	Name: _gat_gtag_UA_117514098_1 Value: 1
.spotxchange.com/	1970-01-20 07:53:03	Name: audience Value: 06828928-5369-11ec-b3e2-11e121d60006
herogayabmodeon.net/	1970-01-20 08:29:03	Name: cto_bidid Value: o4QQaV9mVUJLJTJGWXV2UlBCSEFDRmZlUlo4aTZRcE1LQWFvNUElMkZ6ZWRHeVdSbmJIa1FJQlJ0RldsQkJqcU44clZqQ1RwNUI2ZFU4MFZuVnhTRHl3TGp1TVVIaEElM0QlM0Q
herogayabmodeon.net/	1970-01-20 08:29:03	Name: cto_bundle Value: YkAszl9nb2prbkE4ZE15R0tKOWdiQ1ZXVU5sRXc1UmtrUEdTVTlRYjBPbG9UdlpsR3NCVHlzTXo1ZlZWRmprNFhNVWVxbTZaZnlyWnI4d1ZvRWdFcExYOSUyRiUyQnRuQTlYUjBIQkI3Zk85JTJCaDVFWmxZaCUyQmZMRE95aGJNZDhXNUxCNWhzVCUyRlQ
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: pxId Value: 9777
.fwmrm.net/	1970-01-20 03:26:39	Name: _uid Value: "g046_7037076749381021325"
ads.stickyadstv.com/	1970-01-19 23:27:36	Name: uid-bp-30833 Value: 1
ads.stickyadstv.com/	1970-01-20 00:33:51	Name: uid-bp-36033 Value: g046_7037076749381021325
ads.stickyadstv.com/	1970-01-20 00:33:51	Name: MRM_UID Value: g046_7037076749381021325
.doubleclick.net/	1970-01-20 08:29:03	Name: IDE Value: AHWqTUnF7sSCZ3xGADgjiKhAFHVuedMOIYSCp9AF84cmfH6IyqtJDEWda6ySwJaZPU0
ads.stickyadstv.com/	1970-01-20 00:33:51	Name: uid-bp-159 Value: CAESEIjGo4UUQGMZOKuaDspoXqo
.adsrvr.org/	1970-01-20 07:53:03	Name: TDID Value: 19f654cd-9b19-45ec-8ff0-e960ed92d48c
.adsrvr.org/	1970-01-20 07:53:03	Name: TDCPM Value: CAEYBSABKAIyCwjg6P_j9OWaOhAFOAE.
ads.stickyadstv.com/	1970-01-20 00:33:51	Name: uid-bp-892 Value: 19f654cd-9b19-45ec-8ff0-e960ed92d48c
.yahoo.com/	1970-01-20 07:53:24	Name: A3 Value: d=AQABBAW4qGECENEAGzVsoEKfF75K12bWZt0FEgEBAQEJqmGyYQAAAAAA_SMAAA&S=AQAAAmgHFtYCMp9KugqST0znR6M
ads.stickyadstv.com/	1970-01-19 23:50:39	Name: uid-bp-717 Value: y-XyNV_k1E2oOUIrzgbptVFLboLYtlMezJhwEGEc90~A
.adnxs.com/	1970-01-20 01:17:03	Name: uuid2 Value: 5053986235622163336
ads.stickyadstv.com/	1970-01-20 00:33:51	Name: uid-bp-951 Value: 5053986235622163336
.instreamatic.com/	1970-01-23 14:43:09	Name: uns Value: MOIQKXNLLFSN
.mathtag.com/	1970-01-20 08:33:22	Name: uuid Value: 095461a8-b805-4000-a84f-10755b990a6d
ads.stickyadstv.com/	1970-01-20 00:33:51	Name: uid-bp-529 Value: 095461a8-b805-4000-a84f-10755b990a6d
.w55c.net/	1970-01-20 08:37:41	Name: wfivefivec Value: VCfYSWcy1MSKWi5
.w55c.net/	1970-01-19 23:50:39	Name: matchfreewheel Value: 5
ads.stickyadstv.com/	1970-01-20 00:33:51	Name: uid-bp-23329 Value: VCfYSWcy1MSKWi5
.adform.net/	1970-01-19 23:52:05	Name: C Value: 1
.adform.net/	1970-01-20 00:33:51	Name: uid Value: 9091967886728057247
herogayabmodeon.net/	1970-01-19 23:07:30	Name: _lr_retry_request Value: true
herogayabmodeon.net/	1970-01-19 23:50:39	Name: _lr_env_src_ats Value: false
herogayabmodeon.net/	1970-01-20 00:33:51	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%2219f654cd-9b19-45ec-8ff0-e960ed92d48c%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-11-02T12%3A11%3A50%22%7D
.herogayabmodeon.net/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1638533510724
.live.streamtheworld.com/	1970-01-19 23:50:39	Name: uuid-s Value: df2d9926-0158-4a13-a549-9cec3f4bb70e

