urlscan.io logo urlscan.io
SecurityTrails logo

www.wisetoto.com Open in urlscan Pro
218.232.95.66  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.wisetoto.com/
Effective URL: https://www.wisetoto.com/index.htm
Submission: On March 02 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 4 countries across 13 domains to perform 267 HTTP transactions. The main IP is 218.232.95.66, located in Korea, Republic Of and belongs to SKB-AS SK Broadband Co Ltd, KR. The main domain is www.wisetoto.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on September 22nd 2020. Valid for: a year.
This is the only time www.wisetoto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 218.232.95.66 9318 (SKB-AS SK...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
52 23.55.161.68 20940 (AKAMAI-ASN1)
10 13.32.24.95 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 65.9.58.118 16509 (AMAZON-02)
13 13.124.92.103 16509 (AMAZON-02)
41 142.250.186.34 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
56 2a00:1450:400... 15169 (GOOGLE)
6 2600:9000:211... 16509 (AMAZON-02)
1 119.205.238.29 4766 (KIXS-AS-K...)
1 2a00:1450:400... 15169 (GOOGLE)
267 25
19    218.232.95.66 (Korea, Republic Of)

ASN9318 (SKB-AS SK Broadband Co Ltd, KR)
www.wisetoto.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
7    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
52    23.55.161.68 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
storage.wisetoto.com
10    13.32.24.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-24-95.fra56.r.cloudfront.net
compass.adop.cc
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
11    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
11    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.de
1    65.9.58.118 (United States)

ASN16509 (AMAZON-02, US)
compasscdn.adop.cc
13    13.124.92.103 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-124-92-103.ap-northeast-2.compute.amazonaws.com
data.adop.cc
41    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
9    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
googleads.g.doubleclick.net
6    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com
dd18c4e0fb22384b2ffffdd4883333b9.safeframe.googlesyndication.com
bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com
9b5ef045cec0d4a4bf39088e9ce63320.safeframe.googlesyndication.com
36595d8a2783044946b6903f4f8709a5.safeframe.googlesyndication.com
56    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
cdn.ampproject.org
6    2600:9000:211e:d200:18:69f:d880:93a1 (United States)

ASN16509 (AMAZON-02, US)
adopdmp.adop.cc
1    119.205.238.29 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
www.mediacategory.com
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.be
Domain Requested by
52 storage.wisetoto.com www.wisetoto.com
41 tpc.googlesyndication.com securepubads.g.doubleclick.net
9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.wisetoto.com
cdn.ampproject.org
bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com
compass.adop.cc
22 pagead2.googlesyndication.com www.wisetoto.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
21 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com
compass.adop.cc
www.wisetoto.com
19 www.wisetoto.com www.wisetoto.com
15 cdn.ampproject.org securepubads.g.doubleclick.net
13 data.adop.cc compass.adop.cc
9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com
www.wisetoto.com
12 www.gstatic.com www.wisetoto.com
www.gstatic.com
10 www.googletagservices.com compass.adop.cc
securepubads.g.doubleclick.net
9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com
bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com
10 compass.adop.cc www.wisetoto.com
9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com
www.mediacategory.com
7 www.google.com 2 redirects securepubads.g.doubleclick.net
www.wisetoto.com
compass.adop.cc
6 adopdmp.adop.cc compass.adop.cc
6 adservice.google.com securepubads.g.doubleclick.net
6 fonts.gstatic.com fonts.googleapis.com
6 www.google-analytics.com www.wisetoto.com
www.google-analytics.com
5 adservice.google.de securepubads.g.doubleclick.net
3 googleads.g.doubleclick.net bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com
3 fonts.googleapis.com www.wisetoto.com
securepubads.g.doubleclick.net
2 bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 36595d8a2783044946b6903f4f8709a5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 9b5ef045cec0d4a4bf39088e9ce63320.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 dd18c4e0fb22384b2ffffdd4883333b9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.be securepubads.g.doubleclick.net
1 www.mediacategory.com 9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com
1 compasscdn.adop.cc compass.adop.cc
1 www.google.de
1 stats.g.doubleclick.net www.google-analytics.com
267 28

This site contains links to these domains. Also see Links.

Domain
sports.chosun.com
www.highcut.co.kr
www.blueaward.co.kr
www.tionnet.com
www.ftc.go.kr
Subject Issuer Validity Valid
*.wisetoto.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2020-09-22 -
2021-10-22		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
storage.wisetoto.com
R3		 2021-02-08 -
2021-05-09		 3 months crt.sh
*.adop.cc
Amazon		 2020-10-24 -
2021-11-22		 a year crt.sh
*.google.de
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.mediacategory.com
Thawte RSA CA 2018		 2019-10-16 -
2021-12-14		 2 years crt.sh
*.google.be
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh

This page contains 20 frames:

Primary Page: https://www.wisetoto.com/index.htm
Frame ID: D6F2F327A57DC46C778E09AA57CD28C2
Requests: 115 HTTP requests in this frame

Frame: https://9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 5CEA80BA404709ACBBF7AF2141AE2287
Requests: 8 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/eea41eb6-8b45-4fc4-8dd1-32f4f0a88c9c?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=eea41eb6-8b45-4fc4-8dd1-32f4f0a88c9c&type=re&loc=https%253A%2F%2F9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&rnd=ScH&percentage=false&size_width=200&size_height=200&
Frame ID: CAA07519B0044C930E4211616E6DA308
Requests: 4 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/2a6ceca7-3c02-45ab-9b03-f320a079fc96?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=2a6ceca7-3c02-45ab-9b03-f320a079fc96&type=re&loc=https%253A%2F%2Fwww.wisetoto.com%2Findex.htm&rnd=k29&percentage=false&size_width=728&size_height=90&
Frame ID: 24667BE12F8C83B709859320DFE388F6
Requests: 9 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/c462ec68-11c6-49d6-a574-894ed2ac3d50?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=c462ec68-11c6-49d6-a574-894ed2ac3d50&type=re&loc=https%253A%2F%2Fwww.wisetoto.com%2Findex.htm&rnd=ew8&percentage=false&size_width=728&size_height=90&
Frame ID: 38385D2B2E6463FD681C171D1B2B83FE
Requests: 14 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/2e1f8683-9e32-4878-8082-548103929e7e?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=2e1f8683-9e32-4878-8082-548103929e7e&type=re&loc=https%253A%2F%2Fwww.wisetoto.com%2Findex.htm&rnd=b8F&percentage=false&size_width=160&size_height=600&
Frame ID: 5550E91F5176428CF6D262F0E1202734
Requests: 15 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/65caaa5a-e5ef-4b73-8b03-ed0c50236667?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=65caaa5a-e5ef-4b73-8b03-ed0c50236667&type=re&loc=https%253A%2F%2Fwww.wisetoto.com%2Findex.htm&rnd=sSr&percentage=false&size_width=160&size_height=600&
Frame ID: 1F15FF46A3FE2F55514D496AAE867DFA
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 9DE8B0FDA524D0A228A2A4A9B528799F
Requests: 2 HTTP requests in this frame

Frame: https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67
Frame ID: 33045A945339242F3838C3C89A8D354C
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&glade_req=1&glv=36&dt=1614648515319&output=html&iu=%2F24649423%2Fwisetoto_top_728x90-section&sz=728x90&guci=1.2.0.0.2.2.0&sfv=1-0-29&correlator=1647912532289623&adk=3146298844&biw=1600&bih=1200&adx=560&ady=353&oid=3&u_sd=1&ifi=1&vis=1&nhd=1&url=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm&top=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm
Frame ID: C2720E55808C696CC8479A9535A3D68D
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: DC0845DFCFB271A15BBCD782C70401DA
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 3700ABF330ACE03FABAB9C796F01F8A3
Requests: 2 HTTP requests in this frame

Frame: https://bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: E0B07B1B4E585C11FD0B06C19AC567EE
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: 11CCE834B05776B3246C178363D51123
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17421208517328964755/160x600/index.html
Frame ID: 3E43031F32C9F02F30D0CFA52BAAE4D0
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: CA5B500762B20CE8EB1760395854D390
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: ACC73F6524236468A73E92F9E7C3B9C6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 2BC2338229C894CFEC1B674389691CE2
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: F720B892090426FFA29C43A9A38E9D8C
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: C688E8CD7B7AF9439D479CCB8A5A206B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.wisetoto.com/ Page URL
  2. http://www.wisetoto.com/index.htm HTTP 307
    https://www.wisetoto.com/index.htm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

267
Requests

100 %
HTTPS

71 %
IPv6

13
Domains

28
Subdomains

25
IPs

4
Countries

3047 kB
Transfer

8406 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.wisetoto.com/ Page URL
  2. http://www.wisetoto.com/index.htm HTTP 307
    https://www.wisetoto.com/index.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 229
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 238
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

267 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.wisetoto.com/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.wisetoto.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
218.232.95.66 , Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
d1c80ea1c84ea8f614a744b0f6a2cb33bbaef382f940197bb3a63591d13f25fc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Host
www.wisetoto.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 01:28:28 GMT
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1193
Connection
close
Content-Type
text/html; charset=UTF-8
new_style.css
www.wisetoto.com/css/ 		285 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wisetoto.com/css/new_style.css?t=202102051018
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
218.232.95.66 , Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
99ea8575bd6f715ebac2437f6c6033157f1b941724c28a48625263f6cb576ecd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 01:28:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 04:37:06 GMT
Server
Apache
ETag
"47406-5badfd6bed790-gzip"
Vary
Accept-Encoding
Connection
close
Content-Type
text/css
Cache-Control
max-age=2592000
Strict-Transport-Security
max-age=63072000; includeSubDomains
Accept-Ranges
bytes
Content-Length
44914
Expires
Thu, 01 Apr 2021 01:28:29 GMT
new_main.css
www.wisetoto.com/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wisetoto.com/css/new_main.css?t=202011031642
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
218.232.95.66 , Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
980f3221591939a83121b2a07a998e50c67de2059140a39904708dd9341c8a92
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 01:28:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Nov 2020 08:17:03 GMT
Server
Apache
ETag
"5625-5b32f7ce7e468-gzip"
Vary
Accept-Encoding
Connection
close
Content-Type
text/css
Cache-Control
max-age=2592000
Strict-Transport-Security
max-age=63072000; includeSubDomains
Accept-Ranges
bytes
Content-Length
4982
Expires
Thu, 01 Apr 2021 01:28:29 GMT
new_gameinfo.css
www.wisetoto.com/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wisetoto.com/css/new_gameinfo.css?t=202001131535
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
218.232.95.66 , Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
76e3a1dec4cea66c82defffa2c01073ed63376d4c00577f49c17d245a441a7b9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 01:28:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Jan 2020 06:36:03 GMT
Server
Apache
ETag
"54b9-59bffb0755ac0-gzip"
Vary
Accept-Encoding
Connection
close
Content-Type
text/css
Cache-Control
max-age=2592000
Strict-Transport-Security
max-age=63072000; includeSubDomains
Accept-Ranges
bytes
Content-Length
4461
Expires
Thu, 01 Apr 2021 01:28:29 GMT
util.js
www.wisetoto.com/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wisetoto.com/js/util.js?t=202001131728
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
218.232.95.66 , Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
857c53655f1d1562d202119687b24378de01d79ea3980f074c19d58e8ddf9aef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 01:28:29 GMT
Content-Encoding
gzip
Last-Modified
Sun, 12 Jan 2020 23:17:22 GMT
Server
Apache
ETag
"4520-59bf98f9ac480-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
6880
navi.js
www.wisetoto.com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wisetoto.com/js/navi.js?35
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
218.232.95.66 , Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
e6e81d647c6b431b42c089c918d6cfc2319e617dd3d990625a299538de95643b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 01:28:29 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 May 2019 08:21:04 GMT
Server
Apache
ETag
"a6d-587f76e7e5c00-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
766
jquery.js
www.wisetoto.com/js/ 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wisetoto.com/js/jquery.js
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
218.232.95.66 , Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 01:28:29 GMT
Content-Encoding
gzip
Last-Modified
Sun, 12 Jan 2020 23:17:22 GMT
Server
Apache
ETag
"16cfb-59bf98f9ac480-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
38773
common.js
www.wisetoto.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wisetoto.com/js/common.js
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
218.232.95.66 , Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
feaa5d90cbf83f7b041b956dddaa40616805d9fbc27aa5d03cc9489b7c57a7b7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 01:28:30 GMT
Content-Encoding
gzip
Last-Modified
Sun, 12 Jan 2020 23:17:22 GMT
Server
Apache
ETag
"16a5-59bf98f9ac480-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1719
css
fonts.googleapis.com/ 		372 KB
91 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans+KR:300,400,500,700&display=swap
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/css/new_style.css?t=202102051018
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d80972d12b2ede7982ab759c7d8d6e9ba6e77b960669c7ad05f079a7a860209
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/css/new_style.css?t=202102051018
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 01:28:30 GMT
server
ESF
date
Tue, 02 Mar 2021 01:28:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Mar 2021 01:28:30 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
5154
date
Tue, 02 Mar 2021 00:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Tue, 02 Mar 2021 02:02:36 GMT
Primary Request Cookie set index.htm
www.wisetoto.com/
Redirect Chain
  • http://www.wisetoto.com/index.htm
  • https://www.wisetoto.com/index.htm
83 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.wisetoto.com/index.htm
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
218.232.95.66 , Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
0950f4baf82c9cfc547398e1171f47a537fca5a9261cc426a51f57a0fb63a4f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Host
www.wisetoto.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.wisetoto.com/

Response headers

Date
Tue, 02 Mar 2021 01:28:31 GMT
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains
P3P
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Set-Cookie
PHPSESSID=e0ccc13f49b827d5ea0673f4ce81a573; path=/; domain=.wisetoto.com
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma
no-cache
Last-Modified
Tue, 02 Mar 2021 01:28:31 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
18558
Connection
close
Content-Type
text/html; charset=utf-8

Redirect headers

Location
https://www.wisetoto.com/index.htm
Non-Authoritative-Reason
HSTS
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:19:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
566
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Tue, 02 Mar 2021 02:19:04 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-55069456-1&cid=1094087174.1614648511&jid=813117237&gjid=454998255&_gid=2020146660.1614648511&_u=KGBAgEAjAAAAAE~&z=1559048430
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 02 Mar 2021 01:28:30 GMT
content-type
text/plain
access-control-allow-origin
https://www.wisetoto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=1554829003&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wisetoto.com%2F&ul=en-us&de=UTF-8&dt=%EC%99%80%EC%9D%B4%EC%A6%88%ED%86%A0%ED%86%A0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgEAj~&jid=813117237&gjid=454998255&cid=1094087174.1614648511&tid=UA-55069456-1&_gid=2020146660.1614648511&z=1507779608
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Mar 2021 09:05:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
58990
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-55069456-1&cid=1094087174.1614648511&jid=813117237&_u=KGBAgEAjAAAAAE~&z=135990176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 01:28:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-55069456-1&cid=1094087174.1614648511&jid=813117237&_u=KGBAgEAjAAAAAE~&z=135990176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 01:28:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
new_style.css
www.wisetoto.com/css/ 		285 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wisetoto.com/css/new_style.css?t=202102051018
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
218.232.95.66 , Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
99ea8575bd6f715ebac2437f6c6033157f1b941724c28a48625263f6cb576ecd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 01:28:32 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 04:37:06 GMT
Server
Apache
ETag
"47406-5badfd6bed790-gzip"
Vary
Accept-Encoding
Connection
close
Content-Type
text/css
Cache-Control
max-age=2592000
Strict-Transport-Security
max-age=63072000; includeSubDomains
Accept-Ranges
bytes
Content-Length
44914
Expires
Thu, 01 Apr 2021 01:28:32 GMT
new_main.css
www.wisetoto.com/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wisetoto.com/css/new_main.css?t=202011031642
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
218.232.95.66 , Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
980f3221591939a83121b2a07a998e50c67de2059140a39904708dd9341c8a92
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 01:28:32 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Nov 2020 08:17:03 GMT
Server
Apache
ETag
"5625-5b32f7ce7e468-gzip"
Vary
Accept-Encoding
Connection
close
Content-Type
text/css
Cache-Control
max-age=2592000
Strict-Transport-Security
max-age=63072000; includeSubDomains
Accept-Ranges
bytes
Content-Length
4982
Expires
Thu, 01 Apr 2021 01:28:32 GMT
new_gameinfo.css
www.wisetoto.com/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wisetoto.com/css/new_gameinfo.css?t=202001131535
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
218.232.95.66 , Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
76e3a1dec4cea66c82defffa2c01073ed63376d4c00577f49c17d245a441a7b9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 01:28:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Jan 2020 06:36:03 GMT
Server
Apache
ETag
"54b9-59bffb0755ac0-gzip"
Vary
Accept-Encoding
Connection
close
Content-Type
text/css
Cache-Control
max-age=2592000
Strict-Transport-Security
max-age=63072000; includeSubDomains
Accept-Ranges
bytes
Content-Length
4461
Expires
Thu, 01 Apr 2021 01:28:32 GMT
util.js
www.wisetoto.com/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wisetoto.com/js/util.js?t=202001131728
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
218.232.95.66 , Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
857c53655f1d1562d202119687b24378de01d79ea3980f074c19d58e8ddf9aef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 01:28:32 GMT
Content-Encoding
gzip
Last-Modified
Sun, 12 Jan 2020 23:17:22 GMT
Server
Apache
ETag
"4520-59bf98f9ac480-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
6880
navi.js
www.wisetoto.com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wisetoto.com/js/navi.js?35
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
218.232.95.66 , Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
e6e81d647c6b431b42c089c918d6cfc2319e617dd3d990625a299538de95643b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 01:28:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 May 2019 08:21:04 GMT
Server
Apache
ETag
"a6d-587f76e7e5c00-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
766
jquery.js
www.wisetoto.com/js/ 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wisetoto.com/js/jquery.js
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
218.232.95.66 , Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 01:28:32 GMT
Content-Encoding
gzip
Last-Modified
Sun, 12 Jan 2020 23:17:22 GMT
Server
Apache
ETag
"16cfb-59bf98f9ac480-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
38773
common.js
www.wisetoto.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wisetoto.com/js/common.js
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
218.232.95.66 , Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
feaa5d90cbf83f7b041b956dddaa40616805d9fbc27aa5d03cc9489b7c57a7b7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 01:28:32 GMT
Content-Encoding
gzip
Last-Modified
Sun, 12 Jan 2020 23:17:22 GMT
Server
Apache
ETag
"16a5-59bf98f9ac480-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1719
loader.js
www.gstatic.com/charts/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/loader.js
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d48c95e39e7dcd31ebeee1191f77770fa1cb0a4213bb84ac925406066218c841
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19830
x-xss-protection
0
pragma
no-cache
last-modified
Thu, 23 Jul 2020 17:43:26 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
expires
Fri, 01 Jan 1990 00:00:00 GMT
chart.js
www.wisetoto.com/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wisetoto.com/js/chart.js
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
218.232.95.66 , Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
0e84847960cad725139f3264fc2f17388159f40de97edc33891c9ce9d050cdf2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 01:28:32 GMT
Content-Encoding
gzip
Last-Modified
Sun, 12 Jan 2020 23:17:22 GMT
Server
Apache
ETag
"10c7-59bf98f9ac480-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1790
jquery.imageScroller.js
www.wisetoto.com/js/ 		1 KB
950 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wisetoto.com/js/jquery.imageScroller.js?t=202001141110
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
218.232.95.66 , Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
0a014efd595c0d4ec7b0b3e16cca7c18b2f274019e1e92951ad74e437a6bb8a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 01:28:32 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Jan 2020 05:00:06 GMT
Server
Apache
ETag
"555-59c127727e180-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
589
h1_logo.png
storage.wisetoto.com/images/common/logo/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/logo/h1_logo.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2a0cee784c38b4bcc74973ba7c1ae081208db1a9d8c8887959d0b6d8fe478a3e

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Wed, 18 Dec 2019 08:13:57 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"8ef82055b8f01123b027b3ae16e2f932:1576656837.568248"
content-length
9857
content-type
image/png
200529_5ed05e29e1890.png
storage.wisetoto.com/images/main/new_banner/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/main/new_banner/200529_5ed05e29e1890.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e9dc048253b6c2084203ac3c62fcfff887c40126fe164c79c5accb8d72c479d2

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Fri, 29 May 2020 00:58:18 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"6a0feae13ca30e27cb34ba3324c58486:1590713898.123346"
content-length
12238
content-type
image/png
210108_5ff810c0aa06a.png
storage.wisetoto.com/images/main/new_banner/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/main/new_banner/210108_5ff810c0aa06a.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
161a5a8ebafc47996d570cf3adc8a79f4e8d56a2aedd53960fc936fe200d78a3

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Fri, 08 Jan 2021 07:58:56 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"ade9161574965f3442c949d7b20ab34c:1610092736.860611"
content-length
26399
content-type
image/png
210226_603897d142ea5.jpg
storage.wisetoto.com/images/main/new_banner/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/main/new_banner/210226_603897d142ea5.jpg
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a58d1105787201c8e9bd4d0f4aebf3025fa9a63f05772a3d3e02e551e4b12e6c

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Fri, 26 Feb 2021 06:40:17 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"4fb992509155f0e91e17d0e3851e3fb2:1614321617.321188"
content-length
21673
content-type
image/jpeg
210226_603897fa1d9f4.jpg
storage.wisetoto.com/images/main/new_banner/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/main/new_banner/210226_603897fa1d9f4.jpg
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1a6e2487afca0c4443671aae0d7392be9a3dbacbe28d622bdf97846828ae3e5e

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Fri, 26 Feb 2021 06:40:58 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"565f0883d2ea470b0d29d30360d25343:1614321658.17274"
content-length
26074
content-type
image/jpeg
nagalle711581646209_s.JPG
storage.wisetoto.com/data/analysis/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/data/analysis/nagalle711581646209_s.JPG
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
139cb167ee03e465f16f3448bce4a1f719d0d42be2fb0b8163edb8da0a46d23a

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Fri, 14 Feb 2020 02:10:11 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"28fa0773e59970f6667e921c8aa892e5:1581646211.200395"
content-length
8709
content-type
image/jpeg
ifun20131574660042_s.JPG
storage.wisetoto.com/data/analysis/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/data/analysis/ifun20131574660042_s.JPG
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6aa181af18968681faf87ca52b432ea9f1f9649c9065c0a9525982f1febff4e8

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Mon, 25 Nov 2019 05:34:05 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"235bec51738e8d2a04a8dbe7ffae3350:1574660045.639319"
content-length
9486
content-type
image/jpeg
ilinsque801544080209_s.JPG
storage.wisetoto.com/data/analysis/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/data/analysis/ilinsque801544080209_s.JPG
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ce2cff56ab3f2b151716f5fbfc6bba418c5790d37b12d56525d59912cb76d8db

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Thu, 06 Dec 2018 07:10:11 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"a6182de61b9fdf0db25fa33132a6521a:1544080211.193215"
content-length
9740
content-type
image/jpeg
spree1581582783017_s.JPG
storage.wisetoto.com/data/analysis/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/data/analysis/spree1581582783017_s.JPG
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
119a5be16bf22ce1507fe137e0204b56c1f4159412d3af1358530394f63394ba

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Thu, 27 Feb 2020 05:56:59 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"5ea2663b855f15dd58c6719bd5f5cec4:1582783019.114471"
content-length
8846
content-type
image/jpeg
qwe12001542853981_s.JPG
storage.wisetoto.com/data/analysis/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/data/analysis/qwe12001542853981_s.JPG
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6defd4e1566a22121686f1300b56bf76c7d9bebb2b3dc9defb6e64616d30566

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Thu, 22 Nov 2018 02:33:03 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"c6f33eadd21f89d96b6a6b7f68ebe559:1542853983.319724"
content-length
8067
content-type
image/jpeg
pridekhs1580284598_s.JPG
storage.wisetoto.com/data/analysis/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/data/analysis/pridekhs1580284598_s.JPG
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f8e2366a88ff7d871b8d027d8493d94d7f6a487b3f144715f17d6a1af7bd1208

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Wed, 29 Jan 2020 07:56:41 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"abb93b38754c84bc19c58b804fdffedc:1580284601.571443"
content-length
8701
content-type
image/jpeg
win04171580284681_s.png
storage.wisetoto.com/data/analysis/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/data/analysis/win04171580284681_s.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d7f83d3bd357bf3046323ab5eab21aa339872cd5c58458d06fb26c7aa0253ff1

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Wed, 29 Jan 2020 07:58:04 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"5c23aff4d96804c68dcb7bd220b8d142:1580284684.157988"
content-length
11169
content-type
image/png
starcoming211542854054_s.JPG
storage.wisetoto.com/data/analysis/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/data/analysis/starcoming211542854054_s.JPG
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
019abefec4feae19ba72bb47aa290e77b57227dc669357036b7b1611a3265e81

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Thu, 22 Nov 2018 02:34:16 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"191d65370478a3b3892e5013c2a82fd2:1542854056.778532"
content-length
9180
content-type
image/jpeg
jollyul1580284623_s.JPG
storage.wisetoto.com/data/analysis/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/data/analysis/jollyul1580284623_s.JPG
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
81553b250785399ebbd32c86a05bfe0d2f3afc217fd34cd7d59520c8052b221b

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Wed, 29 Jan 2020 07:57:06 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"4115f0f7eaa6990f950aae06894d5027:1580284626.017407"
content-length
8699
content-type
image/jpeg
okok11111542853932_s.JPG
storage.wisetoto.com/data/analysis/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/data/analysis/okok11111542853932_s.JPG
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
815c3107e8d33a5416c2f31791679ca8643c346aac54bce17fd4ec9974236e2c

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Thu, 22 Nov 2018 02:32:14 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"d473edd4f0c8a140288e94065cba109f:1542853933.996948"
content-length
8278
content-type
image/jpeg
ico_free.png
storage.wisetoto.com/images/common/icon/ 		423 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/icon/ico_free.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
042b0d311fa24af7af179b1f0a03d4d47e3f32dd66ad1a9e741e6fa4b6d3c249

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Tue, 08 Oct 2019 04:25:28 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"9b8b8ad8d62dd3220996fe81d75ebc39:1570508728.760771"
content-length
423
content-type
image/png
e9ad2e0e-e55f-48d6-aa85-060fb483a238
compass.adop.cc/ST/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compass.adop.cc/ST/e9ad2e0e-e55f-48d6-aa85-060fb483a238
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.24.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-24-95.fra56.r.cloudfront.net
Software
/
Resource Hash
23f5623553875e7f0a27e92f3015bd46b688c071d2f8a1d87a139c8e0f1372fe

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
content-encoding
gzip
content-length
812
x-amz-cf-id
YWk_sEC_7TJbZ7mLiDC5QtBaWC4Y42wcHrQRqSYG1eoeKD0qku8MtQ==
icn_pt.png
storage.wisetoto.com/images/common/icon/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/icon/icn_pt.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c257f1aef1d6ca05e54bb749ee3f4c84b0e5eba71bed5196f70bf3f482294478

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Mon, 23 Dec 2019 00:27:17 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"70900a94e927860e2e50e632b786446a:1577060837.760826"
content-length
1534
content-type
image/png
icn_sc.png
storage.wisetoto.com/images/common/icon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/icon/icn_sc.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
cb4e98dbcc802f0db523f2b76cccebfe59c5e7fa8f64da553261532ad7b6126c

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Mon, 23 Dec 2019 00:27:17 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"adfab28620528c96e993088411df6bb0:1577060837.855286"
content-length
1579
content-type
image/png
icn_bs.png
storage.wisetoto.com/images/common/icon/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/icon/icn_bs.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0ebd71b0d6a7ea86a0fe22c5639652751934de249e5c94a7be379363375e54f0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Mon, 23 Dec 2019 00:27:17 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"94f9759d135450a9ecc4ab704d195904:1577060837.199844"
content-length
1481
content-type
image/png
icn_bk.png
storage.wisetoto.com/images/common/icon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/icon/icn_bk.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
49387441f27a74e198953ac1956b95da75ffb48cb256ce2e799ad5e55b40c32e

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Mon, 23 Dec 2019 00:27:16 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"4534e3cdb67a14e6570c85666617ddc7:1577060836.973015"
content-length
1622
content-type
image/png
icn_vl.png
storage.wisetoto.com/images/common/icon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/icon/icn_vl.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
fb4f29d525568e669da37c2535af0b121ebec0a85c3ab0121a49f909e9a8b696

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Mon, 23 Dec 2019 00:27:18 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"472666330b59126017c1d0f677ed65e7:1577060838.137088"
content-length
1579
content-type
image/png
icn_gf.png
storage.wisetoto.com/images/common/icon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/icon/icn_gf.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1aed122c432560a25dc0383f5d29f7a82cd27237eaa04560e0595fb9f4710546

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Mon, 23 Dec 2019 00:27:17 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"d70411cabcb8aea0b3c68d78ac9b06e8:1577060837.467661"
content-length
1552
content-type
image/png
icn_uo.png
storage.wisetoto.com/images/common/icon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/icon/icn_uo.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e476ee0536ebb5ddbb27a312bccd6f765803a4bf655f9427a62aec7a7da86556

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Mon, 23 Dec 2019 00:27:18 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"ca37b4e258a1c6697836bad3f600649a:1577060838.02012"
content-length
1536
content-type
image/png
spinner.gif
storage.wisetoto.com/images/common/icon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/icon/spinner.gif
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
16ea0cf66d51efdbbc2a62b11ab0419fa72fb3320844f1d0d710480245ac9925

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Thu, 07 Nov 2019 02:14:23 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"50c5e3e79b276c92df6cc52caeb464f0:1573092863.968063"
content-length
1787
content-type
image/gif
loading_cl.gif
storage.wisetoto.com/images/common/icon/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/icon/loading_cl.gif
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4816b994c28e3b2d8aec85b4be3cfd2b7e9735b60ffb4168ff32e9959fed67e7

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Tue, 17 Dec 2019 06:11:39 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"6acd1217c9543e7d6b12e3eb52657666:1576563099.981974"
content-length
4406
content-type
image/gif
adopJ.js
compass.adop.cc/assets/js/adop/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compass.adop.cc/assets/js/adop/adopJ.js?v=14
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.24.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-24-95.fra56.r.cloudfront.net
Software
/
Resource Hash
04b2c3919eab959d0535139f9decd6b513be3d0356379bdb42e7fedc0ac32667

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:24:19 GMT
content-encoding
gzip
last-modified
Wed, 03 Jun 2020 07:46:29 GMT
age
254
etag
W/"5ed75555-d79"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
cache-control
max-age=600
x-amz-cf-pop
FRA56-C2
content-length
1938
x-amz-cf-id
zn_3WXJge5wUFh2N6frWTOqqSZDcyXnonLHuIYkuKBOX9tYrRDD3QA==
expires
Tue, 02 Mar 2021 01:34:19 GMT
btn_calculate.jpg
storage.wisetoto.com/images/common/btn/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/btn/btn_calculate.jpg
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ea340658ce0ac6284055d6cba53a1b8367998ac0bda3c566cde829914b2c44f3

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Thu, 10 Oct 2019 01:13:49 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"8e8e6120611cec9c375150bcf7aae22b:1570670029.535185"
content-length
2504
content-type
image/jpeg
partner.png
storage.wisetoto.com/images/common/logo/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/logo/partner.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
448c20969bf7d42330222430f1695210b8006a17e438f099baae7c01203ca493

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Tue, 08 Oct 2019 05:22:37 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"a09cf8f13adcb86eac7924689c043bae:1570512157.33617"
content-length
5281
content-type
image/png
200702_bottom_txt.jpg
storage.wisetoto.com/images/common/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/200702_bottom_txt.jpg
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1cb655f62efbfd3f6c994b537d06964ae7cfb28a99476aa3838f7d0e32742460

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Thu, 02 Jul 2020 00:40:39 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"46abf9f68102b764862880a1f56bd12c:1593650439.178196"
content-length
16402
content-type
image/jpeg
customer.jpg
storage.wisetoto.com/images/common/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/customer.jpg
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
24d98f646917f3eb814c22cb58a8e3aa6208a23004d74ce9884543fdb200c9ce

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Fri, 10 Jan 2020 09:07:17 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"61c8bd1e0f896cffbf2001e97b80188f:1578647237.831732"
content-length
3754
content-type
image/jpeg
css
fonts.googleapis.com/ 		372 KB
91 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans+KR:300,400,500,700&display=swap
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/css/new_style.css?t=202102051018
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d80972d12b2ede7982ab759c7d8d6e9ba6e77b960669c7ad05f079a7a860209
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/css/new_style.css?t=202102051018
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 01:28:32 GMT
server
ESF
date
Tue, 02 Mar 2021 01:28:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Mar 2021 01:28:32 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
5156
date
Tue, 02 Mar 2021 00:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Tue, 02 Mar 2021 02:02:36 GMT
loader.js
www.gstatic.com/charts/pre-45/ 		114 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/pre-45/loader.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/charts/loader.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b03e9fff605e30f45f7c31e6187fb41da51358f030008f5e8531fd583f62dfb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 16:51:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
463014
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36070
x-xss-protection
0
last-modified
Wed, 14 Jun 2017 13:47:39 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 04 Mar 2021 16:51:39 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
888 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:19:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
569
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Tue, 02 Mar 2021 02:19:04 GMT
banner_arrow_prev.png
storage.wisetoto.com/images/common/btn/ 		447 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/btn/banner_arrow_prev.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/css/new_style.css?t=202102051018
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f9aa104ca6f0ddb874767941608ae2ae01b7d384e1c8dd48c58c60f03fe66cee

Request headers

Referer
https://www.wisetoto.com/css/new_style.css?t=202102051018
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Thu, 10 Oct 2019 00:35:32 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"818afa1b1d87beea7df30afab295cc44:1570667732.298521"
content-length
447
content-type
image/png
banner_arrow_next.png
storage.wisetoto.com/images/common/btn/ 		448 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/btn/banner_arrow_next.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/css/new_style.css?t=202102051018
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
769fcb8c0007cad6397a2b36aae5e7079b41129ba7feb2e783514e23be975380

Request headers

Referer
https://www.wisetoto.com/css/new_style.css?t=202102051018
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Thu, 10 Oct 2019 00:35:32 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"7db505e1fe432970ab4d24a79450abc2:1570667732.41706"
content-length
448
content-type
image/png
btn_arrow_prev.png
storage.wisetoto.com/images/common/btn/ 		242 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/btn/btn_arrow_prev.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/css/new_main.css?t=202011031642
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
224e4b4a73fd9a6cf7e9305bf15448fbfae4a92365e4f5c8d603c29d54cfc66a

Request headers

Referer
https://www.wisetoto.com/css/new_main.css?t=202011031642
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Thu, 10 Oct 2019 00:35:38 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"e0569dfe5305ac2e84da8eef28eb843f:1570667738.368182"
content-length
242
content-type
image/png
star_gray.png
storage.wisetoto.com/images/common/icon/ 		435 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/icon/star_gray.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/css/new_main.css?t=202011031642
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0c2f0cd8a5a0aa6e0fb315f773476aa0ae8560227e385b5aed141f5fdb76a349

Request headers

Referer
https://www.wisetoto.com/css/new_main.css?t=202011031642
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Thu, 29 Oct 2020 04:26:34 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"0ae61745488b0f2957558bf3c57f6008:1603945594.61288"
content-length
435
content-type
image/png
star_red.png
storage.wisetoto.com/images/common/icon/ 		413 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/icon/star_red.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/css/new_main.css?t=202011031642
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b20ecbfcd6867fa89bf303e0b8037fa50d6087dfd6801acf046fb4e9afcc939e

Request headers

Referer
https://www.wisetoto.com/css/new_main.css?t=202011031642
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Thu, 29 Oct 2020 04:26:33 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"4515db32da7859383930d6855221678b:1603945593.934047"
content-length
413
content-type
image/png
bg_dot_g.jpg
storage.wisetoto.com/images/common/bg/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/bg/bg_dot_g.jpg
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/css/new_main.css?t=202011031642
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
04e325164171eba5fa8b892074e075b78ae5a5c7ac34f5cc91d748901183f1b3

Request headers

Referer
https://www.wisetoto.com/css/new_main.css?t=202011031642
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Thu, 10 Oct 2019 00:40:04 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"5af7c858eeb7437ad689d70d677228cf:1570668098.648612"
content-length
1140
content-type
image/jpeg
btn_arrow_next.png
storage.wisetoto.com/images/common/btn/ 		206 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/btn/btn_arrow_next.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/css/new_main.css?t=202011031642
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e1ea5dff0e018403f3bb81b019d13d89fc378d2a34670590ccf2b49dd667269e

Request headers

Referer
https://www.wisetoto.com/css/new_main.css?t=202011031642
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Thu, 10 Oct 2019 00:35:38 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"fc2c2c146d1c4b219a797d413365758a:1570667738.374613"
content-length
206
content-type
image/png
bg_dot_b.png
storage.wisetoto.com/images/common/bg/ 		953 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/bg/bg_dot_b.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/css/new_main.css?t=202011031642
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e70810e35807451cb90b6ed3dcdd5f785b2b5230da39427189219c2c473fb733