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://houndcost.com/6c/ff/b6/6cffb607e83863201ff1cf1c7f1117e6.js Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://ads.viralize.tv/display/?zid=AAEBcUL8IcPI7WwA(Line 3) Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent= Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://c1.adform.net/serving/cookie/match/?party=18&gdpr=1&gdpr_consent=null Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
adrta.com
ads.pubmatic.com
ads.stickyadstv.com
ads.viralize.tv
adservice.google.com
adx.adform.net
ajax.googleapis.com
api.rlcdn.com
applescringe.com
assets.revcontent.com
bid.g.doubleclick.net
c1.adform.net
cdn.ravenjs.com
cdn.revcontent.com
cdn.stickyadstv.com
cdn.viralize.tv
cm.g.doubleclick.net
cmod576.live.streamtheworld.com
content.viralize.tv
csi.gstatic.com
eu-ondemand-impression.tritondigital.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
herogayabmodeon.net
houndcost.com
ice.360yield.com
id.crwdcntrl.net
images.outbrainimg.com
images.revcontent.com
imasdk.googleapis.com
ipds.adrta.com
log.outbrainimg.com
match.adsrvr.org
match.prod.bidr.io
mcdp-nydc1.outbrain.com
mug.criteo.com
odb.outbrain.com
pagead2.googlesyndication.com
pandg.tapad.com
pghub.io
polyfill.io
px.moatads.com
r4---sn-4g5lzne6.c.2mdn.net
s.amazon-adsystem.com
s0.2mdn.net
search.spotxchange.com
secure-assets.rubiconproject.com
static.viralize.tv
sync-tm.everesttech.net
sync.richaudience.com
system-notify.app
token.rubiconproject.com
trends.revcontent.com
www.google-analytics.com
www.googletagmanager.com
www8.smartadserver.com
x3.instreamatic.com
xs3.instreamatic.com
z.moatads.com
ads.stickyadstv.com
c1.adform.net
csi.gstatic.com
r4---sn-4g5lzne6.c.2mdn.net
104.96.145.246
142.250.185.194
142.250.186.162
151.101.114.132
151.101.66.49
151.139.128.11
157.90.33.68
168.119.79.223
178.250.0.157
184.51.10.5
184.51.10.56
184.51.9.34
185.86.137.113
185.94.180.123
192.173.31.106
192.243.59.12
2001:4de0:ac19::1:b:1b
23.109.87.118
23.202.54.36
2404:6800:4004:824::2003
2600:1f18:26d4:7e01:316:4277:55f4:202c
2606:4700:3030::6815:297d
2606:4700::6812:640
2606:4700::6812:9ca
2a00:1450:4001:808::200a
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::200a
2a00:1450:4001:830::2006
2a02:2638:1::13
2a04:4e42:400::729
2a04:4e42:a00::282
3.33.220.150
34.120.133.55
34.206.191.36
35.186.238.232
35.227.248.159
35.241.45.217
37.157.2.235
37.157.6.247
40.80.160.49
52.213.21.126
52.215.67.233
52.46.130.91
54.217.138.163
63.35.242.195
66.102.1.154
69.173.144.139
70.42.32.95
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
036a274edb2fcc34853851c55e307930e8a634aa926224a4781693d62e575f28
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cd9d800b44b9345b3f5e1b84a990b090ebcb531f66d1ed0389eb98dfdc9634b