Request headers

Referer
https://www.wisetoto.com/css/new_main.css?t=202011031642
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
last-modified
Thu, 10 Oct 2019 00:45:26 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"2da27259e8718eb7ebf3ed3788f1cada:1570668332.30683"
content-length
953
content-type
image/png
PbykFmXiEBPT4ITbgNA5Cgm203Tq4JJWq209pU0DPdWuqxJFA4GNDCBYtw.119.woff2
fonts.gstatic.com/s/notosanskr/v13/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanskr/v13/PbykFmXiEBPT4ITbgNA5Cgm203Tq4JJWq209pU0DPdWuqxJFA4GNDCBYtw.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78d19d5b7f8934c84b99579a614ea1199810756137b74e176568331b261d37f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.wisetoto.com
Referer
https://fonts.googleapis.com/css?family=Noto+Sans+KR:300,400,500,700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 04:25:53 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:23:06 GMT
server
sffe
age
334960
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12080
x-xss-protection
0
expires
Sat, 26 Feb 2022 04:25:53 GMT
PbykFmXiEBPT4ITbgNA5Cgm203Tq4JJWq209pU0DPdWuqxJFA4GNDCBYtw.118.woff2
fonts.gstatic.com/s/notosanskr/v13/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanskr/v13/PbykFmXiEBPT4ITbgNA5Cgm203Tq4JJWq209pU0DPdWuqxJFA4GNDCBYtw.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR:300,400,500,700&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2456168d747974b8a763c211f71ad357fe214d0ed6de3c196dc684e3879164f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.wisetoto.com
Referer
https://fonts.googleapis.com/css?family=Noto+Sans+KR:300,400,500,700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 06:25:25 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:22:16 GMT
server
sffe
age
241388
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11364
x-xss-protection
0
expires
Sun, 27 Feb 2022 06:25:25 GMT
PbykFmXiEBPT4ITbgNA5Cgm203Tq4JJWq209pU0DPdWuqxJFA4GNDCBYtw.106.woff2
fonts.gstatic.com/s/notosanskr/v13/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanskr/v13/PbykFmXiEBPT4ITbgNA5Cgm203Tq4JJWq209pU0DPdWuqxJFA4GNDCBYtw.106.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR:300,400,500,700&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a0c697551d129013467dcb36023ac25a47406be02a6d5e012f3ca45993dbb2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.wisetoto.com
Referer
https://fonts.googleapis.com/css?family=Noto+Sans+KR:300,400,500,700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 06:54:37 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:17:26 GMT
server
sffe
age
239636
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17744
x-xss-protection
0
expires
Sun, 27 Feb 2022 06:54:37 GMT
PbykFmXiEBPT4ITbgNA5Cgm203Tq4JJWq209pU0DPdWuqxJFA4GNDCBYtw.116.woff2
fonts.gstatic.com/s/notosanskr/v13/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanskr/v13/PbykFmXiEBPT4ITbgNA5Cgm203Tq4JJWq209pU0DPdWuqxJFA4GNDCBYtw.116.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR:300,400,500,700&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afa96e1c303921183a6abbe3ef219c3071bfd8d53af40c5604b93265fd510d8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.wisetoto.com
Referer
https://fonts.googleapis.com/css?family=Noto+Sans+KR:300,400,500,700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 13:34:18 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:22:36 GMT
server
sffe
age
42855
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12816
x-xss-protection
0
expires
Tue, 01 Mar 2022 13:34:18 GMT
collect
www.google-analytics.com/ 		35 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=1006063150&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm&ul=en-us&de=UTF-8&dt=%EC%99%80%EC%9D%B4%EC%A6%88%ED%86%A0%ED%86%A0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=CCCAgEAj~&jid=&gjid=&cid=1094087174.1614648511&tid=UA-55069456-1&_gid=2020146660.1614648511&z=170228852
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Mar 2021 09:05:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
58993
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
tooltip.css
www.gstatic.com/charts/43/css/core/ 		1 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/43/css/core/tooltip.css
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/charts/pre-45/loader.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3994b4330bb59015b13cd5ebf8c244beaba0d44c26bff7cba8bad5c06535b63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 15:30:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122259
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
525
x-xss-protection
0
last-modified
Wed, 04 Nov 2015 20:39:39 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
expires
Mon, 08 Mar 2021 15:30:54 GMT
util.css
www.gstatic.com/charts/43/css/util/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/43/css/util/util.css
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/charts/pre-45/loader.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9c9244f08810a7573b16fd89288d4587f617de4c005b3e4d74ee034b6dbf280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 10:43:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139491
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3224
x-xss-protection
0
last-modified
Wed, 04 Nov 2015 20:39:39 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
expires
Mon, 08 Mar 2021 10:43:42 GMT
jsapi_compiled_format_module.js
www.gstatic.com/charts/43/js/ 		101 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/43/js/jsapi_compiled_format_module.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/charts/pre-45/loader.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7e388b99d3858f92f60cb3486a26611f84f7c643e77ec69e194c7cb24bbb732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 06:19:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
241719
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36400
x-xss-protection
0
last-modified
Wed, 04 Nov 2015 20:37:03 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sun, 07 Mar 2021 06:19:54 GMT
jsapi_compiled_default_module.js
www.gstatic.com/charts/43/js/ 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/43/js/jsapi_compiled_default_module.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/charts/pre-45/loader.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52014edd6197e885be9cab8263de2425d029feb09db90720d98994e433129351
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 15:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124110
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41730
x-xss-protection
0
last-modified
Wed, 04 Nov 2015 20:37:03 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
expires
Mon, 08 Mar 2021 15:00:03 GMT
jsapi_compiled_ui_module.js
www.gstatic.com/charts/43/js/ 		603 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/43/js/jsapi_compiled_ui_module.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/charts/pre-45/loader.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90da38a84ca18c97c3f99cbf72a815c09e7a9ea0a6e8388448d9de30a8197c5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 05:31:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
503809
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
216796
x-xss-protection
0
last-modified
Wed, 04 Nov 2015 20:37:03 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 04 Mar 2021 05:31:44 GMT
jsapi_compiled_corechart_module.js
www.gstatic.com/charts/43/js/ 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/43/js/jsapi_compiled_corechart_module.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/charts/pre-45/loader.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d55a404d4189a99b64edcdefc7dc5168b305225278aaf791620aa73232136a1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 21:23:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
360282
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1066
x-xss-protection
0
last-modified
Wed, 04 Nov 2015 20:37:03 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
expires
Fri, 05 Mar 2021 21:23:51 GMT
dygraph-tickers-combined.js
www.gstatic.com/charts/43/third_party/dygraphs/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/43/third_party/dygraphs/dygraph-tickers-combined.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/charts/pre-45/loader.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bf5f9f57b14e467c6297173b82411e36ce7db838165ab452be4734a428ae0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 15:32:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122152
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6014
x-xss-protection
0
last-modified
Fri, 30 Oct 2015 17:58:40 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
expires
Mon, 08 Mar 2021 15:32:41 GMT
webfont.js
www.gstatic.com/charts/43/third_party/webfontloader/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/43/third_party/webfontloader/webfont.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/charts/pre-45/loader.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28d2e4b4aa9551cf7325ff954ba4b39b7dd5760192bbe875a876793a5668d195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 15:19:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122925
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5066
x-xss-protection
0
last-modified
Fri, 30 Oct 2015 17:58:40 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
expires
Mon, 08 Mar 2021 15:19:48 GMT
jsapi_compiled_line_module.js
www.gstatic.com/charts/43/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/43/js/jsapi_compiled_line_module.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/charts/pre-45/loader.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb6a2e6f164f507e63c24616b28474722cf694e70113ad4e7b333c23ae45bc03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 09:57:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55892
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1028
x-xss-protection
0
last-modified
Wed, 04 Nov 2015 20:37:03 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
expires
Tue, 09 Mar 2021 09:57:01 GMT
jsapi_compiled_bar_module.js
www.gstatic.com/charts/43/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/43/js/jsapi_compiled_bar_module.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/charts/pre-45/loader.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d260c3b2d4e8bbbef70562c79d205f0274318a70747a634b73b521a19556c32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 14:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
471060
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2842
x-xss-protection
0
last-modified
Wed, 04 Nov 2015 20:37:03 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 04 Mar 2021 14:37:33 GMT
gpt.js
www.googletagservices.com/tag/js/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/ST/e9ad2e0e-e55f-48d6-aa85-060fb483a238
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f191e4bcef8e8544a41ff1cdd7d7c1e1cbe85cf94e9bde7d337415d35ebdbfc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"799 / 773 of 1000 / last-modified: 1614640338"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19330
x-xss-protection
0
expires
Tue, 02 Mar 2021 01:28:33 GMT
ifrgpt004.min.js
compasscdn.adop.cc/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compasscdn.adop.cc/js/ifrgpt004.min.js
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/ST/e9ad2e0e-e55f-48d6-aa85-060fb483a238
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
98b300db58785883f442f9a8ae355b114dac0c031ca3c7dc90a0021b042d99f5

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 01 Mar 2021 03:18:53 GMT
Via
1.1 6b38a2e1db230db568190464ab7177db.cloudfront.net (CloudFront)
Last-Modified
Mon, 20 Apr 2020 09:15:02 GMT
Server
AmazonS3
Age
79781
ETag
"d14586f135ccfb28c9a8e1bb832051d8"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
1443
X-Amz-Cf-Id
K9bxzlVttYOx6YuUbzIDvIhsdZgtAmwRWXCoha-BLKoXTU-C_ocxuA==
collect.php
data.adop.cc/ 		2 B
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.adop.cc/collect.php?log=com_imp&dt=20210302012833&aid=a7294c22-793c-436e-b01d-a83b830bba8b&zid=e9ad2e0e-e55f-48d6-aa85-060fb483a238&r=wewn
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/ST/e9ad2e0e-e55f-48d6-aa85-060fb483a238
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.124.92.103 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-124-92-103.ap-northeast-2.compute.amazonaws.com
Software
/
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
2
pubads_impl_2021022501.js
securepubads.g.doubleclick.net/gpt/ 		287 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 09:38:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103137
x-xss-protection
0
expires
Tue, 02 Mar 2021 01:28:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_urg_spr&pvsid=2820241412743721&vrg=2021022501&nw_id=5932629&nslots=1&eid=31060212%2C44733567&pub_url=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm&start_time=1614648513487&end_time=1614648513488&n=0
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 01:28:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.wisetoto.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 01:28:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.wisetoto.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 01:28:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2820241412743721&correlator=1301967386848345&output=ldjh&impl=fif&eid=31060212%2C44733567&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=5932629%2Cca-pub-1474238860523410-tag%2Cwisetoto_lt_200x200-main-GPT&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=200x200&eri=4&cookie_enabled=1&cdm=www.wisetoto.com&bc=31&abxe=1&dt=1614648513500&dlt=1614648511338&idt=2142&frm=20&biw=1600&bih=1200&oid=3&adxs=300&adys=775&adks=2484781182&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.wisetoto.com&loc=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm&vis=1&dmc=8&scr_x=0&scr_y=0&psz=240x200&msz=200x-1&ga_vid=1094087174.1614648511&ga_sid=1614648514&ga_hid=1006063150&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
97a79f6300c9fbaa69337a194da81f12e6350489112c2733a09b1e524cb4137f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3059
x-xss-protection
0
google-lineitem-id
5314345657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138304408035
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wisetoto.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 5CEA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wisetoto.com/index.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.wisetoto.com/index.htm

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Tue, 02 Mar 2021 01:28:33 GMT
expires
Wed, 02 Mar 2022 01:28:33 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602243598683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Tue, 02 Mar 2021 01:28:33 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame 5CEA 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js
Requested by
Host: 9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com
URL: https://9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 10:29:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140372
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7485
x-xss-protection
0
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 28 Feb 2022 10:29:01 GMT
adopJ.js
compass.adop.cc/assets/js/adop/ Frame 5CEA 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compass.adop.cc/assets/js/adop/adopJ.js?v=14
Requested by
Host: 9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com
URL: https://9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.24.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-24-95.fra56.r.cloudfront.net
Software
/
Resource Hash
04b2c3919eab959d0535139f9decd6b513be3d0356379bdb42e7fedc0ac32667

Request headers

Referer
https://9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:24:19 GMT
content-encoding
gzip
last-modified
Wed, 03 Jun 2020 07:46:29 GMT
age
254
etag
W/"5ed75555-d79"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
cache-control
max-age=600
x-amz-cf-pop
FRA56-C2
content-length
1938
x-amz-cf-id
uEH1oa5XfSmEGkvzsQTkT6mBxAP-Njg59tigMjfdyDxHcTD_0FnfLQ==
expires
Tue, 02 Mar 2021 01:34:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5CEA 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com
URL: https://9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 01:28:33 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5CEA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBf1oFowR2DsTPOl-HGwzDUyz8M-HloBDwADqLfJZGNWhwTDl-O8ZsT341uRZ-Tn9omyadRaTvl__b_40Hmy5CWY3WqWByvawVGKgLW2A3_QPDHRYZweFsc-87a8UXut1SPDqnBDj6jwdnDv_PnjoW4yuOlgCOUdnErLSoj0kF6PXneNnZeZteQdiV1kWZEeJH745QvqvdEh7vkHkGyENpS7YaPYL4K8blP2i2iYv9ieBEU2FKO7Te0tQkI5pQw0jfwjuM8NQEnwrqg4hVM0KlwZEe2oV3wrP5ssJNFmeiEP5YpmmcUHLUTzkEfthV_3hnbrBFU2ykafyHgSMNBv61KJ7HkENfKeJ3V1JM&sai=AMfl-YQiRsscnwI-p3cxikj-SvTfrDD0ri3fH7wovamcL6eQJVyL0YeJVEi-nk3cwFl7iSqu3L9kGNFfqJWQgr7NI1qNvMRGtMFwl061s3G_Uu9laxS8y4RVKCShOg7LN1w&sig=Cg0ArKJSzK6FhZyzNGHhEAE&urlfix=1&adurl=
Requested by
Host: 9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com
URL: https://9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 01:28:33 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 02 Mar 2021 01:28:33 GMT
truncated
/ Frame 5CEA 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adc74d14db47342456990108bcf38399396b522d9e087c821888ff707eaa4e53

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
eea41eb6-8b45-4fc4-8dd1-32f4f0a88c9c
compass.adop.cc/RE/ Frame CAA0 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compass.adop.cc/RE/eea41eb6-8b45-4fc4-8dd1-32f4f0a88c9c?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=eea41eb6-8b45-4fc4-8dd1-32f4f0a88c9c&type=re&loc=https%253A%2F%2F9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&rnd=ScH&percentage=false&size_width=200&size_height=200&
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.24.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-24-95.fra56.r.cloudfront.net
Software
/
Resource Hash
e12feafbd6e9c44e4984fa508c9a62e4a1fbf91a260e1447697853d41f2f24b9

Request headers

Referer
https://9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:34 GMT
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
content-encoding
gzip
content-length
933
x-amz-cf-id
NDBfe1zi7TNnAwTqySMNA0t9qnKWNifvKFhsh0iABRZPuBnGYG6QRQ==
view
securepubads.g.doubleclick.net/pcs/ Frame 5CEA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusjzr5ZFrl9WUNErFOxGU49oeR7NsQjZkn20uwjCDrxzAUyzdCVIgrtHIATv8YFsc5qMNNfpR7tQoaz9kPNJL-Q_wT7KBvku9bccyEueKg7NsFBQGswNT9neoo3rr5TJ0TWs98nlEByP0yR14qCRjCl3X9633nowYmM1Cn-_2e7heDEcqdlpE5Ks5xBeV1X68U2oWgxvAXezMFJdPNx4lNoRxHdHkAuqFycscYkcdhUNyQvPvmcwSEBJzEUyMo1cJJ0tkysrV0lESRtIowf4StpQTTHYQYX9akFpDdqI0a2eZ62Up_vNyEOjYKgn8vmTt8DOIN_p8EMbzmeDIQUWEpZ5droeQKwq0YiRTIznw&sai=AMfl-YTltZPD_-gWud8f4L-CORcBaPwOpeQ6gc5idNAL8-B8ZGumm8aG4q8b4IMgJl-rt6rvmFK8Pep0ERuK0r-qmqORqpycaKXJwRN4lSE4VG6zXY7es-ORqOnF7i4WTt0&sig=Cg0ArKJSzBmOQsr3CyKnEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 01:28:34 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 02 Mar 2021 01:28:34 GMT
select_prev.jpg
storage.wisetoto.com/images/common/btn/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/btn/select_prev.jpg
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/css/new_style.css?t=202102051018
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
53d4bb13aef7e82cce50ee7ab2bb3319d3d103be399cc2d558f9a47b83483430

Request headers

Referer
https://www.wisetoto.com/css/new_style.css?t=202102051018
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:34 GMT
last-modified
Thu, 10 Oct 2019 00:46:38 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"ae3d7410e921b3748bb78c0c4bfe8cb7:1570668398.164967"
content-length
1507
content-type
image/jpeg
select_next.jpg
storage.wisetoto.com/images/common/btn/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/btn/select_next.jpg
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/css/new_style.css?t=202102051018
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c96cfbf4eb31f904618ce71ef8d2b649c9e3145718fff9e08cf21c1613451603

Request headers

Referer
https://www.wisetoto.com/css/new_style.css?t=202102051018
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:34 GMT
last-modified
Thu, 10 Oct 2019 00:46:38 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"a50de506b7b8b6aed7d2fcdd4e8b4dcf:1570668398.092918"
content-length
1508
content-type
image/jpeg
btn_sort_all_active.png
storage.wisetoto.com/images/common/btn/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/btn/btn_sort_all_active.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/css/new_style.css?t=202102051018
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
36aedc398a11f1e455ac96fd7f6bd06c3b83b95c321fc6fcdac742678d816a77

Request headers

Referer
https://www.wisetoto.com/css/new_style.css?t=202102051018
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:34 GMT
last-modified
Thu, 10 Oct 2019 00:48:39 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"0fd547339862030661e4f114aaf7e2b9:1570668519.114938"
content-length
1733
content-type
image/png
btn_soccer.png
storage.wisetoto.com/images/common/btn/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/btn/btn_soccer.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/css/new_style.css?t=202102051018
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b1bee0e355ab2f424e87eeb96b9b3ea7d9f39b1ec29a2eb5813a6925ee6fd5a2

Request headers

Referer
https://www.wisetoto.com/css/new_style.css?t=202102051018
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:34 GMT
last-modified
Thu, 10 Oct 2019 00:51:19 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"8a253dc093bf9a9d4591d5c0e7676fe5:1570668679.217103"
content-length
2182
content-type
image/png
btn_baseball.png
storage.wisetoto.com/images/common/btn/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/btn/btn_baseball.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/css/new_style.css?t=202102051018
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
da1951dbb04576b09686de663bfb9ae7e68b7ac25cfa71cd5a6cca4241b0ac34

Request headers

Referer
https://www.wisetoto.com/css/new_style.css?t=202102051018
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:34 GMT
last-modified
Thu, 10 Oct 2019 00:51:43 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"45104e0988078c7508420d64319acd39:1570668703.622799"
content-length
2034
content-type
image/png
btn_basketball.png
storage.wisetoto.com/images/common/btn/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/btn/btn_basketball.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/css/new_style.css?t=202102051018
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
061f04d44ffea26eb2e4bdb43368e78cb3a89a895ddce6151ac036063cc4bfc7

Request headers

Referer
https://www.wisetoto.com/css/new_style.css?t=202102051018
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:34 GMT
last-modified
Thu, 10 Oct 2019 00:52:05 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"35bbc175f96775d2aff52d4b94757332:1570668725.033173"
content-length
2131
content-type
image/png
btn_volleyball.png
storage.wisetoto.com/images/common/btn/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/btn/btn_volleyball.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/css/new_style.css?t=202102051018
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ce4f50ab9a5e2ccb5b2aad9937157f514e27c208312945c1775dffbfc40d2129

Request headers

Referer
https://www.wisetoto.com/css/new_style.css?t=202102051018
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:34 GMT
last-modified
Thu, 10 Oct 2019 00:52:19 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"3e41afe00f29efde42c4202099702424:1570668739.831833"
content-length
2098
content-type
image/png
get_proto_list.htm
www.wisetoto.com/util/gameinfo/ 		322 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wisetoto.com/util/gameinfo/get_proto_list.htm?game_category=pt1&game_year=2021&game_round=17&game_month=&game_day=&game_info_master_seq=23001&sports=&sort=&tab_type=proto
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/js/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
218.232.95.66 , Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
62ce775bb55da9d57f65ff1fedd0c5bc0817f3a9377345d3ae3d1ebf43c7affc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Accept
text/html, */*; q=0.01
Referer
https://www.wisetoto.com/index.htm
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 01:28:35 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains
P3P
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Cache-Control
no-store, no-cache, must-revalidate
Connection
close
Content-Type
application/x-javascript
Content-Length
27300
Expires
Thu, 19 Nov 1981 08:52:00 GMT
adopJ.js
compass.adop.cc/assets/js/adop/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compass.adop.cc/assets/js/adop/adopJ.js?v=14
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.24.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-24-95.fra56.r.cloudfront.net
Software
/
Resource Hash
04b2c3919eab959d0535139f9decd6b513be3d0356379bdb42e7fedc0ac32667

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:24:19 GMT
content-encoding
gzip
last-modified
Wed, 03 Jun 2020 07:46:29 GMT
age
255
etag
W/"5ed75555-d79"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
cache-control
max-age=600
x-amz-cf-pop
FRA56-C2
content-length
1938
x-amz-cf-id
-FRuH0ZTO1_l4y-_OQJXpJ6FQyOYUGPl_bpvXGVvnOpCrYRAsdUYkg==
expires
Tue, 02 Mar 2021 01:34:19 GMT
ico_remote_01.png
storage.wisetoto.com/images/common/icon/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/icon/ico_remote_01.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/css/new_style.css?t=202102051018
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8e9f06d90b20c51f87d537031ba6f7dfa141e0a41b6291120c1160dabaa4d216

Request headers

Referer
https://www.wisetoto.com/css/new_style.css?t=202102051018
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:34 GMT
last-modified
Tue, 12 Nov 2019 04:52:07 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"8a6cb548ee69b415ee37ff79eea6d16f:1573534327.953019"
content-length
1358
content-type
image/png
ico_remote_02.png
storage.wisetoto.com/images/common/icon/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/icon/ico_remote_02.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/css/new_style.css?t=202102051018
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e97b41cba988279e6e91819fe6dfc699444f6d24c33d89ddc8afe33d4418efd5

Request headers

Referer
https://www.wisetoto.com/css/new_style.css?t=202102051018
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:34 GMT
last-modified
Tue, 12 Nov 2019 04:52:08 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"83a9bdc019465d018919e50bac314e36:1573534328.256587"
content-length
1404
content-type
image/png
ico_remote_03.png
storage.wisetoto.com/images/common/icon/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/icon/ico_remote_03.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/css/new_style.css?t=202102051018
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4d3b4e4271812ddd46631b33836f7fa6fa86729caa82fe5cb49e37692e6e041e