0f636bcb706018a1581f27f57642526696d1514fac9e8809203f3dc61433ecfc
15a3efce4e527795167d6fb4bb107345067176ddfc514a85cf0ee9a031b07e55
18118e9dfbdfd7028ffabdd32a9d492a57d9ce062bd850c2f1bfab2df40d3f79
1959a266232d9d47f99d15eeca6f40ede737f52fc1179c1112c91cb7068d3bc0
1a351afa5482e6f9f4f6e85e48bc4510e5223af7c06abc66c142986500cb2f45
1ac257968156552601d57bf59ae9d2ad6509eba5e3fce756da7437ac9bd92522
1af1c038d36afd0883ffefdb8a5e1de2112b854d130bda87b6865603983e8fe8
1b84a3749834419c4f6d8df1f9d4c82c49c5a011f5df6d8df778f6ff6bf69341
1cdccef0f0b71be16cb6109b6aca4712143bb7ffb860c7a0fb582de592807037
1d199cbfbe034723111a3a8f15fe532d4405742181305a8cb74a7b0b0a921690
1f560c3e9fb5beeed86da7d5be1ae459c22af6ec1d58f77e2a89a20063ef7ba2
20fe16a01a216b2d4f0f006f1e3853545ee782e1a8df25d850aeb358dfe52309
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9
25ffebdf1715b6a205ee1ec6e8990617b18e0f250fe02d0e4eedec3b63622313
285e5b51d1772ca942a380e84f4aa96547ef5081fe80c119d579a5cf4e198924
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2961723af0339859552678f4f9a6704728d6398b4e7f62611ea5e86477261d12
2965635f76b231e9d0fc62b5bc9a722c62ca816eb2b0d8546844af3a9affb997
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c32c331c6e8de3b9aa3cfaec1cd5c295e848484d7925832a6aae6c2e0c3ea14
2ce845d77db4a008981bb059773ae3b8c0243a9366c20e8786544e7594495140
2f05e586e78d7e085150be0daeaaa18f104f37f5135e67f4d22cc24455ad6a60
33ab56121e594e7e1bbd4e3f438e716d169bb4230a9319d93ab2d06c157ba172
3539e71564ed1010478020e559b88b87b3d72245ecccdad41de7b9d25d1ee788
3764fb762c4a8ab8b17c1dbb5d71b90ecf59b07302fc5bb5db36944694a8c990
39a1293abde96ba5de096c5481cc3f55072da676c5a8fd5761b12a7fa83804f2
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40940e7b5e53765228e27af202e0650a8f0b87ba396135c2e876b81772a8f7cf
41016149f06c48b182a5e89359acbfed1684f998e6a671d8bff606f61e57e41e
4221dcbb3fddc78e89ff0a588f836b0782d6893c93f790bc1c726b380fa60632
4275d92390aa1c2bbece7b51e682942ad59e4e6afa1c0fcd09d057906c292e04
42b1291f205e30914c1ad28643764cce277a03c4f06d2b828058697c56dcf58f
448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7
44a000718bb06a5e738c356dbadaaf7484c376fc716021e64f67da1976358aca
4703654c25ba10f637d0e7be84ec8d1e195a224588c75e6e34c07a45d6ef281b
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4ca49dec008b754bfd970cf2a7e4fde52eb914e00658f680b168ed945d6c21aa
4e723d109acbb6de9c7dbb952d0bdf89f204d94de46dc5f0a6675c88d45915e3
51185d648f3f3050cefec1a61c5fc64cb45670cf9a6cadabca114eeccbde1f28
51b5e77f332b52c78b493347f2a9c4e16c40f2e8b5f896b2b55b989d50dadea0
5575e52a60bf852e45d2b94fb88ba81f52c327dc1cdfa8d1aa5e3721f97132bd
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74
57a443bc798739908014bc1b3e4a0e1db178a2e8d00d90f889a7840693d7c928
5a80590eff46011debf23e3df98e78a7a8f59adf6887e63587c0248699290e3e