Request headers

Referer
https://www.wisetoto.com/css/new_style.css?t=202102051018
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:34 GMT
last-modified
Tue, 12 Nov 2019 04:52:08 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"4a9d92a8e5e0faf747bd4ded91ddda80:1573534328.048421"
content-length
1176
content-type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
317a42efc1584340faafa18fccfa57adc2082c3762f9b230cfe6ab72dcf01593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 01:28:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6483
x-xss-protection
0
2a6ceca7-3c02-45ab-9b03-f320a079fc96
compass.adop.cc/RE/ Frame 2466 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compass.adop.cc/RE/2a6ceca7-3c02-45ab-9b03-f320a079fc96?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=2a6ceca7-3c02-45ab-9b03-f320a079fc96&type=re&loc=https%253A%2F%2Fwww.wisetoto.com%2Findex.htm&rnd=k29&percentage=false&size_width=728&size_height=90&
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.24.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-24-95.fra56.r.cloudfront.net
Software
/
Resource Hash
66e20911a77daab44f50a8e56bea70cdc1555029c59aeea85e0acf3928c2697a

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:34 GMT
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
content-encoding
gzip
content-length
736
x-amz-cf-id
cOcEyOcRw1Uyy9nWNKQ1KWKAPV-rQ7EI8vhGZkqHpIwguh6geCvFDA==
c462ec68-11c6-49d6-a574-894ed2ac3d50
compass.adop.cc/RE/ Frame 3838 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compass.adop.cc/RE/c462ec68-11c6-49d6-a574-894ed2ac3d50?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=c462ec68-11c6-49d6-a574-894ed2ac3d50&type=re&loc=https%253A%2F%2Fwww.wisetoto.com%2Findex.htm&rnd=ew8&percentage=false&size_width=728&size_height=90&
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.24.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-24-95.fra56.r.cloudfront.net
Software
/
Resource Hash
a85c6a13d3b5943ab98dd8802788a2875e6ab0f3ab39b6270f1a18ee0b7d3c5d

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:34 GMT
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
content-encoding
gzip
content-length
2156
x-amz-cf-id
xtfNhT1GMX4W054obN8hITloTvZctWGqecmRtLHfry7eL0LYJBrlKQ==
2e1f8683-9e32-4878-8082-548103929e7e
compass.adop.cc/RE/ Frame 5550 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compass.adop.cc/RE/2e1f8683-9e32-4878-8082-548103929e7e?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=2e1f8683-9e32-4878-8082-548103929e7e&type=re&loc=https%253A%2F%2Fwww.wisetoto.com%2Findex.htm&rnd=b8F&percentage=false&size_width=160&size_height=600&
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.24.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-24-95.fra56.r.cloudfront.net
Software
/
Resource Hash
f1ba3976d67b68e50c96b13b92cf9c032004746ebf667572b1ed489f7c62d17b

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:35 GMT
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
content-encoding
gzip
content-length
2137
x-amz-cf-id
N79DVp9wGoGRDHig-gooR4KGsLUiOgsHjhg0FZVvFTmnCK-u11mVNQ==
65caaa5a-e5ef-4b73-8b03-ed0c50236667
compass.adop.cc/RE/ Frame 1F15 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compass.adop.cc/RE/65caaa5a-e5ef-4b73-8b03-ed0c50236667?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=65caaa5a-e5ef-4b73-8b03-ed0c50236667&type=re&loc=https%253A%2F%2Fwww.wisetoto.com%2Findex.htm&rnd=sSr&percentage=false&size_width=160&size_height=600&
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.24.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-24-95.fra56.r.cloudfront.net
Software
/
Resource Hash
456815a1cae59a2e4b211cb8b991e6941ba6ab731019c400e9b328fdc8151d6a

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:35 GMT
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
content-encoding
gzip
content-length
2148
x-amz-cf-id
o55CV_1H2Ms5ZzGKPPX9SJ5dxOqW0YHzFaKWElvQx8h3Abp_oaaAyA==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 01:28:34 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 9DE8 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wisetoto.com/index.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.wisetoto.com/index.htm

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Mon, 01 Mar 2021 20:13:16 GMT
expires
Tue, 01 Mar 2022 20:13:16 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
18918
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
9RdNy2KfqE70k7Ep5pIJEFWQRxy4C7JCE7EP5OBJOVg.js
pagead2.googlesyndication.com/bg/ Frame 9DE8 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9RdNy2KfqE70k7Ep5pIJEFWQRxy4C7JCE7EP5OBJOVg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
f5174dcb629fa84ef493b129e69209105590471cb80bb24213b10fe4e0493958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 16:20:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
292093
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6189
x-xss-protection
0
expires
Sat, 26 Feb 2022 16:20:21 GMT
adop_sdk_p3.2.1.min.js
adopdmp.adop.cc/ Frame CAA0 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adopdmp.adop.cc/adop_sdk_p3.2.1.min.js
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RE/eea41eb6-8b45-4fc4-8dd1-32f4f0a88c9c?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=eea41eb6-8b45-4fc4-8dd1-32f4f0a88c9c&type=re&loc=https%253A%2F%2F9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&rnd=ScH&percentage=false&size_width=200&size_height=200&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d200:18:69f:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d2c8ea830e583681b95c707f9aa6fe2a6c7ae6c132b7e683fa7b1c20a2d6b69

Request headers

Referer
https://9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Feb 2021 02:00:27 GMT
content-encoding
gzip
last-modified
Tue, 28 Jan 2020 07:27:14 GMT
server
AmazonS3
age
2158088
etag
W/"beb7e40d14c2bdc6a039fcdbe887d780"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
c-DCAL8YBcSIYpE4TsiQ3Q1IpFo2n7hSvm4_rq1x0s1huIzxBPBbBQ==
collect.php
data.adop.cc/ Frame CAA0 		2 B
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.adop.cc/collect.php?log=com_imp&dt=20210302012834&aid=fdb44524-6f52-4556-a996-51bc28d8fb6c&zid=eea41eb6-8b45-4fc4-8dd1-32f4f0a88c9c&r=mVgh
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RE/eea41eb6-8b45-4fc4-8dd1-32f4f0a88c9c?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=eea41eb6-8b45-4fc4-8dd1-32f4f0a88c9c&type=re&loc=https%253A%2F%2F9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&rnd=ScH&percentage=false&size_width=200&size_height=200&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.124.92.103 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-124-92-103.ap-northeast-2.compute.amazonaws.com
Software
/
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
https://9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
2
gen_204
pagead2.googlesyndication.com/pagead/ 		0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022501&jk=2820241412743721&bg=!tLelt_TNAAXB_3NtwTsAKQB2-DxaBKg-PQysd7r4QoDBlO2n6wLI-TfnSZkV5tcl0llkg_qnWQKtAgAAAF5SAAAADmgBBwoAguTWcPHsFF1Z3dxJ3j24wJKKKumS6b2lp-OdfqQX6YtonSiR2hxwTrBSUXDx2fUi67TH-wm-FMAX_izVVCl5hn_gwHGxCq5VSigrtoq7x5AaZb9lxvLQlbr6MAWce26AbTuLxfwamGAjU11ZoheHuVJRleQqPvUcdPxNNQpeJKupgQuZAcvBQBFKn3U3jt3M9gaTggDFhTAubbAAKNVU9fQH0JdXuQRTHeyLkfJpw8xrsmpTEPNXb8Ht7-tUA9IraBINVZEW2MpSoVodQgVlcF-Aq-jadSbvBbrR9oW4LJU4zZoYgM9psdn-lxnjb2BwJ_35dk0mmzBBxhMtdl_jVca5ZUM18KJcBbrvKu-dSZZ32PuFI_U3HH8LnibkZWJFWGzc-g34aoijDnCg4eZXIHBLoMgP5KrWDvZM0r7jzriAekvZCajGimBh1j6zZqQovum2N4cxyZ6vY7rnEqD9FFDtGi1WeAouKF9L49qQQAAJ_UR_BHbS5Y4SRRLf_YtmRTAyeHsPv5Q2vjgDJAZmyUCT0kaoumPdARpWjRB-4l-KNBjTFjiNrwJPAVx47IY3Rn_nvGS6zzNZaYAdNiVI_hLOR9I3usmhgpsDIOAKDKTB1rCJwovVRGpi6MXgfwzsDhTqHj2vkqCaGfCWzioZfrsJUTcAhZwWjQNTPpNXN3AOGh1dCwEgASUxKkQxkRhjwHrmSPEQ-8J7ch7h-S0j6msf6uaCYTRg26h_OOUxypu97PENwUCYHVAs5r7tdraESJ6WjS0XI8tDjGyqqDR6kzE
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 01:28:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adop_sdk_p3.2.1.min.js
adopdmp.adop.cc/ Frame 2466 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adopdmp.adop.cc/adop_sdk_p3.2.1.min.js
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RE/2a6ceca7-3c02-45ab-9b03-f320a079fc96?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=2a6ceca7-3c02-45ab-9b03-f320a079fc96&type=re&loc=https%253A%2F%2Fwww.wisetoto.com%2Findex.htm&rnd=k29&percentage=false&size_width=728&size_height=90&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d200:18:69f:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d2c8ea830e583681b95c707f9aa6fe2a6c7ae6c132b7e683fa7b1c20a2d6b69

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Feb 2021 02:00:27 GMT
content-encoding
gzip
last-modified
Tue, 28 Jan 2020 07:27:14 GMT
server
AmazonS3
age
2158088
etag
W/"beb7e40d14c2bdc6a039fcdbe887d780"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
_mT6_QC28CcVbuJP8D3KP7Ja132r3H4dThrVQjsCLNsTYqXTLgtN3g==
collect.php
data.adop.cc/ Frame 2466 		2 B
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.adop.cc/collect.php?log=com_imp&dt=20210302012834&aid=43043059-bcfa-4840-bf2d-c56211acba69&zid=2a6ceca7-3c02-45ab-9b03-f320a079fc96&r=2iKR
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RE/2a6ceca7-3c02-45ab-9b03-f320a079fc96?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=2a6ceca7-3c02-45ab-9b03-f320a079fc96&type=re&loc=https%253A%2F%2Fwww.wisetoto.com%2Findex.htm&rnd=k29&percentage=false&size_width=728&size_height=90&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.124.92.103 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-124-92-103.ap-northeast-2.compute.amazonaws.com
Software
/
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
2
glade.js
securepubads.g.doubleclick.net/static/ Frame 2466 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/glade.js
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RE/2a6ceca7-3c02-45ab-9b03-f320a079fc96?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=2a6ceca7-3c02-45ab-9b03-f320a079fc96&type=re&loc=https%253A%2F%2Fwww.wisetoto.com%2Findex.htm&rnd=k29&percentage=false&size_width=728&size_height=90&
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
4a2931a81f657d619f479e947b37945388b663b7833c59d5fb577f9ff7aa07fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1533569005437780"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=1800, stale-while-revalidate=3600
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12446
x-xss-protection
0
expires
Tue, 02 Mar 2021 01:28:34 GMT
adop_sdk_p3.2.1.min.js
adopdmp.adop.cc/ Frame 3838 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adopdmp.adop.cc/adop_sdk_p3.2.1.min.js
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RE/c462ec68-11c6-49d6-a574-894ed2ac3d50?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=c462ec68-11c6-49d6-a574-894ed2ac3d50&type=re&loc=https%253A%2F%2Fwww.wisetoto.com%2Findex.htm&rnd=ew8&percentage=false&size_width=728&size_height=90&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d200:18:69f:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d2c8ea830e583681b95c707f9aa6fe2a6c7ae6c132b7e683fa7b1c20a2d6b69

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Feb 2021 02:00:27 GMT
content-encoding
gzip
last-modified
Tue, 28 Jan 2020 07:27:14 GMT
server
AmazonS3
age
2158088
etag
W/"beb7e40d14c2bdc6a039fcdbe887d780"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
haWeOnQxTpsSWtjzZqlrF2GyCi2_KI2KZhmxIpQ5FtvSjq4KRlQ-zg==
collect.php
data.adop.cc/ Frame 3838 		2 B
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.adop.cc/collect.php?log=com_imp&dt=20210302012834&aid=9193a742-b9dc-4322-a991-20e7b4b212c9&zid=c462ec68-11c6-49d6-a574-894ed2ac3d50&r=YFEU
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RE/c462ec68-11c6-49d6-a574-894ed2ac3d50?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=c462ec68-11c6-49d6-a574-894ed2ac3d50&type=re&loc=https%253A%2F%2Fwww.wisetoto.com%2Findex.htm&rnd=ew8&percentage=false&size_width=728&size_height=90&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.124.92.103 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-124-92-103.ap-northeast-2.compute.amazonaws.com
Software
/
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
2
gpt.js
www.googletagservices.com/tag/js/ Frame 3838 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RE/c462ec68-11c6-49d6-a574-894ed2ac3d50?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=c462ec68-11c6-49d6-a574-894ed2ac3d50&type=re&loc=https%253A%2F%2Fwww.wisetoto.com%2Findex.htm&rnd=ew8&percentage=false&size_width=728&size_height=90&
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f191e4bcef8e8544a41ff1cdd7d7c1e1cbe85cf94e9bde7d337415d35ebdbfc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"799 / 413 of 1000 / last-modified: 1614640338"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19330
x-xss-protection
0
expires
Tue, 02 Mar 2021 01:28:34 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5CEA 		42 B
124 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhH3CZT_c_6GFyraaWuWFGjd6of3HMKqEKJ_bvtOkS8M9B-TBUxRtc72fy15kab-5evU6FjX83t0RcItzo3yPr8ebCwrNbc3r6ljq1Jfc&sig=Cg0ArKJSzLUJRuqjlsF1EAE&id=osdim&mcvt=1002&p=775,300,975,500&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210301&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=2484781182&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1614648513793&dlt=34&rpt=153&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 01:28:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set adBanner
www.mediacategory.com/servlet/ Frame 3304 		226 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?from=&s=142614&iwh=200_200&igb=74&passbackUrl=%252F%252Fcompass.adop.cc%252FRD%252F26c6be0c-5c18-4eea-9115-239e3ddc3d67&cntsr=1&cntad=1
Requested by
Host: 9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com
URL: https://9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
89278d24ecb73699a35f9e7de67c3e4f80a91cbcf1dc6fd999dfbbda66ad1323

Request headers

Host
www.mediacategory.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

Pragma
no-cache
Cache-Control
no-cache
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Set-Cookie
Start_Time="2021030210"; Domain=.mediacategory.com; Max-Age=63072000; SameSite=None; Secure; Path=/ s_IP_info="82.102.19.136.442017"; Domain=.mediacategory.com; Max-Age=63072000; SameSite=None; Secure; Path=/ s_au_id="9fc1acd7a478c5d61f9a273177f0859fe4-307d"; Domain=.mediacategory.com; Max-Age=63072000; SameSite=None; Secure; Path=/ s_au_id="9fc1acd7a478c5d61f9a273177f0859fe4-307d"; Domain=.mediacategory.com; Max-Age=63072000; SameSite=None; Secure; Path=/ iDev="(1614648291017)IP_info^82.102.19.136.442017#"; Domain=.mediacategory.com; Max-Age=62208000; SameSite=None; Secure; Path=/
Content-Type
text/html;charset=euc-kr
Content-Length
226
Date
Tue, 02 Mar 2021 01:24:50 GMT
Keep-Alive
timeout=5
Connection
keep-alive
collect.php
data.adop.cc/ Frame CAA0 		2 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adop.cc/collect.php?data=eyJkdCI6IjIwMjEwMzAyMDEyODM0IiwiY3RyeSI6IlBUIiwiYWNpZCI6IlBULTIxMDMwMjAxMjgzNC0xM2I3ZjA3MmI2OTU0ZmZkIiwibmV0IjoiTW9ib24iLCJ3Z3QiOiIxMDAiLCJvcmQiOiIxLzUiLCJ6aWQiOiJlZWE0MWViNi04YjQ1LTRmYzQtOGRkMS0zMmY0ZjBhODhjOWMiLCJ1YSI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImJyb3ciOiJDaHJvbWUiLCJkZXYiOiJkZXNrdG9wIiwib3MiOiJNYWMgT1MiLCJpcCI6IjgyLjEwMi4xOS4xMzYiLCJmbG9jIjoiaHR0cHMlM0ElMkYlMkY5YTg5ZTJmMDM2ZGRhMWJlODFkMGEwNzVkNDU1M2MwMS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tJTJGc2FmZWZyYW1lJTJGMS0wLTM3JTJGaHRtbCUyRmNvbnRhaW5lci5odG1sIiwiY2R0IjoiMjEwMzAyMDEyODM0IiwiZGlyIjoidiIsInciOiIyMDAiLCJoIjoiMjAwIiwibGFuZyI6ImVuLXVzIiwic2NyIjoiMTYwMHgxMjAwIiwidnAiOiIyMDB4MjAwIiwicGF0aCI6Ii9zYWZlZnJhbWUvMS0wLTM3L2h0bWwvY29udGFpbmVyLmh0bWwiLCJ0cCI6InJlIiwicmVmIjoiIiwidGl0bGUiOiIiLCJwbCI6IkxpbnV4IHg4Nl82NCIsIndkIjoiWSIsInBiIjoiTiIsInB0IjoiaHR0cHMiLCJsb2ciOiJiYXNpYyJ9
Requested by
Host: 9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com
URL: https://9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.124.92.103 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-124-92-103.ap-northeast-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
2
collect.php
data.adop.cc/ Frame 2466 		2 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adop.cc/collect.php?data=eyJkdCI6IjIwMjEwMzAyMDEyODM0IiwiY3RyeSI6IlBUIiwiYWNpZCI6IlBULTIxMDMwMjAxMjgzNC0wOGE4NzU1Y2EwOTQ0Nzk4IiwibmV0IjoiQ3VzdG9taXplZCBUYWcoMSkiLCJ3Z3QiOiIxMDAiLCJvcmQiOiIxLzkiLCJ6aWQiOiIyYTZjZWNhNy0zYzAyLTQ1YWItOWIwMy1mMzIwYTA3OWZjOTYiLCJ1YSI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImJyb3ciOiJDaHJvbWUiLCJkZXYiOiJkZXNrdG9wIiwib3MiOiJNYWMgT1MiLCJpcCI6IjgyLjEwMi4xOS4xMzYiLCJmbG9jIjoiaHR0cHM6Ly93d3cud2lzZXRvdG8uY29tL2luZGV4Lmh0bSIsImNkdCI6IjIxMDMwMjAxMjgzNCIsImRpciI6InYiLCJ3IjoiNzI4IiwiaCI6IjkwIiwibGFuZyI6ImVuLXVzIiwic2NyIjoiMTYwMHgxMjAwIiwidnAiOiI3Mjh4OTAiLCJwYXRoIjoiL2luZGV4Lmh0bSIsInRwIjoicmUiLCJyZWYiOiIiLCJ0aXRsZSI6IiVFQyU5OSU4MCVFQyU5RCVCNCVFQyVBNiU4OCVFRCU4NiVBMCVFRCU4NiVBMCIsInBsIjoiTGludXggeDg2XzY0Iiwid2QiOiJZIiwicGIiOiJOIiwicHQiOiJodHRwcyIsImxvZyI6ImJhc2ljIn0%3D
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.124.92.103 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-124-92-103.ap-northeast-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
2
integrator.js
adservice.google.be/adsid/ Frame 2466 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=www.wisetoto.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/static/glade.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 01:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2466 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.wisetoto.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/static/glade.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 01:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame C272 		30 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&glade_req=1&glv=36&dt=1614648515319&output=html&iu=%2F24649423%2Fwisetoto_top_728x90-section&sz=728x90&guci=1.2.0.0.2.2.0&sfv=1-0-29&correlator=1647912532289623&adk=3146298844&biw=1600&bih=1200&adx=560&ady=353&oid=3&u_sd=1&ifi=1&vis=1&nhd=1&url=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm&top=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/static/glade.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
2727d5f32131dadf23ee50bec3977677e6367b9e01cd2154cb7a40aacb411108
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
securepubads.g.doubleclick.net
:scheme
https
:path
/gampad/ads?gdfp_req=1&glade_req=1&glv=36&dt=1614648515319&output=html&iu=%2F24649423%2Fwisetoto_top_728x90-section&sz=728x90&guci=1.2.0.0.2.2.0&sfv=1-0-29&correlator=1647912532289623&adk=3146298844&biw=1600&bih=1200&adx=560&ady=353&oid=3&u_sd=1&ifi=1&vis=1&nhd=1&url=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm&top=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wisetoto.com/index.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmVT5anCblAss2x9oU5uzyfKwXtEBBrIqQwO14HdWqIdIEjcGolX0dGW8q6h1M
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.wisetoto.com/index.htm

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
google-lineitem-id
5314730360
google-creative-id
138310765200
google-mediationgroup-id
-2
google-mediationtag-id
-2
date
Tue, 02 Mar 2021 01:28:35 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
server
cafe
content-length
10907
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adop_sdk_p3.2.1.min.js
adopdmp.adop.cc/ Frame 5550 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adopdmp.adop.cc/adop_sdk_p3.2.1.min.js
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RE/2e1f8683-9e32-4878-8082-548103929e7e?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=2e1f8683-9e32-4878-8082-548103929e7e&type=re&loc=https%253A%2F%2Fwww.wisetoto.com%2Findex.htm&rnd=b8F&percentage=false&size_width=160&size_height=600&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d200:18:69f:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d2c8ea830e583681b95c707f9aa6fe2a6c7ae6c132b7e683fa7b1c20a2d6b69

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Feb 2021 02:00:27 GMT
content-encoding
gzip
last-modified
Tue, 28 Jan 2020 07:27:14 GMT
server
AmazonS3
age
2158089
etag
W/"beb7e40d14c2bdc6a039fcdbe887d780"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
kUEZL9n1w1B2qweI8zW4wDGON3k1LxMdZ8qUBQZiuvMjfbLNy4T5ZQ==
collect.php
data.adop.cc/ Frame 5550 		2 B
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.adop.cc/collect.php?log=com_imp&dt=20210302012835&aid=4acb1acd-8fff-43c2-8900-f8c3a8a758e8&zid=2e1f8683-9e32-4878-8082-548103929e7e&r=CUKG
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RE/2e1f8683-9e32-4878-8082-548103929e7e?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=2e1f8683-9e32-4878-8082-548103929e7e&type=re&loc=https%253A%2F%2Fwww.wisetoto.com%2Findex.htm&rnd=b8F&percentage=false&size_width=160&size_height=600&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.124.92.103 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-124-92-103.ap-northeast-2.compute.amazonaws.com
Software
/
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
2
gpt.js
www.googletagservices.com/tag/js/ Frame 5550 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RE/2e1f8683-9e32-4878-8082-548103929e7e?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=2e1f8683-9e32-4878-8082-548103929e7e&type=re&loc=https%253A%2F%2Fwww.wisetoto.com%2Findex.htm&rnd=b8F&percentage=false&size_width=160&size_height=600&
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f191e4bcef8e8544a41ff1cdd7d7c1e1cbe85cf94e9bde7d337415d35ebdbfc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"799 / 166 of 1000 / last-modified: 1614640338"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19330
x-xss-protection
0
expires
Tue, 02 Mar 2021 01:28:35 GMT
extra_36.js
securepubads.g.doubleclick.net/static/glade/ Frame 2466 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/glade/extra_36.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/static/glade.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
109367238429c8fc53a824c10ea641b995d4d126422b626019ded05a3fc5a854
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 14:26:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
471723
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3044
x-xss-protection
0
last-modified
Mon, 06 Aug 2018 15:21:22 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Feb 2022 14:26:32 GMT
2557862145330248527
tpc.googlesyndication.com/simgad/ Frame C272 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2557862145330248527
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&glade_req=1&glv=36&dt=1614648515319&output=html&iu=%2F24649423%2Fwisetoto_top_728x90-section&sz=728x90&guci=1.2.0.0.2.2.0&sfv=1-0-29&correlator=1647912532289623&adk=3146298844&biw=1600&bih=1200&adx=560&ady=353&oid=3&u_sd=1&ifi=1&vis=1&nhd=1&url=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm&top=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83d8f221308545e80794badd94050201c49a0850b3e6d1e64a90d2662a7edafc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&glade_req=1&glv=36&dt=1614648515319&output=html&iu=%2F24649423%2Fwisetoto_top_728x90-section&sz=728x90&guci=1.2.0.0.2.2.0&sfv=1-0-29&correlator=1647912532289623&adk=3146298844&biw=1600&bih=1200&adx=560&ady=353&oid=3&u_sd=1&ifi=1&vis=1&nhd=1&url=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm&top=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 09:35:40 GMT
x-content-type-options
nosniff
age
57175
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81641
x-xss-protection
0
last-modified
Mon, 15 Feb 2021 07:37:35 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Mar 2022 09:35:40 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame C272 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&glade_req=1&glv=36&dt=1614648515319&output=html&iu=%2F24649423%2Fwisetoto_top_728x90-section&sz=728x90&guci=1.2.0.0.2.2.0&sfv=1-0-29&correlator=1647912532289623&adk=3146298844&biw=1600&bih=1200&adx=560&ady=353&oid=3&u_sd=1&ifi=1&vis=1&nhd=1&url=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm&top=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&glade_req=1&glv=36&dt=1614648515319&output=html&iu=%2F24649423%2Fwisetoto_top_728x90-section&sz=728x90&guci=1.2.0.0.2.2.0&sfv=1-0-29&correlator=1647912532289623&adk=3146298844&biw=1600&bih=1200&adx=560&ady=353&oid=3&u_sd=1&ifi=1&vis=1&nhd=1&url=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm&top=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 00:39:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2920
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
18079855114753437313
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 00:39:55 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame C272 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&glade_req=1&glv=36&dt=1614648515319&output=html&iu=%2F24649423%2Fwisetoto_top_728x90-section&sz=728x90&guci=1.2.0.0.2.2.0&sfv=1-0-29&correlator=1647912532289623&adk=3146298844&biw=1600&bih=1200&adx=560&ady=353&oid=3&u_sd=1&ifi=1&vis=1&nhd=1&url=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm&top=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&glade_req=1&glv=36&dt=1614648515319&output=html&iu=%2F24649423%2Fwisetoto_top_728x90-section&sz=728x90&guci=1.2.0.0.2.2.0&sfv=1-0-29&correlator=1647912532289623&adk=3146298844&biw=1600&bih=1200&adx=560&ady=353&oid=3&u_sd=1&ifi=1&vis=1&nhd=1&url=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm&top=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:27:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 01:27:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C272 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&glade_req=1&glv=36&dt=1614648515319&output=html&iu=%2F24649423%2Fwisetoto_top_728x90-section&sz=728x90&guci=1.2.0.0.2.2.0&sfv=1-0-29&correlator=1647912532289623&adk=3146298844&biw=1600&bih=1200&adx=560&ady=353&oid=3&u_sd=1&ifi=1&vis=1&nhd=1&url=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm&top=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&glade_req=1&glv=36&dt=1614648515319&output=html&iu=%2F24649423%2Fwisetoto_top_728x90-section&sz=728x90&guci=1.2.0.0.2.2.0&sfv=1-0-29&correlator=1647912532289623&adk=3146298844&biw=1600&bih=1200&adx=560&ady=353&oid=3&u_sd=1&ifi=1&vis=1&nhd=1&url=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm&top=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 01:28:35 GMT
l
www.google.com/ads/measurement/ Frame C272 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR04rVNwgOJDeCK5LDEJzqRdPl9gRzaMuLrwVQqV0dwoHhge7puQTlDUIds1FEbe1fc5djdtuKaM52luc2Q2PenssnSbQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&glade_req=1&glv=36&dt=1614648515319&output=html&iu=%2F24649423%2Fwisetoto_top_728x90-section&sz=728x90&guci=1.2.0.0.2.2.0&sfv=1-0-29&correlator=1647912532289623&adk=3146298844&biw=1600&bih=1200&adx=560&ady=353&oid=3&u_sd=1&ifi=1&vis=1&nhd=1&url=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm&top=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&glade_req=1&glv=36&dt=1614648515319&output=html&iu=%2F24649423%2Fwisetoto_top_728x90-section&sz=728x90&guci=1.2.0.0.2.2.0&sfv=1-0-29&correlator=1647912532289623&adk=3146298844&biw=1600&bih=1200&adx=560&ady=353&oid=3&u_sd=1&ifi=1&vis=1&nhd=1&url=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm&top=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame C272 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHMbshtDS_QoeSGnMX4doRGbgb7I5K0-5Q9Qkk52i-wB-9rQnbF_n1wChP_uC6krJxOJKjis5K_dIzpkzV1-ai4LcOFgA3uASOEym9nS9pozIc-_Gl-MsvaOsBnG6nzhYTWv8blKdUqJgRdNWOpAp4tCoBZIT-DvbpF2h1FcOz8k0iaNWUb71tYGDM_rdn66Kb_Qg6MFRJv3L69zYZeOPOfnNR8aGmxsHwm0cKl2WBt6qZHbvDq05nbaeapKxKaeOd7UciWazwnwe_jgKvJlNHLrNy_7tzG2VByEjosxoM36YR0wIVbhpsdD2SuY_HtmvNkA0i5A&sig=Cg0ArKJSzFl-W3BkoBXFEAE&adurl=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&glade_req=1&glv=36&dt=1614648515319&output=html&iu=%2F24649423%2Fwisetoto_top_728x90-section&sz=728x90&guci=1.2.0.0.2.2.0&sfv=1-0-29&correlator=1647912532289623&adk=3146298844&biw=1600&bih=1200&adx=560&ady=353&oid=3&u_sd=1&ifi=1&vis=1&nhd=1&url=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm&top=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&glade_req=1&glv=36&dt=1614648515319&output=html&iu=%2F24649423%2Fwisetoto_top_728x90-section&sz=728x90&guci=1.2.0.0.2.2.0&sfv=1-0-29&correlator=1647912532289623&adk=3146298844&biw=1600&bih=1200&adx=560&ady=353&oid=3&u_sd=1&ifi=1&vis=1&nhd=1&url=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm&top=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 01:28:35 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
osd.js
pagead2.googlesyndication.com/pagead/ Frame 2466 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/static/glade.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
3862ea13abd792dc0bc619353fef95fe64efd596a73cffc8d3f2ebdecc48ba75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:02:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1592
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28279
x-xss-protection
0
server
cafe
etag
9274508691404552162
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 02:02:03 GMT
truncated
/ Frame C272 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c76bd2a19963b97329aa03e110461355d48cd6220625c6369b1ce5e57c5f3898

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame C272 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssR3c_sjoNK614RvwXIT3MWhNVBML46bAQEvuO_hxyYbsQ7SsnY0Fti6YXIVtHoaoS63u6Z-755_J1ZodYd_UAv_5RI7Q5yqgX_I7_ClSWAfs6ejj38twts1JPK2fSa1xaGlm2lTb1qtqy4TUoHbF-g92WyE_lFtMkAQvqIgI3bJE4kxTrPwJ7Q5hw0-hx_PKT7PpnzMOV-bL8tp-S7eBZS49P3eo9rWDuVHzBS6u33Krh0NY7d7Vzeg1QjtEyThakkkulYREMTak6VHHmA-HA9qdbu3KdNQfZqCjCUoyxbfFUjwFWxJaUAL5176sOMXOj4PSerKpGX&sig=Cg0ArKJSzA9UANWUpaaKEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&glade_req=1&glv=36&dt=1614648515319&output=html&iu=%2F24649423%2Fwisetoto_top_728x90-section&sz=728x90&guci=1.2.0.0.2.2.0&sfv=1-0-29&correlator=1647912532289623&adk=3146298844&biw=1600&bih=1200&adx=560&ady=353&oid=3&u_sd=1&ifi=1&vis=1&nhd=1&url=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm&top=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 01:28:35 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adop_sdk_p3.2.1.min.js
adopdmp.adop.cc/ Frame 1F15 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adopdmp.adop.cc/adop_sdk_p3.2.1.min.js
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RE/65caaa5a-e5ef-4b73-8b03-ed0c50236667?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=65caaa5a-e5ef-4b73-8b03-ed0c50236667&type=re&loc=https%253A%2F%2Fwww.wisetoto.com%2Findex.htm&rnd=sSr&percentage=false&size_width=160&size_height=600&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d200:18:69f:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d2c8ea830e583681b95c707f9aa6fe2a6c7ae6c132b7e683fa7b1c20a2d6b69

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Feb 2021 02:00:27 GMT
content-encoding
gzip
last-modified
Tue, 28 Jan 2020 07:27:14 GMT
server
AmazonS3
age
2158089
etag
W/"beb7e40d14c2bdc6a039fcdbe887d780"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
XBuhWbaquU5c-FRidfKDSWQIRol5HYhDKjcl3LZwF4vL9a1v_WQuRw==
collect.php
data.adop.cc/ Frame 1F15 		2 B
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.adop.cc/collect.php?log=com_imp&dt=20210302012835&aid=55468a08-90a4-438c-8c38-68e14979eb81&zid=65caaa5a-e5ef-4b73-8b03-ed0c50236667&r=iTpF
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RE/65caaa5a-e5ef-4b73-8b03-ed0c50236667?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=65caaa5a-e5ef-4b73-8b03-ed0c50236667&type=re&loc=https%253A%2F%2Fwww.wisetoto.com%2Findex.htm&rnd=sSr&percentage=false&size_width=160&size_height=600&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.124.92.103 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-124-92-103.ap-northeast-2.compute.amazonaws.com
Software
/
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
2
gpt.js
www.googletagservices.com/tag/js/ Frame 1F15 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RE/65caaa5a-e5ef-4b73-8b03-ed0c50236667?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=65caaa5a-e5ef-4b73-8b03-ed0c50236667&type=re&loc=https%253A%2F%2Fwww.wisetoto.com%2Findex.htm&rnd=sSr&percentage=false&size_width=160&size_height=600&
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f191e4bcef8e8544a41ff1cdd7d7c1e1cbe85cf94e9bde7d337415d35ebdbfc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"799 / 212 of 1000 / last-modified: 1614640338"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19330
x-xss-protection
0
expires
Tue, 02 Mar 2021 01:28:35 GMT
collect.php
data.adop.cc/ Frame 3838 		2 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adop.cc/collect.php?data=eyJkdCI6IjIwMjEwMzAyMDEyODM0IiwiY3RyeSI6IlBUIiwiYWNpZCI6IlBULTIxMDMwMjAxMjgzNC1hZWU0ZWJiNWY2NzM0MmNjIiwibmV0IjoiR29vZ2xlIEFkIE1hbmFnZXIiLCJ3Z3QiOiIxMDAiLCJvcmQiOiI1OTk2Lzc3ODIiLCJ6aWQiOiJjNDYyZWM2OC0xMWM2LTQ5ZDYtYTU3NC04OTRlZDJhYzNkNTAiLCJ1YSI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImJyb3ciOiJDaHJvbWUiLCJkZXYiOiJkZXNrdG9wIiwib3MiOiJNYWMgT1MiLCJpcCI6IjgyLjEwMi4xOS4xMzYiLCJmbG9jIjoiaHR0cHM6Ly93d3cud2lzZXRvdG8uY29tL2luZGV4Lmh0bSIsImNkdCI6IjIxMDMwMjAxMjgzNCIsIndkIjoiWSIsInBiIjoiTiIsInB0IjoiaHR0cHMiLCJsb2ciOiJiYXNpYyJ9
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.124.92.103 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-124-92-103.ap-northeast-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
2
pubads_impl_2021022501.js
securepubads.g.doubleclick.net/gpt/ Frame 3838 		287 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 09:38:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103137
x-xss-protection
0
expires
Tue, 02 Mar 2021 01:28:35 GMT
text_win.jpg
storage.wisetoto.com/images/common/icon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/icon/text_win.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8a76967eb1cbb555a27ba25097abbaedfe8bfa8ee61b96034aa5c402e7459a44

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:35 GMT
last-modified
Thu, 10 Oct 2019 01:16:11 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"031f9994d6a28b9dd15c746fc4ff8ad0:1570670171.551637"
content-length
1546
content-type
image/jpeg
text_draw.jpg
storage.wisetoto.com/images/common/icon/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/icon/text_draw.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b35c686f0cd2e5e63e8e07983dfba1d8093ae3bf33e71335584d309101f098c9

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:35 GMT
last-modified
Thu, 10 Oct 2019 01:16:10 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"fbbd69195d442e3648e2efc9f631b002:1570670170.924199"
content-length
1329
content-type
image/jpeg
text_defeat.jpg
storage.wisetoto.com/images/common/icon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/icon/text_defeat.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f8e36c8804b285ff2bc99c2862f57334d1fa0c2e86eb742e197d657e9bb6be9d

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:35 GMT
last-modified
Thu, 10 Oct 2019 01:16:11 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"4bfea4d3e5619579dc5af0eb9f4fc270:1570670171.081895"
content-length
1540
content-type
image/jpeg
ico_sort01.gif
storage.wisetoto.com/images/common/icon/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/icon/ico_sort01.gif
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/css/new_style.css?t=202102051018
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b31df39f474fc770573cff8de1259b0cc5ee4257b1cb80276163cba5a049f4e4

Request headers

Referer
https://www.wisetoto.com/css/new_style.css?t=202102051018
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:35 GMT
last-modified
Thu, 10 Oct 2019 01:09:52 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"eb3de974c79016d81cb9d59e822e9647:1570669792.135135"
content-length
1120
content-type
image/gif
status_200113.png
storage.wisetoto.com/images/common/bg/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.wisetoto.com/images/common/bg/status_200113.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/css/new_gameinfo.css?t=202001131535
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a4723650467757b03dfc0bea9f6d77ad64c790a10d3cf449d81f264a591d3287