5b351d1d009fa84929b6c3b60ea5a1f2899fd31be136964f52be498e7bdd20ed
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
61a7c7ae6249802023a2fcc65cb355bcbd6ddd55c6b256ea6fff16ef1f360f35
6250724039ed93b9a935e138a4bfb656f576e84950c56e719168f4b8a8cc731b
6252392fbb8815e5e747f2f3c20df427389d03cafa08e6ca7d0abdb020413e8b
627f20670c6ae3033f9dfcd9ed34f3e175c51151398618d49f8b26cab9c975d3
648c8ed5533d6eb5b55fee8978addbd18810e38d01d942c1fd8850b4d306c45c
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69d687d954af72ab96a83a5ecc08ecacdd403759f750f0c3761d000bcd296391
6a6e1b9a0b4aa644418834c83099c3f0b7656ca2c8d95b3429843db58e9f017e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb57686c77bc147d93f5012eee030116ae9d282651b872e477ab01108a87744
6e5260e9bf3e362932a235270cd5d9a6053f17398de223bbbe77339cc200b8a5
7318bc5fc8ac665658495b31874188f009d681fd4347e3281c4bfed68b02de0b
739d18b1ec11338086ac3c72c91834682c937aa8b73cd4f3f4af98cd41ee9536
73f36ae658ee52f531604d525fb136c92980465fd9902e60d17f3018ebe7b38d
76f8a9eb466d7518c04006ff4dcd2d949867935b686a96d1d80786c9ecf593bf
777e6a69bb8dffd6b045f71b955dfdfd55137e72c3199f17da65cc2787fc2d89
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7daae6341dd400b47dc7a719159ad9ec3134f91bd90b715485c5f98ffa067ba8
7f6f206a5bb3643248ccc27357df92f815decd9e799a1689f4ee7f03863b256b
80c4b3e63ba3b3f4597c8511359e3219d9c87f4fe6f31eecab036067ee19ab88
826981559fbfab643e8dd512589eae3ac6901097b9417038b344d6da37712069
86d2d9b569b96e40e9d8d51322980d729cc34f7e299984639ae15aa9a96d4991
87407ea11ebe411d041d0bf346ff90062558a0dfb56b640ad51bdf0a04ee13f9
87e5010c6a6283bb6547a3a4f41065f64e446628a914f1a109972bbe7271441a
898e090ddd6e45a345a042f2b99c5340282d62e7765a5eba710a512d0e26c7ee
89c1c7438228f135a6e7aa0a9ad3d3b7e1a5090b3d18548c190bb7fa494267db
8a29bfb897febc93d00195daf48215fd3c85cb47fb5f67f1677aa294b187f80c
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8b7229ed0e246c632db97fbd94398a743d394e9a0ebd7ace80ab4d8c1212f018
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0
95ed7f15fd63a1d18f9ab3742d13f69ef08a08f46da77dac5bb9c7414f42068c
9b9b1c3f6d11d47f2243ef68c094f0e06432285f48ca0f62b832fccfcaf108c3
9cd1b5630bcc34ecc71dbcbdfe45ddb9ed3cb4c0464a2abeb76bcc490635e376
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0c1f8ec9e4b6809ae8ff3dff9e5c4e380f51aaa1ba4910df392fc8f875033fc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23774e2075db6c123ed6e0fba7e83fc765bec764bcf56d025c009bb38561c5d
a285337ae3fac1859a2f626f20d9a8d1a46e36e59ef427f85e7deda94afffb62
a39ab0eb7b414b96c0e934c72070071ba2cb942caa8cd243a16d22efaa7a6276
a42007df8e6aa1888dada928b823a53d50a1edd488b2e7da231287e893e1cebf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a80616452f71e470a6d5c562faa5a8d1a9424a716880426cdb08101ea068cfd2
a8c1883b9e9af2d6d6f791d51ef4ba5eebb7e06afbb6ab42ac6067e81373460a