Request headers

Referer
https://www.wisetoto.com/css/new_gameinfo.css?t=202001131535
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:35 GMT
last-modified
Mon, 13 Jan 2020 06:12:52 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"97a6b2cee28bb65028a30af4bb1e739b:1578895972.366344"
content-length
6380
content-type
image/png
integrator.js
adservice.google.de/adsid/ Frame 3838 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.wisetoto.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 01:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3838 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.wisetoto.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 01:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3838 		50 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1664104336352890&correlator=2066954287584422&output=ldjh&impl=fifs&eid=21068602%2C21069724%2C31060237&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=5932629%2Cca-pub-1474238860523410-tag%2Cwisetoto_bottom_728x90-section_200630&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&eri=4&cookie=ID%3D29cc0afdd943151a-2227e79da0ba0089%3AT%3D1614648513%3AS%3DALNI_MZvsfb1Gnx6YDw2v425HzZIhU1qGQ&cdm=www.wisetoto.com&bc=31&abxe=1&dt=1614648515832&dlt=1614648514590&idt=1236&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=560&adys=9398&adks=1816936229&ucis=4977onp9vqkh&ifi=1&ifk=962497531&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=www.wisetoto.com&loc=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm&top=www.wisetoto.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=1094087174.1614648511&ga_sid=1614648516&ga_hid=1218061151&ga_fc=true&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
efe9b266f0360dea874bb85ee0a50b69f3d7d0d515fb9e070a441c9df722ecd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12034
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wisetoto.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
dd18c4e0fb22384b2ffffdd4883333b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 3838 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dd18c4e0fb22384b2ffffdd4883333b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 3838 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
collect.php
data.adop.cc/ Frame 5550 		2 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adop.cc/collect.php?data=eyJkdCI6IjIwMjEwMzAyMDEyODM1IiwiY3RyeSI6IlBUIiwiYWNpZCI6IlBULTIxMDMwMjAxMjgzNS0xMGNkZjk4ZTVhYjc0NDQ0IiwibmV0IjoiR29vZ2xlIEFkIE1hbmFnZXIiLCJ3Z3QiOiIxMDAiLCJvcmQiOiIxNDQxLzc3ODIiLCJ6aWQiOiIyZTFmODY4My05ZTMyLTQ4NzgtODA4Mi01NDgxMDM5MjllN2UiLCJ1YSI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImJyb3ciOiJDaHJvbWUiLCJkZXYiOiJkZXNrdG9wIiwib3MiOiJNYWMgT1MiLCJpcCI6IjgyLjEwMi4xOS4xMzYiLCJmbG9jIjoiaHR0cHM6Ly93d3cud2lzZXRvdG8uY29tL2luZGV4Lmh0bSIsImNkdCI6IjIxMDMwMjAxMjgzNSIsIndkIjoiWSIsInBiIjoiTiIsInB0IjoiaHR0cHMiLCJsb2ciOiJiYXNpYyJ9
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.124.92.103 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-124-92-103.ap-northeast-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
2
pubads_impl_2021022501.js
securepubads.g.doubleclick.net/gpt/ Frame 5550 		287 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 09:38:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103137
x-xss-protection
0
expires
Tue, 02 Mar 2021 01:28:35 GMT
collect.php
data.adop.cc/ Frame 1F15 		2 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adop.cc/collect.php?data=eyJkdCI6IjIwMjEwMzAyMDEyODM1IiwiY3RyeSI6IlBUIiwiYWNpZCI6IlBULTIxMDMwMjAxMjgzNS1jZWYxYTFhNDQxMzM0M2U2IiwibmV0IjoiR29vZ2xlIEFkIE1hbmFnZXIiLCJ3Z3QiOiIxMDAiLCJvcmQiOiIxLzExIiwiemlkIjoiNjVjYWFhNWEtZTVlZi00YjczLThiMDMtZWQwYzUwMjM2NjY3IiwidWEiOiJNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzYiLCJicm93IjoiQ2hyb21lIiwiZGV2IjoiZGVza3RvcCIsIm9zIjoiTWFjIE9TIiwiaXAiOiI4Mi4xMDIuMTkuMTM2IiwiZmxvYyI6Imh0dHBzOi8vd3d3Lndpc2V0b3RvLmNvbS9pbmRleC5odG0iLCJjZHQiOiIyMTAzMDIwMTI4MzUiLCJkaXIiOiJ2IiwidyI6IjE2MCIsImgiOiI2MDAiLCJsYW5nIjoiZW4tdXMiLCJzY3IiOiIxNjAweDEyMDAiLCJ2cCI6IjE2MHg2MDAiLCJwYXRoIjoiL2luZGV4Lmh0bSIsInRwIjoicmUiLCJyZWYiOiIiLCJ0aXRsZSI6IiVFQyU5OSU4MCVFQyU5RCVCNCVFQyVBNiU4OCVFRCU4NiVBMCVFRCU4NiVBMCIsInBsIjoiTGludXggeDg2XzY0Iiwid2QiOiJZIiwicGIiOiJOIiwicHQiOiJodHRwcyIsImxvZyI6ImJhc2ljIn0%3D
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.124.92.103 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-124-92-103.ap-northeast-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
2
pubads_impl_2021022501.js
securepubads.g.doubleclick.net/gpt/ Frame 1F15 		287 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 09:38:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103137
x-xss-protection
0
expires
Tue, 02 Mar 2021 01:28:35 GMT
integrator.js
adservice.google.de/adsid/ Frame 5550 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.wisetoto.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 01:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5550 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.wisetoto.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 01:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5550 		83 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2848983803638430&correlator=3578933396350415&output=ldjh&impl=fifs&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=5932629%2Cca-pub-1474238860523410-tag%2C6024017604&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&eri=4&cookie=ID%3D29cc0afdd943151a-2227e79da0ba0089%3AT%3D1614648513%3AS%3DALNI_MZvsfb1Gnx6YDw2v425HzZIhU1qGQ&cdm=www.wisetoto.com&bc=31&abxe=1&dt=1614648515915&dlt=1614648514593&idt=1316&ea=0&frm=23&biw=1600&bih=1200&isw=160&ish=600&oid=3&adxs=116&adys=251&adks=1120376242&ucis=j37qf4a13aot&ifi=1&ifk=3504648039&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=www.wisetoto.com&loc=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm&top=www.wisetoto.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x600&msz=160x600&ga_vid=1094087174.1614648511&ga_sid=1614648516&ga_hid=623580285&ga_fc=true&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
8a3fb8ea7e82ae6f3f8c53cdb607cce3e2ae57be9ac71548928c7c108e8a0b51
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17421208517328964755/160x600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17421208517328964755/160x600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COyP7Lm6kO8CFcEIiwodO_kC6Q&gqi=&layout=/sadbundle/%24csp%253Der3%24/17421208517328964755/160x600/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17421208517328964755/160x600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17421208517328964755/160x600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COyP7Lm6kO8CFcEIiwodO_kC6Q&gqi=&layout=/sadbundle/%24csp%253Der3%24/17421208517328964755/160x600/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28132
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Tue, 02 Mar 2021 01:28:36 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wisetoto.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 5550 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 5550 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ Frame 1F15 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.wisetoto.com&meb=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 01:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1F15 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.wisetoto.com&meb=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 01:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1F15 		43 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2254466384880024&correlator=1960575985187963&output=ldjh&impl=fifs&eid=31060309%2C21065725%2C21069711&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=5932629%2Cca-pub-1474238860523410-tag%2Cwisetoto_w-rt-160x600-main-200720&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&eri=4&cookie=ID%3D29cc0afdd943151a-2227e79da0ba0089%3AT%3D1614648513%3AS%3DALNI_MZvsfb1Gnx6YDw2v425HzZIhU1qGQ&cdm=www.wisetoto.com&bc=31&abxe=1&dt=1614648515951&dlt=1614648514596&idt=1350&ea=0&frm=23&biw=1600&bih=1200&isw=160&ish=600&oid=3&adxs=1324&adys=251&adks=1196307886&ucis=gk0obshlloqy&ifi=1&ifk=3504648039&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=www.wisetoto.com&loc=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm&top=www.wisetoto.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x600&msz=160x600&ga_vid=1094087174.1614648511&ga_sid=1614648516&ga_hid=1691247807&ga_fc=true&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
0854254414902da06dc58dd884506f36d567b65a84c05b8a306af8ed0d7f6754
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11005
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wisetoto.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9b5ef045cec0d4a4bf39088e9ce63320.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 1F15 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://9b5ef045cec0d4a4bf39088e9ce63320.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 1F15 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012101070013000/ Frame DC08 		185 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
357706
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53820
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ee5348f2de7cdf64"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame DC08 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
357706
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3a321a15743f406"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame DC08 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
73370
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27206
x-xss-protection
0
server
sffe
date
Mon, 01 Mar 2021 05:05:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1f991b6a8daa2b14"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Mar 2022 05:05:46 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame DC08 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
357706
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1376
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"512b909f94eb26fb"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame DC08 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
357706
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12793
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e3ef417618f7e28"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
css
fonts.googleapis.com/ Frame DC08 		3 KB
653 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 00:52:59 GMT
server
ESF
date
Tue, 02 Mar 2021 01:28:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Mar 2021 01:28:36 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/4121926441837954921/ Frame DC08 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4121926441837954921/downsize_200k_v1?w=195&h=102
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9da48e3b376b5aae2b1acdb9d902165373088bcdde44e8146152c19f5ee4b955
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 12:37:58 GMT
x-content-type-options
nosniff
age
219038
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4546
x-xss-protection
0
last-modified
Tue, 17 Mar 2020 14:56:36 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Feb 2022 12:37:58 GMT
truncated
/ Frame DC08 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame DC08 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a66052c0e0cbb47e21492c2c60bc141f63c2077cc35604c84863b7516ec5676

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
ko.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DC08 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ko.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a05d65bb7f856e5070295335b0eaa200636553faf436aa73b70d810788b355f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Mar 2021 21:24:34 GMT
x-content-type-options
nosniff
server
cafe
age
14642
etag
17534803318082699211
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2552
x-xss-protection
0
expires
Tue, 02 Mar 2021 21:24:34 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DC08 		344 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Mar 2021 06:19:42 GMT
x-content-type-options
nosniff
server
cafe
age
68934
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 02 Mar 2021 06:19:42 GMT
l
www.google.com/ads/measurement/ Frame DC08 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR5TdmuYpDNMXUBUk0plWDB_Vh1ImF4DYcPkfiJAXJq1yOW2iK7LIFWEbiXOlNQOFcARRukRQwnq8E8pP5AricaD7XX-g
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame DC08 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C5P1Tw5Q9YP6TNbCZrAS25JPoAsLageNdocja5bgLloLNhYgWEAEg9d-KJGC5-MeA3AGgAYuztJ4DyAEJqQJW92oqyjS0PuACAKgDAcgDCqoEzQFP0Eq8nsx7YeKfvdEiOhR9Sz6jY2Gysy4aUqlRTHzglTdZYbUOMJb0O2YGmDGUeo-MOQuiUw2gtkLejRvu3zEPERNUDWOcL-w10hCMLjLqUt2yuDPty8745TnaA0h2Fwhvvgw7YeZuxAaIqiG1BGUEGMzCGbjAnL6J4rMHyEPnkcNy4PG7xMZkkgG4Le_k1nS4uRGBFtySrk2gxNMT-Z98Qr4oDVsJwzYTxNhu3-yKt7YU4qbCzuvWRby0Z0gqWPageRHLbDTpkPckgrNewATDsryy_ALgBAGSBQQIBBgBkgUECAUYBKAGLoAH3czLYagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBC-1gTSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTE4NTc1NjQwOTA0NTUwNDCACgPICwHYEw2IFAKyFxoKGAgAEhRwdWItMTQ3NDIzODg2MDUyMzQxMA&sigh=PzRKiYA-9bQ&template_id=5000&tpd=AGWhJmu-CSmJWYLN3ETLXu7IL01ar1raZ3-f4y78NA2lDULqwQ
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3838 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
70325a733d40bef6346a7fffb7c1bff719a394c59e002acef9629d10caa3b578
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 01:28:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6526
x-xss-protection
0
4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame DC08 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.wisetoto.com
Referer
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 06:32:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:17 GMT
server
sffe
age
240982
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14816
x-xss-protection
0
expires
Sun, 27 Feb 2022 06:32:14 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame DC08 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.wisetoto.com
Referer
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 15:30:54 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:06 GMT
server
sffe
age
122262
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14608
x-xss-protection
0
expires
Mon, 28 Feb 2022 15:30:54 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3838 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 01:28:36 GMT
ko.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DC08 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ko.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a05d65bb7f856e5070295335b0eaa200636553faf436aa73b70d810788b355f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Mar 2021 21:24:34 GMT
x-content-type-options
nosniff
server
cafe
age
14642
etag
17534803318082699211
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2552
x-xss-protection
0
expires
Tue, 02 Mar 2021 21:24:34 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DC08 		344 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Mar 2021 06:19:42 GMT
x-content-type-options
nosniff
server
cafe
age
68934
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 02 Mar 2021 06:19:42 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 3700 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wisetoto.com/index.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.wisetoto.com/index.htm

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Mon, 01 Mar 2021 20:13:16 GMT
expires
Tue, 01 Mar 2022 20:13:16 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
18920
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame E0B0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wisetoto.com/index.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.wisetoto.com/index.htm

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Tue, 02 Mar 2021 01:28:35 GMT
expires
Wed, 02 Mar 2022 01:28:35 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 5550 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602243598683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Tue, 02 Mar 2021 01:28:36 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5550 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
328c6f0e30f974d949c8befbcd5d18dc11a36ca18a3baf25a59225cc8af45e29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 01:28:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6439
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012101070013000/ Frame 11CC 		185 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
357706
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53820
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ee5348f2de7cdf64"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 11CC 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
357706
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3a321a15743f406"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 11CC 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
73370
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27206
x-xss-protection
0
server
sffe
date
Mon, 01 Mar 2021 05:05:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1f991b6a8daa2b14"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Mar 2022 05:05:46 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 11CC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
357706
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1376
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"512b909f94eb26fb"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 11CC 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
357706
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12793
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e3ef417618f7e28"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
ko.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 11CC 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ko.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a05d65bb7f856e5070295335b0eaa200636553faf436aa73b70d810788b355f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Mar 2021 21:24:34 GMT
x-content-type-options
nosniff
server
cafe
age
14642
etag
17534803318082699211
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2552
x-xss-protection
0
expires
Tue, 02 Mar 2021 21:24:34 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 11CC 		344 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Mar 2021 06:19:42 GMT
x-content-type-options
nosniff
server
cafe
age
68934
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 02 Mar 2021 06:19:42 GMT
truncated
/ Frame 11CC 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66e09b39a7601b3782cf48f1a7013475dd35b6ca9ec42547cc0d0d91e9db0dac

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
8998587129343460083
tpc.googlesyndication.com/simgad/ Frame 11CC 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8998587129343460083?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql2TUOjaEtuYGRNA0ArvV4hzaFgHw
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e8d270bcb384698f40be77a2d3aa63c5e16206293d36ae27dac842d018b38f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 21:29:53 GMT
x-content-type-options
nosniff
last-modified
Sat, 07 Nov 2020 13:47:00 GMT
server
sffe
age
446323
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60596
x-xss-protection
0
expires
Thu, 24 Feb 2022 21:29:53 GMT
l
www.google.com/ads/measurement/ Frame 11CC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRyrJh7B9LGgkwNGZWqy2Rx8oiK3fxVTXb43Gpx2xQLO5-Oqjiu6C5ZzlOonKuU2Hb2O5PiKvtK9kNpUh-_QKr_gJwjAw
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 11CC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CPMIEw5Q9YMnRPL2BjuwP5KCg8AXf18fVYbaLytKvDePjtNyqCRABIPXfiiRgufjHgNwBoAGIq8PAA8gBAqkCWdZvmIRatz7gAgCoAwHIAwiqBMoBT9CaISeh8z31pTsXYJ9EXw0_DKr-7OX31UjeIpmw9mtV55mPhtL4meuR21c09c76SEQYLoxFerdcSgxcAsHDYTcw8nGHnDCvwrcLHGGjB5Dl1Hm03R21h4din7wZHWXolsaUQM_GHrSAXHy5jfjK9mYoG6LxS5urWM7aSMJKRvHtXmynm-p2LNG7Rh60EmEF44WuSyXurOdtU13tcuHNztLb2__qznS-o6LP3DplmI6Hw_sGCXHkOdfQ7PMBvwu3gB-HJe8d6GBLLMAEyL_unMAD4AQBkgUECAQYAZIFBAgFGASgBgKAB-DUvD-oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ28gO0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xODU3NTY0MDkwNDU1MDQwgAoDyAsB2BMNmBYBshcaChgIABIUcHViLTE0NzQyMzg4NjA1MjM0MTA&sigh=ZYbDgAbp7Gc&tpd=AGWhJmvOPSoXaDzELU5WNVWjE7apdJmi3x36PO-smQhN2MH1cg
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/index.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1F15 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ae99a9904d2b50b6f4a7769cb105586d4fe0c5a98d64ec6fd4f2183e404009da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 01:28:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
26c6be0c-5c18-4eea-9115-239e3ddc3d67
compass.adop.cc/RD/ Frame 3304 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=&s=142614&iwh=200_200&igb=74&passbackUrl=%252F%252Fcompass.adop.cc%252FRD%252F26c6be0c-5c18-4eea-9115-239e3ddc3d67&cntsr=1&cntad=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.24.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-24-95.fra56.r.cloudfront.net
Software
/
Resource Hash
546b452638de5b3d3cf3e96a4f340f4b9459766d43742d4b867b817fa9b639e2

Request headers

:method
GET
:authority
compass.adop.cc
:scheme
https
:path
/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mediacategory.com/servlet/adBanner?from=&s=142614&iwh=200_200&igb=74&passbackUrl=%252F%252Fcompass.adop.cc%252FRD%252F26c6be0c-5c18-4eea-9115-239e3ddc3d67&cntsr=1&cntad=1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ADOP_P_U=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm; ADOP_CID=PT-210302012835-cef1a1a4413343e6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.mediacategory.com/servlet/adBanner?from=&s=142614&iwh=200_200&igb=74&passbackUrl=%252F%252Fcompass.adop.cc%252FRD%252F26c6be0c-5c18-4eea-9115-239e3ddc3d67&cntsr=1&cntad=1

Response headers

content-type
text/html; charset=UTF-8
content-length
2212
content-encoding
gzip
date
Tue, 02 Mar 2021 01:28:36 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
set-cookie
ADOP_CID=PT-210302012835-cef1a1a4413343e6; expires=Mon, 31-May-2021 01:28:36 GMT; Max-Age=7776000; path=/; samesite=none; domain=.adop.cc; secure; httponly
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
r7nnoyE2ksNXqnokrldojAQbRkAr7tVxj61SshhWi_AL35lT-GrtOQ==
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5550 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 01:28:36 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1F15 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 01:28:36 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17421208517328964755/160x600/ Frame 3E43 		221 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17421208517328964755/160x600/index.html
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1499efd6305a93931bd030a070a1f29399a6d31093840dd33eb5dc6f02c58f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/17421208517328964755/160x600/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Mon, 01 Mar 2021 08:00:26 GMT
expires
Tue, 01 Mar 2022 08:00:26 GMT
last-modified
Thu, 18 Feb 2021 15:09:45 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
32373
age
62890
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame E0B0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Caahuw5Q9YKyiOsGRrAS78ovIDruRy9JhqfbUjfwMv-iivcABEAEg9d-KJGC5-MeA3AGgAY7Sz7YCyAEJqQLMLRA5T1iUPuACAKgDAcgDCKoE2AFP0AT3GoqkCjpm3GXM709NIOzA3e7Ns5BsRsntU6PJWBr2bRnHb0roeI_ToFBqsqH4W_kHOniFkWnyRmQZnyTDGbaUp6FQ50cmHTK5aCVz-vvZbSYl4eSnAJduMssSvU5KaPWVfehJZNr7c_TGYGQ6D6S4aIUUdml9Zur12Q1fucdUXEtRFQjuuLHYb9eAkS3gqh48_qFJLIkq5zmEfpOx9yT-XMOtAGE6XnyRaAW3YTF5I7YrFAvtFuy3gUV4i_76ajPeTbtosnMjan5MI6J9oKlqOTcMch3ABJ3o4duyA-AEAZIFBAgEGAGSBQQIBRgEoAYugAfarbDJAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCH-hfSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTE4NTc1NjQwOTA0NTUwNDCACgPICwHYEw2yFxoKGAgAEhRwdWItMTQ3NDIzODg2MDUyMzQxMA&sigh=P67chVwZMRg&template_id=419&tpd=AGWhJmuiQfxML5Pfn_w51WOUBJs18FkY-G8t_pJjWEYtsONFmg
Requested by
Host: www.wisetoto.com
URL: https://www.wisetoto.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame E0B0 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js
Requested by
Host: bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com
URL: https://bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 00:39:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2921
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
18079855114753437313
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 00:39:55 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame E0B0 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js
Requested by
Host: bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com
URL: https://bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:27:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 01:27:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E0B0 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com
URL: https://bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 01:28:36 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame E0B0 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com
URL: https://bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:27:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 01:27:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame CA5B 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wisetoto.com/index.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.wisetoto.com/index.htm

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Mon, 01 Mar 2021 20:13:16 GMT
expires
Tue, 01 Mar 2022 20:13:16 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
18920
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
9RdNy2KfqE70k7Ep5pIJEFWQRxy4C7JCE7EP5OBJOVg.js
pagead2.googlesyndication.com/bg/ Frame 3700 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9RdNy2KfqE70k7Ep5pIJEFWQRxy4C7JCE7EP5OBJOVg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
f5174dcb629fa84ef493b129e69209105590471cb80bb24213b10fe4e0493958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 16:20:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
292095
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6189
x-xss-protection
0
expires
Sat, 26 Feb 2022 16:20:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame ACC7 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wisetoto.com/index.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.wisetoto.com/index.htm

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Mon, 01 Mar 2021 20:13:16 GMT
expires
Tue, 01 Mar 2022 20:13:16 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
18920
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2BC2 		143 B
226 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com
URL: https://bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmVT5anCblAss2x9oU5uzyfKwXtEBBrIqQwO14HdWqIdIEjcGolX0dGW8q6h1M
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 02 Mar 2021 00:41:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2832
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame E0B0 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf5e08cf877c4564986bbdb1acff58f88bd6d3ddc7227c64f1817390ed0b96b9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 11CC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Tue, 02 Mar 2021 01:28:36 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 3E43 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17421208517328964755/160x600/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 04:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74354
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 02 Mar 2021 04:49:22 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3E43 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17421208517328964755/160x600/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 13:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44466
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 02 Mar 2021 13:07:30 GMT
create.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17421208517328964755/160x600/ Frame 3E43 		236 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17421208517328964755/160x600/create.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17421208517328964755/160x600/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a34fc6f42a3fee3d2bc500e7ac87d2000cec14f4f565fc989b069a0de1e791a2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
121778
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64181
x-xss-protection
0
last-modified
Thu, 18 Feb 2021 15:09:45 GMT
server
sffe
date
Sun, 28 Feb 2021 15:38:58 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 28 Feb 2022 15:38:58 GMT
8998587129343460083
tpc.googlesyndication.com/simgad/ Frame 11CC 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8998587129343460083?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql2TUOjaEtuYGRNA0ArvV4hzaFgHw
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e8d270bcb384698f40be77a2d3aa63c5e16206293d36ae27dac842d018b38f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 21:29:53 GMT
x-content-type-options
nosniff
last-modified
Sat, 07 Nov 2020 13:47:00 GMT
server
sffe
age
446323
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60596
x-xss-protection
0
expires
Thu, 24 Feb 2022 21:29:53 GMT
ko.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 11CC 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ko.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a05d65bb7f856e5070295335b0eaa200636553faf436aa73b70d810788b355f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Mar 2021 21:24:34 GMT
x-content-type-options
nosniff
server
cafe
age
14642
etag
17534803318082699211
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2552
x-xss-protection
0
expires
Tue, 02 Mar 2021 21:24:34 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 11CC 		344 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Mar 2021 06:19:42 GMT
x-content-type-options
nosniff
server
cafe
age
68934
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 02 Mar 2021 06:19:42 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C272 		42 B
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBcw8btSeTrKHOAoGwHHplm1j5DGtoCbucKUuDAlI1otorXAc3X6Ph4HORnn5fioTYN5gt2Vdh-ygZKw_iD_hzc2StEy4VGne6tUtSB0o&sig=Cg0ArKJSzH_Lif-9i7ZjEAE&id=osdim&mcvt=1026&p=0,0,90,728&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&v=20210301&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=3&adk=3146298844&rs=11&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614648515394&dlt=0&rpt=67&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&glade_req=1&glv=36&dt=1614648515319&output=html&iu=%2F24649423%2Fwisetoto_top_728x90-section&sz=728x90&guci=1.2.0.0.2.2.0&sfv=1-0-29&correlator=1647912532289623&adk=3146298844&biw=1600&bih=1200&adx=560&ady=353&oid=3&u_sd=1&ifi=1&vis=1&nhd=1&url=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm&top=https%3A%2F%2Fwww.wisetoto.com%2Findex.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 01:28:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
backgroundunsaturatedlinearwaves.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17421208517328964755/160x600/images/ Frame 3E43 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17421208517328964755/160x600/images/backgroundunsaturatedlinearwaves.jpg
Requested by
Host: bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com
URL: https://bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2eed734f605a8196ad41babb8c17ce27288f4c54d48d2a20ea06f376956470d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
62890
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59048
x-xss-protection
0
last-modified
Thu, 18 Feb 2021 15:09:45 GMT
server
sffe
date
Mon, 01 Mar 2021 08:00:26 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Mar 2022 08:00:26 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2BC2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
21 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com
URL: https://bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmVT5anCblAss2x9oU5uzyfKwXtEBBrIqQwO14HdWqIdIEjcGolX0dGW8q6h1M; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 02 Mar 2021 01:28:36 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 02-Mar-2021 02:28:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 02 Mar 2021 01:28:36 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 02 Mar 2021 01:28:36 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
9RdNy2KfqE70k7Ep5pIJEFWQRxy4C7JCE7EP5OBJOVg.js
pagead2.googlesyndication.com/bg/ Frame CA5B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9RdNy2KfqE70k7Ep5pIJEFWQRxy4C7JCE7EP5OBJOVg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
f5174dcb629fa84ef493b129e69209105590471cb80bb24213b10fe4e0493958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 16:20:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
292095
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6189
x-xss-protection
0
expires
Sat, 26 Feb 2022 16:20:21 GMT
9RdNy2KfqE70k7Ep5pIJEFWQRxy4C7JCE7EP5OBJOVg.js
pagead2.googlesyndication.com/bg/ Frame ACC7 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9RdNy2KfqE70k7Ep5pIJEFWQRxy4C7JCE7EP5OBJOVg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
f5174dcb629fa84ef493b129e69209105590471cb80bb24213b10fe4e0493958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 16:20:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
292095
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6189
x-xss-protection
0
expires
Sat, 26 Feb 2022 16:20:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3838 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022501&jk=1664104336352890&bg=!S0ilSAvNAAXB_3NtwTsAKQB2-Dxat9Z_G-vC45cfZ4z9QTe1aX-PnlipeDXjJ9FYJNOacRM76hVeAgAAAR5SAAAAEGgBBwoAS9Lg5bPnciTITzyTcohL_e-efNiotN-8T_xVU8_rJ5WcWasqdbZjYUCHKSlz1JNz1HHxRoFL8IGamCyvOHGiFiUUaXd8JiYpunp99ZkB_I2JiVZw0HftSjHc-wgx1h9XWGbu_kPVbsAU6CVhceoD4yHMyK6otPm6nZLSwpDWg-zyxcIfadAEbr4H0FMIHGypTEG9Xw2OXIWMA7GcPVFL5DRe9CkNn3WEmaVJESWpC9NqjO0_eX9tNMqwQXtGN304tv3iDbXfKSSZmBvUT5BBGCt7IqozAnD1nv4ErtwuiLk7x9XGeEfbp1uF4nGcT7vEoPYXOAZlcRCFoUI68J-_DZHmjSWckkRNuKw5zpe4IebMVOzzjY8FC3P2FnKSZGSjM-qkjOFfGGYZegqCbMAD6r7vnBwyNDKC02bfWpXbxCexwWl2Cy3KHTVB9FnVbnkcokV5VDb3-tljG4CyyCsdhpn2y1M0mt6IbGQ0g5CgvV5dkCsyKOxSs9jchOYxutUOWy9V6jFyAi6jeuZNUq6BRz_RCvGj2CK3w7dT0g8ackDkX7TABCX5mC-Y-jl22ObVaI_kMUgQW5sva2A0JcXGsLNsjgS-B24YtuzbfJZmD61OEWGSFa5lpgBtWwfTrirhm5whsqXbix8734H7o10bmFIM5WNczDa7AstDYzKJ2SGHDPCqNGKHJfSq3JG8ZecE0ELmHF2NsA7LAUFHSnUvzNTRfKfOKWz34UxTgq19pun9hJjChVfqIovaemggZo1cOWRqxpHexsfkv3k
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 01:28:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5550 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022501&jk=2848983803638430&bg=!4OOl46DNAAXB_3NtwTsAKQB2-DxaQIjZzfeKpLOu4yDpKTjirxlmN3S-B-Ei4zAl74AvNv6tIPnZAgAAAK1SAAAAI2gBBwoAK_OCZt8X-4UeT52er2JFPQ9rSA7e9BLGsOvKC7KNkGKqCvDR7sgUTvU0yTyZAfHFtYNk528HJQxK8zTfLKMvVZYNKUtKPaYwhzE0iHNrwBNJq_Jchh2GlbWAX6GSwP4I1PWmPpEVSpoOL9Y0eelO7BRUGV0KdkWOec6HkFu8s7bxSaZAHv6YCHeWArjdcJI14e9-vgw4ZzzgBoPXwyE-_Q81bxi4gRKSNBgzj9MR4rBN--wu_Fr2SH0753uivxU8QxL2C2WIgifYJEmP9AYrNvKpALMrcpISKySOYZobWbcReV6YvU830sVDGCJB9HLJEJGW3GeJagryC4dwQGmIiTrxECoy1bWTdFwVDnGo2dIyJWQMImXm6YMg7XzeiEvwQxh5nuZk9Y6Fuz4068OKfpR0H16j-WAREo992BUcGY9IwGdfyGfnjjpNLlAU5Z0zBo-bFcIQrs6doFDM6zeEFo2Z0WIVhRIVKkEh4dQRJ2ljqSB9egaSR5Wzj6nebnrBkhRqlFpXaZD5XclD-tP4Q7a9PuZ7_d8ud-MArrBhHUrXv1DqhViuTDtoQ0oWI68S0YtyuIVwbo8S51c_GjJoZGFoa7HMJZLB6Drk_xVL2rDdab7AAKEMrRUDL7yLc6TU6GOKq3G42x19nMRArJgf3ts_XJxULSxYkwUsmRweAUlB7y3tpvt6IXVtcu4SUmQhL16RmIZWLbKuPUUSZcBMXA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 01:28:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F15 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022501&jk=2254466384880024&bg=!HxylHF_NAAXB_3NtwTsAKQB2-Dxa4lA24L4UG4TaU78o4glN5SlN1Iv5WP7a0fbtEpEOQC03AwAaAgAAAK9SAAAADWgBBwoA9AhigtTEZ9eNUfEOApkj-b8X2IVs7FIsFp44FQ8ocKf3FjGPvG-_ZQ0pv-yVe8o-9DlboGiLQGo6LTrrUOezUXeC0aENBIkaEs37EnOfAgcaoew-9caanDuR7q_hyu_-oW53bgUifG-OKIxhiheSQ8eKFCOlRudvJnAzVxSiqppBE5Iz0SElw9TMCP2HnheDvfFP7m2Jd6uYLZ6UGNVCm2nWkClCQeFRfRImvAMoszCVO3jHOR9u-9n2dnPip5i21uZItNNKqBjhn4b9VTzXafBdv8y0ZGjYxN1_HeZys6VYrV8syKAIMoAgfY2VEq12jQWoA4mZAgB5i9qVilfyrXGT__sGRhIMPGXiBuAu221chdcwjcWVdjQKVwh5UtU4og5OiMrlscS6HKO5VOO60chiQHcJE08GJZ_rsATeaGBdtOGMuAb27G9-l1w0xIA7EBqHgB-1YT_sikba4RbyDgtvg4i6RtXYkLl9my6OCOPhEIrqtQVyx4uifrrFNplDo27oI5WA1u6VgDGZPrGiUzXIwNzKcgm-MzauL6HX4IupMorE2JMzEsf-SjdKNDm9Q0R3GPP4TMlDueQ7w-yaP3RGqxGj4HfIM7sV4JFGETU2fLyXV2HRIz0J2bKQXHq8IiqUC4P7-ck85Y8lDY6GVlf8r2wyP5vc9wcorT4vlZvx9wwpaN6yg7ZjIipLvL3JTDxtLDuhQAQy6hQ_l36jBpqNSjWq5UoitrFPVvsTTPrn9gDCIuJstKwgYCsGfEvwn7-A2chLiz-silplY5Ey3bUK-PQPXFS2BsY_mCQlJh9r2KrpYDDQNI9qM9mipMg0OyLZoQVM1izG74jyxjMBSEucxD7E-aHr21xk2M8ldv3EKNnYU6losooCjbcChta4Psf65y6zY53rro6v7GxzpnPlnJzRLKFelcx9fdggkzf71o7AeZAQM4XzNGv2ZwXo5OmXNf62EiUqkMN5dI8baKfyEqTIiWP1xnEViPboMsokfrHJiMp_-w
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 01:28:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adop_sdk_p3.2.1.min.js
adopdmp.adop.cc/ Frame 3304 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adopdmp.adop.cc/adop_sdk_p3.2.1.min.js
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d200:18:69f:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d2c8ea830e583681b95c707f9aa6fe2a6c7ae6c132b7e683fa7b1c20a2d6b69

Request headers

Referer
https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Feb 2021 02:00:27 GMT
content-encoding
gzip
last-modified
Tue, 28 Jan 2020 07:27:14 GMT
server
AmazonS3
age
2158091
etag
W/"beb7e40d14c2bdc6a039fcdbe887d780"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
X__0iJFFQHUlf172mW53jdqe3B3RIx3ctnVuFzp5N9QJ2n0-jX-_Gw==
collect.php
data.adop.cc/ Frame 3304 		2 B
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.adop.cc/collect.php?log=com_imp&dt=20210302012836&aid=96310a27-4613-4981-ad90-571bf6e3e478&zid=26c6be0c-5c18-4eea-9115-239e3ddc3d67&r=de6F
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.124.92.103 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-124-92-103.ap-northeast-2.compute.amazonaws.com
Software
/
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
2
gpt.js
www.googletagservices.com/tag/js/ Frame 3304 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6877dbc17f6c5d5d4b3683eca583fb3b46f5439b5a628199f2cfd18dfa03834d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"799 / 23 of 1000 / last-modified: 1614640338"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19325
x-xss-protection
0
expires
Tue, 02 Mar 2021 01:28:37 GMT
collect.php
data.adop.cc/ Frame 3304 		2 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adop.cc/collect.php?data=eyJkdCI6IjIwMjEwMzAyMDEyODM2IiwiY3RyeSI6IlBUIiwiYWNpZCI6IlBULTIxMDMwMjAxMjgzNS1jZWYxYTFhNDQxMzM0M2U2IiwibmV0IjoiR29vZ2xlIEFkIE1hbmFnZXIiLCJ3Z3QiOiIxMDAiLCJvcmQiOiIxMjA5Lzc3ODIiLCJ6aWQiOiIyNmM2YmUwYy01YzE4LTRlZWEtOTExNS0yMzllM2RkYzNkNjciLCJ1YSI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImJyb3ciOiJDaHJvbWUiLCJkZXYiOiJkZXNrdG9wIiwib3MiOiJNYWMgT1MiLCJpcCI6IjgyLjEwMi4xOS4xMzYiLCJmbG9jIjoiaHR0cHMlM0ElMkYlMkZ3d3cud2lzZXRvdG8uY29tJTJGaW5kZXguaHRtIiwiY2R0IjoiMjEwMzAyMDEyODM1Iiwid2QiOiJZIiwicGIiOiJOIiwicHQiOiJodHRwcyIsImxvZyI6ImJhc2ljIn0%3D
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.124.92.103 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-124-92-103.ap-northeast-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
2
pubads_impl_2021022501.js
securepubads.g.doubleclick.net/gpt/ Frame 3304 		287 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 09:38:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103137
x-xss-protection
0
expires
Tue, 02 Mar 2021 01:28:37 GMT
integrator.js
adservice.google.de/adsid/ Frame 3304 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=compass.adop.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 01:28:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3304 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=compass.adop.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 01:28:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3304 		44 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3956086121546893&correlator=1835329351442428&output=ldjh&impl=fifs&eid=21068601&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=5932629%2Cca-pub-1474238860523410-tag%2Cwisetoto_lt_200x200-main-201116&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=200x200&eri=4&cdm=compass.adop.cc&bc=31&abxe=1&dt=1614648517458&dlt=1614648517031&idt=420&ea=0&frm=8&biw=-12245933&bih=-12245933&isw=200&ish=200&oid=3&adxs=0&adys=0&adks=1601220413&ucis=1vupwsayvnur&ifi=1&ifk=3891351705&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=www.wisetoto.com&loc=https%3A%2F%2Fcompass.adop.cc%2FRD%2F26c6be0c-5c18-4eea-9115-239e3ddc3d67&top=www.mediacategory.com&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=200x200&msz=200x200&ga_vid=1136099913.1614648517&ga_sid=1614648517&ga_hid=155293122&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ee019d5310b5439e163627498ed60dbf75dede813208891070ecf483b03acd95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10798
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://compass.adop.cc
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
36595d8a2783044946b6903f4f8709a5.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 3304 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://36595d8a2783044946b6903f4f8709a5.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 3304 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame E0B0 		42 B
89 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst59P2ERg6qZiDBOizvHoODMw-FOEF3Lcr6oZGSYLcNyNEYNDBg-hpktAehMTGrR-BMWRoYBfBZyWtZL6tekBp71C7roVVMh1OsZktQsQL-QOnko_HRGOVtgLUrK_4KQoWXeqLZr318qjlB5oDReLCQ&sai=AMfl-YQ0udrY6JpeS0LmhEgHYr7WH26R18AIrIpHXd-sRby3YT-a13tWr1JLdK_a3RthyrzujN2Dv4u3JxHHxgeYwfvNFkILDE5pxw2z4fqRVDsQKSckGBxgbKfX1cc&sig=Cg0ArKJSzEgaYPSpuSQVEAE&cid=CAASF-Rod_55LhrN0ctFOU4tPB2uwHSY7ufi&id=osdim&mcvt=1012&p=0,0,600,160&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20210301&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1120376242&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614648516259&dlt=20&rpt=195&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 01:28:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 11CC 		42 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxz1VS86NheQYAkWHDz4KgDRSnPLXIjLUx8nTgBWvX9O9YOy0U0AfhjixoqDMP4WxbKll9K0zY7zIjeK7enJwTgs-Rk0SKayGmJxg08VdVsuA3PZpoXss7wqcZqg&sai=AMfl-YQA7z9iuF2xpTodk8knfbulHLrwZQNNwgrOhnJK2-0G-sPRBThd3V4l0twc4Wqvh0ehXXHBNEdLth9yzbc3p4poMSGbSgtqhDmST9d3hl7G_g3Bn41eWP7BCkA&sig=Cg0ArKJSzKr99_Q08VvIEAE&cid=CAASF-RoEC75epmwJvzdanaCxeEVN8V1MuVB&id=ampim&o=1324,251&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=190&tls=1191&g=100&h=100&tt=1191&r=v&avms=ampa&adk=1196307886
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisetoto.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 01:28:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012101070013000/ Frame F720 		185 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compass.adop.cc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
357707
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53820
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ee5348f2de7cdf64"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame F720 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compass.adop.cc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
357707
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3a321a15743f406"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame F720 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compass.adop.cc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
73371
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27206
x-xss-protection
0
server
sffe
date
Mon, 01 Mar 2021 05:05:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1f991b6a8daa2b14"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Mar 2022 05:05:46 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame F720 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compass.adop.cc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
357707
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1376
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"512b909f94eb26fb"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame F720 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compass.adop.cc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
357707
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12793
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e3ef417618f7e28"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
ko.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F720 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ko.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a05d65bb7f856e5070295335b0eaa200636553faf436aa73b70d810788b355f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compass.adop.cc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Mar 2021 21:24:34 GMT
x-content-type-options
nosniff
server
cafe
age
14643
etag
17534803318082699211
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2552
x-xss-protection
0
expires
Tue, 02 Mar 2021 21:24:34 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F720 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compass.adop.cc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Mar 2021 06:19:42 GMT
x-content-type-options
nosniff
server
cafe
age
68935
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 02 Mar 2021 06:19:42 GMT
truncated
/ Frame F720 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
712c203f3f950f3e9d9903601427f88479ca6ebf841b36fbb44f20a6196f4a8d