a8d3322a908bcec706e8ac772a3810a045682d7cf3f1c77a59afa6c11a58bddb
aa2b2d0cf106a434908cee5c414593d2e10e5f23a4f27a5da17db33c049eb628
b5734271e1c5bf3b2eba0e22d76c41cd7917e9f85734e11aa5e0256a2e16fa5d
b8f7c139db95be71ca306c97da5f3c4a3ac428a365a3772e80ceee2afdf95b6d
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c018976d0fe1b2745dec151ddc9eeb1242b8ea1b4503a807daaf4d33db360c3a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c81d385094258a16ed73e19cfef6b5ddd91ffcd692474281cc7b73b95f71a545
c89be6283119e6a5e0697631c33c4eb5f2f86cd6ef09f9ce3272f491ca54e263
c9c26b3f327581fb64a6a01e8bafdfc56f98c6aa1cd7e46fe53404d7cb47b079
ccae22216135bfc9963e409fabad85d246903e45bbae363395c9b9b03fa81a69
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d33ba6b06fd15f407cecad06aa4bc1184064d9d8a8ee682b870a132c642dbc19
d376f74d53d54eb8fc75abb8074b33b24c1f5d7fd2673fdb136930ffd0b256a1
d3dbf68d8ef621c0f5e3ac5b3be0bbfeef20affc42f5bef08946f48d02f043bf
d6367d049d86c2916c0ec798d5606dae0b887a1305fcc561b8d58586bf38f7f0
d8338b3d869968da36ed7d843b798b64276fa0ffca33c6dc605d066b2c044eb5
d89ddf30ec7c8687516d93e8cdcdd2b892d47e6fd7cd166cdb839283203edf5f
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da77f28bc652a3fc9c9e7c5729fa764d8331ec6dd00eec0b7bf2673e2dc8f9ff
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
dd8e46fc2eb351c9d21c38ef80fb28a7dba83cc5104a24f2db55aefe3fb8dc86
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7808fcae9eddc6c81908f43c593e4bdc4b9b2a54e2195f2dcb95ea4e299e444
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088
e9f81e200ad3c710663c8802ccf0ae07f31f633b050b7a0951e1ca477013dfba
ea48b9aa482544eca9263ad3cd25a90883711d5fb20581271e84ce7bc0fbc6de
ec506f58f621892903f2e36a5d515c3760dee3c90d98af1a3be73509f5694e18
ee552cb1f80078a5fe8ec6f02a5de13f8c8f02cabad3f4b251e03f6bb58f977b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04461bf185a9b1b98822a1c1215230df88490adf06ad09069823fec75162a83
f26913c044bacea79b8c5c9088b324c70f50d6cf34d2f5ec39b2996761f228a3
f5aa8856c0398f765070f6106712503bf0ea2feca457488212bb70b1319f99af
fe9dd9ce34a02ec93fc363de5b22b466d268cf052cedbef308fc78f5004e9040

herogayabmodeon.net Open in urlscan Pro 2606:4700:3030::6815:297d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

245 Requests

93 %HTTPS

34 %IPv6

40 Domains

62 Subdomains

51 IPs

9 Countries

4694 kBTransfer

10460 kBSize

43 Cookies

11 Outgoing links

Page URL History

Redirected requests

245 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

herogayabmodeon.net Open in urlscan Pro
2606:4700:3030::6815:297d Public Scan

Screenshot
Live screenshot

Full Image

245
Requests

93 %
HTTPS

34 %
IPv6

40
Domains

62
Subdomains

51
IPs

9
Countries

4694 kB
Transfer

10460 kB
Size

43
Cookies

245 HTTP transactions
4 data transactions