Request headers

Referer
https://compass.adop.cc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
6586046802330090019
tpc.googlesyndication.com/simgad/ Frame F720 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6586046802330090019?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnI38wHRNpZ5Zcc223ScPf9pIBZSw
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71eb9c0367022bf210c3f40e0db7b76c61c4520451607e240bba292b9a689ff9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compass.adop.cc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 06:20:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Feb 2021 10:17:45 GMT
server
sffe
age
241684
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64164
x-xss-protection
0
expires
Sun, 27 Feb 2022 06:20:33 GMT
l
www.google.com/ads/measurement/ Frame F720 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSKpTeiggfGt0xfmYMjCh-M5EU4Jj_888vtU_OYscjp915IhzcJo4ewri0bUYvpfSl3GgbMqSR4JsP42axY4B7DqRI_-g
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://compass.adop.cc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame F720 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CkRXNxZQ9YLutHoiYrASylL7wBeuC6sdh4bPwjLoN8ryCgcAFEAEg9d-KJGC5-MeA3AGgAa26_4IDyAECqQIumw9dmLZoPuACAKgDAcgDCKoEzwFP0Aw4hXgx2mKxo7FPjiXlYxa0x9lH3MpSF4Afvpl6T_MJCBfOEcMCIenc4zSM577kQ6mo1ZXKyALKbPmaBWXnks7l7G-WxHxTe4uF_-3zWhh898z77Cz_VN1oYgQ_Mk_CtKjsDaaBPPdJLlXSJcn-4IQYmZ1ie0eJk1iilYg45UAHRd-EYjaHAwdoLT3vv3y80AKBLMeDaaAej3YSJzWWFn59fSIKm3vIvS_CyT_O4ky0KephC2HA6q_VQe6uC8602mADtOtuPKVMa_g4e5_ABK-4nq-5A-AEAZIFBAgEGAGSBQQIBRgEoAYCgAe7xYB9qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEILGAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTg1NzU2NDA5MDQ1NTA0MIAKA8gLAdgTDZgWAbIXGgoYCAASFHB1Yi0xNDc0MjM4ODYwNTIzNDEw&sigh=UXjQ3vEObEc&tpd=AGWhJmsu8XqViIXtrmC8HGxxDCJdyVTJk199nAJ_ghqsnLeInw
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://compass.adop.cc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3304 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ba2aa4be6d537a9d8212322b66d26e6fc1f28bd5fb5ab2dd4c94c547d6685be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 01:28:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6522
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3304 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:28:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 01:28:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame C688 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Mon, 01 Mar 2021 20:13:16 GMT
expires
Tue, 01 Mar 2022 20:13:16 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
18921
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js
pagead2.googlesyndication.com/bg/ Frame C688 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 23:53:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
5681
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6224
x-xss-protection
0
expires
Tue, 01 Mar 2022 23:53:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3304 		0
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022501&jk=3956086121546893&bg=!IiGlIWLNAAXB_3NtwTsAKQB2-DxaEILGqqK54XHQPAAnohqtMDcMKhz60dcTiRAPWtBUlHTMEztnAgAAAIVSAAAAD2gBB5kCe5Yybnrl2sDR2sxz0eDYtJymeu5Hbb4Q3oR2zyXx1uKWbQ6RT-vSgwe3FkPR2b99Zt_brff_l85RqUvR6xLJVXwX15Hfj6CHAZvk-D9qiwJjCHIQPZ76DsJ2b8WUfK4KC1JKF_j8zqMudmAizUJrmiNywGWGB9WnXqYvHhJoW4Z0sdL5cSUyEsZ1FFbxYGeLWcpKeFgLFt8PXGLEnMNZfCbaCxZ6O-und7m_0grcfgNFkWVymx22bDbu7XAKYOHW8KZgFdVcZz2Ena06JcsaaXvEQ_f4Z_XHM59qLB4wDiNxBjs5i8sqobWgXSYXHJfz_mqvwhYhqLZJLoh_TO6L9LiBdv3TWPVgoWdIXZdjjZfI3N8nep76S2BrQjztMqPm3GOcJ-M9kpFdw2eQEQvNwMm6dNsE60hgMGD1qaVmgOAAaZ7OHtvR_atGTxmcbCr8uE7OCS3ooUkHWdQRdZhVbrNeaq4vLlhYtcw9zWR9VFsT7cYQOmoGlQWdc-AZezetMHJwDXqGpGuIUMPNYZay979aonAOH6rsudjK9sDNgTE_LRHnuXcZ9BPLetCOpKx95xt91zoOa806f7Vp_lygoYKykTYcxr4HKUkC7cTwYdBwBnqwFBE4I73Y-5_S9IYrRCHCq6SZU36wAaiHSXvm7SJi7XHADoU6YlBocZBN57G602lNcYkNn3sHKA6PvfKKFbwzb8Aa34oED0EA30UJPZfp6ijowQXAl18pg4TAO2AmRRcMAfDmIalTGHMJNIQVtF8rJhU-RqxK8E_dvkB7tBliKuDbXLbmMXSIKNyqyq3shhdP9kl_sbsMnNR_dt6UIttNod8YjigV21UM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 01:28:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F720 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3BgQbkU1oiodYXEzcGEQ6K3kMAL_Zzu7djbkm_dyKJXqAoUum-BZ5qjV3ezLA1hfFAL-bNyeIaSNB437hEaWUOz55pdwsTSVrJtx5Pxj4qmgkhs_RVdCn2wLZ6g&sai=AMfl-YR5TjNX9aTUcTmrrgS63LfJdC9DfDXs0m8f7clVBsPRGZjZdRIZOKppmnu5BpuT0um68c84hVZaRjbHOInCmBYa-gztEdMWrac&sig=Cg0ArKJSzBX_nHi6Es7QEAE&cid=CAASF-RoEHoo8lxN1PkQ5NkQNv7py1kVN-IT&id=ampim&o=0,201&d=200,200&ss=1600,1200&bs=200,200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=125&tls=1125&g=100&h=100&tt=1125&r=v&avms=ampa&adk=1601220413
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compass.adop.cc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 01:28:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

201 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| w3cMovie function| w3cFlash function| w3cFlash2 function| iframeAutoresize undefined| newWin function| popupOpen function| popupOpen_D function| popupOpen_wise function| image_window function| resizeBoardImage function| back function| goBack function| wresttrim function| imgview function| updateChar function| assert_msglen function| isRadioCheck function| allprocess function| togglebox function| asclen function| hne_check function| addSel function| formatNumber function| delComma function| checkQuotes function| real_multiple function| ceiling function| rate_ceil function| onlyNumeric function| onlyNumeric2 function| strip_tags string| curPageXSS function| dontMouseRight function| ignoreEvent function| getMousePos function| getBounds function| moveA function| notice_setCookie function| hideMe function| timestamp_to_datestr function| datestr_to_timestamp function| transNumberFormat function| MM_swapImgRestore function| MM_showHidemms function| MM_preloadImages function| MM_findObj function| MM_swapImage function| bluring string| menuCode object| topNaviControllers number| naviMenuId number| naviMenuIdSub number| overNaviMenuId number| overNaviMenuIdSub boolean| isTimer undefined| naviTimer function| topNaviController1 function| defNaviTop function| cancelHide function| hideTop function| $ function| jQuery string| GoogleAnalyticsObject function| ga object| google function| drawAreaChart function| drawLineChart function| drawCircleChart function| drawBarChart object| TopButton function| set_popup_cookie function| get_popup_cookie function| notice_close_1day_popup function| notice_close_popup object| jQuery182038218977937906673 function| setBannerClick number| slideIndex number| intervalBanner function| nextSlide function| prevSlide function| showSlides function| mainbanner_run object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| vis boolean| __gvizguard__ object| gviz object| Dygraph object| WebFont object| googletag object| ggeac object| google_js_reporting_queue function| makeid function| changeid function| googleSetting01 function| compassAdTagInsert boolean| googleDirect01 object| adop_tag102 string| gbannerid function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| google_image_requests object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| getTime object| now1 object| later1 number| days1 number| daysRound1 number| hours1 number| hoursRound1 number| minutes1 number| minutesRound1 number| seconds1 number| secondsRound1 function| getTime_v function| msgposit_list function| msgset_list function| msghide_list string| before_game_no string| before_div_id string| before_detail_tab string| now_sports string| now_sort number| intervalHandle object| nowParams boolean| focusMove string| page_type function| getUrlParams function| ChangeUrl function| getParamChangeUrl function| change_formation function| change_record function| change_record_bs function| change_detail_tab function| drawWinChart function| drawWinChart_n function| change_rate_detail_tab function| get_gameinfo_detail function| get_gameinfo_body function| livegameinfo_run function| league_filter function| set_filter_chk function| set_league_filter function| get_league_filter function| rank_tab_chagne function| player_rank_bs_b function| player_rank_bs_p function| player_rank_bk function| player_rank_vl function| player_rank_hk function| player_rank_hk_gk function| player_rank_ft function| tr function| rs function| wisecenter_open function| tooltip_mouseover function| tooltip_mouseleave function| makeid325 function| adopRun003 function| checkLoad0988 function| listener572 object| _gqid boolean| _gqidtestmode object| banner_right number| windowwidth object| _taboola string| __params_zone boolean| over_size object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

5 Cookies

Domain/Path Name / Value
.wisetoto.com/ Name: __gads
Value: ID=29cc0afdd943151a-2227e79da0ba0089:T=1614648513:S=ALNI_MZvsfb1Gnx6YDw2v425HzZIhU1qGQ
.wisetoto.com/ Name: PHPSESSID
Value: e0ccc13f49b827d5ea0673f4ce81a573
.wisetoto.com/ Name: _gat
Value: 1
.wisetoto.com/ Name: _gid
Value: GA1.2.2020146660.1614648511
.wisetoto.com/ Name: _ga
Value: GA1.2.1094087174.1614648511

3 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101070013000 https://www.wisetoto.com/index.htm
console-api info URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101070013000 https://www.wisetoto.com/index.htm
console-api info URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101070013000 https://compass.adop.cc/RD/26c6be0c-5c18-4eea-9115-239e3ddc3d67

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

36595d8a2783044946b6903f4f8709a5.safeframe.googlesyndication.com
9a89e2f036dda1be81d0a075d4553c01.safeframe.googlesyndication.com
9b5ef045cec0d4a4bf39088e9ce63320.safeframe.googlesyndication.com
adopdmp.adop.cc
adservice.google.be
adservice.google.com
adservice.google.de
bd59cdcb77356e9665f6981b4aa8a58b.safeframe.googlesyndication.com
cdn.ampproject.org
compass.adop.cc
compasscdn.adop.cc
data.adop.cc
dd18c4e0fb22384b2ffffdd4883333b9.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
storage.wisetoto.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.mediacategory.com
www.wisetoto.com
119.205.238.29
13.124.92.103
13.32.24.95
142.250.186.34
218.232.95.66
23.55.161.68
2600:9000:211e:d200:18:69f:d880:93a1
2a00:1450:4001:800::2002
2a00:1450:4001:800::200a
2a00:1450:4001:802::2001
2a00:1450:4001:802::2003
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2003
2a00:1450:400c:c0c::9c
65.9.58.118
019abefec4feae19ba72bb47aa290e77b57227dc669357036b7b1611a3265e81
042b0d311fa24af7af179b1f0a03d4d47e3f32dd66ad1a9e741e6fa4b6d3c249
04b2c3919eab959d0535139f9decd6b513be3d0356379bdb42e7fedc0ac32667
04e325164171eba5fa8b892074e075b78ae5a5c7ac34f5cc91d748901183f1b3
061f04d44ffea26eb2e4bdb43368e78cb3a89a895ddce6151ac036063cc4bfc7
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
0854254414902da06dc58dd884506f36d567b65a84c05b8a306af8ed0d7f6754
0950f4baf82c9cfc547398e1171f47a537fca5a9261cc426a51f57a0fb63a4f5
0a014efd595c0d4ec7b0b3e16cca7c18b2f274019e1e92951ad74e437a6bb8a3
0c2f0cd8a5a0aa6e0fb315f773476aa0ae8560227e385b5aed141f5fdb76a349
0e84847960cad725139f3264fc2f17388159f40de97edc33891c9ce9d050cdf2
0ebd71b0d6a7ea86a0fe22c5639652751934de249e5c94a7be379363375e54f0
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
109367238429c8fc53a824c10ea641b995d4d126422b626019ded05a3fc5a854
119a5be16bf22ce1507fe137e0204b56c1f4159412d3af1358530394f63394ba
139cb167ee03e465f16f3448bce4a1f719d0d42be2fb0b8163edb8da0a46d23a
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
161a5a8ebafc47996d570cf3adc8a79f4e8d56a2aedd53960fc936fe200d78a3
16ea0cf66d51efdbbc2a62b11ab0419fa72fb3320844f1d0d710480245ac9925
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
1a0c697551d129013467dcb36023ac25a47406be02a6d5e012f3ca45993dbb2e
1a6e2487afca0c4443671aae0d7392be9a3dbacbe28d622bdf97846828ae3e5e
1aed122c432560a25dc0383f5d29f7a82cd27237eaa04560e0595fb9f4710546
1cb655f62efbfd3f6c994b537d06964ae7cfb28a99476aa3838f7d0e32742460
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
224e4b4a73fd9a6cf7e9305bf15448fbfae4a92365e4f5c8d603c29d54cfc66a
23f5623553875e7f0a27e92f3015bd46b688c071d2f8a1d87a139c8e0f1372fe
24d98f646917f3eb814c22cb58a8e3aa6208a23004d74ce9884543fdb200c9ce
2727d5f32131dadf23ee50bec3977677e6367b9e01cd2154cb7a40aacb411108
28d2e4b4aa9551cf7325ff954ba4b39b7dd5760192bbe875a876793a5668d195
2a0cee784c38b4bcc74973ba7c1ae081208db1a9d8c8887959d0b6d8fe478a3e
2a66052c0e0cbb47e21492c2c60bc141f63c2077cc35604c84863b7516ec5676
317a42efc1584340faafa18fccfa57adc2082c3762f9b230cfe6ab72dcf01593
328c6f0e30f974d949c8befbcd5d18dc11a36ca18a3baf25a59225cc8af45e29
36aedc398a11f1e455ac96fd7f6bd06c3b83b95c321fc6fcdac742678d816a77
3862ea13abd792dc0bc619353fef95fe64efd596a73cffc8d3f2ebdecc48ba75
448c20969bf7d42330222430f1695210b8006a17e438f099baae7c01203ca493
456815a1cae59a2e4b211cb8b991e6941ba6ab731019c400e9b328fdc8151d6a
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
4816b994c28e3b2d8aec85b4be3cfd2b7e9735b60ffb4168ff32e9959fed67e7
48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97
49387441f27a74e198953ac1956b95da75ffb48cb256ce2e799ad5e55b40c32e
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
49e8d270bcb384698f40be77a2d3aa63c5e16206293d36ae27dac842d018b38f
4a2931a81f657d619f479e947b37945388b663b7833c59d5fb577f9ff7aa07fb
4ba2aa4be6d537a9d8212322b66d26e6fc1f28bd5fb5ab2dd4c94c547d6685be
4d3b4e4271812ddd46631b33836f7fa6fa86729caa82fe5cb49e37692e6e041e
52014edd6197e885be9cab8263de2425d029feb09db90720d98994e433129351
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53d4bb13aef7e82cce50ee7ab2bb3319d3d103be399cc2d558f9a47b83483430
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
546b452638de5b3d3cf3e96a4f340f4b9459766d43742d4b867b817fa9b639e2
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
62ce775bb55da9d57f65ff1fedd0c5bc0817f3a9377345d3ae3d1ebf43c7affc
66e09b39a7601b3782cf48f1a7013475dd35b6ca9ec42547cc0d0d91e9db0dac
66e20911a77daab44f50a8e56bea70cdc1555029c59aeea85e0acf3928c2697a
6877dbc17f6c5d5d4b3683eca583fb3b46f5439b5a628199f2cfd18dfa03834d
6aa181af18968681faf87ca52b432ea9f1f9649c9065c0a9525982f1febff4e8
70325a733d40bef6346a7fffb7c1bff719a394c59e002acef9629d10caa3b578
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
712c203f3f950f3e9d9903601427f88479ca6ebf841b36fbb44f20a6196f4a8d
71eb9c0367022bf210c3f40e0db7b76c61c4520451607e240bba292b9a689ff9
769fcb8c0007cad6397a2b36aae5e7079b41129ba7feb2e783514e23be975380
76e3a1dec4cea66c82defffa2c01073ed63376d4c00577f49c17d245a441a7b9
78d19d5b7f8934c84b99579a614ea1199810756137b74e176568331b261d37f0
7d260c3b2d4e8bbbef70562c79d205f0274318a70747a634b73b521a19556c32
81553b250785399ebbd32c86a05bfe0d2f3afc217fd34cd7d59520c8052b221b
815c3107e8d33a5416c2f31791679ca8643c346aac54bce17fd4ec9974236e2c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d8f221308545e80794badd94050201c49a0850b3e6d1e64a90d2662a7edafc
857c53655f1d1562d202119687b24378de01d79ea3980f074c19d58e8ddf9aef
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
89278d24ecb73699a35f9e7de67c3e4f80a91cbcf1dc6fd999dfbbda66ad1323
8a3fb8ea7e82ae6f3f8c53cdb607cce3e2ae57be9ac71548928c7c108e8a0b51
8a76967eb1cbb555a27ba25097abbaedfe8bfa8ee61b96034aa5c402e7459a44
8bf5f9f57b14e467c6297173b82411e36ce7db838165ab452be4734a428ae0d8
8d2c8ea830e583681b95c707f9aa6fe2a6c7ae6c132b7e683fa7b1c20a2d6b69
8d80972d12b2ede7982ab759c7d8d6e9ba6e77b960669c7ad05f079a7a860209
8e9f06d90b20c51f87d537031ba6f7dfa141e0a41b6291120c1160dabaa4d216
90da38a84ca18c97c3f99cbf72a815c09e7a9ea0a6e8388448d9de30a8197c5c
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
97a79f6300c9fbaa69337a194da81f12e6350489112c2733a09b1e524cb4137f
980f3221591939a83121b2a07a998e50c67de2059140a39904708dd9341c8a92
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
98b300db58785883f442f9a8ae355b114dac0c031ca3c7dc90a0021b042d99f5
99ea8575bd6f715ebac2437f6c6033157f1b941724c28a48625263f6cb576ecd
9b1499efd6305a93931bd030a070a1f29399a6d31093840dd33eb5dc6f02c58f
9da48e3b376b5aae2b1acdb9d902165373088bcdde44e8146152c19f5ee4b955
a05d65bb7f856e5070295335b0eaa200636553faf436aa73b70d810788b355f6
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a34fc6f42a3fee3d2bc500e7ac87d2000cec14f4f565fc989b069a0de1e791a2
a4723650467757b03dfc0bea9f6d77ad64c790a10d3cf449d81f264a591d3287
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a58d1105787201c8e9bd4d0f4aebf3025fa9a63f05772a3d3e02e551e4b12e6c
a7e388b99d3858f92f60cb3486a26611f84f7c643e77ec69e194c7cb24bbb732
a85c6a13d3b5943ab98dd8802788a2875e6ab0f3ab39b6270f1a18ee0b7d3c5d
adc74d14db47342456990108bcf38399396b522d9e087c821888ff707eaa4e53
ae99a9904d2b50b6f4a7769cb105586d4fe0c5a98d64ec6fd4f2183e404009da
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
afa96e1c303921183a6abbe3ef219c3071bfd8d53af40c5604b93265fd510d8c
b03e9fff605e30f45f7c31e6187fb41da51358f030008f5e8531fd583f62dfb8
b1bee0e355ab2f424e87eeb96b9b3ea7d9f39b1ec29a2eb5813a6925ee6fd5a2
b20ecbfcd6867fa89bf303e0b8037fa50d6087dfd6801acf046fb4e9afcc939e
b31df39f474fc770573cff8de1259b0cc5ee4257b1cb80276163cba5a049f4e4
b35c686f0cd2e5e63e8e07983dfba1d8093ae3bf33e71335584d309101f098c9
c2456168d747974b8a763c211f71ad357fe214d0ed6de3c196dc684e3879164f
c257f1aef1d6ca05e54bb749ee3f4c84b0e5eba71bed5196f70bf3f482294478
c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c76bd2a19963b97329aa03e110461355d48cd6220625c6369b1ce5e57c5f3898
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
c96cfbf4eb31f904618ce71ef8d2b649c9e3145718fff9e08cf21c1613451603
cb4e98dbcc802f0db523f2b76cccebfe59c5e7fa8f64da553261532ad7b6126c
ce2cff56ab3f2b151716f5fbfc6bba418c5790d37b12d56525d59912cb76d8db
ce4f50ab9a5e2ccb5b2aad9937157f514e27c208312945c1775dffbfc40d2129
cf5e08cf877c4564986bbdb1acff58f88bd6d3ddc7227c64f1817390ed0b96b9
d1c80ea1c84ea8f614a744b0f6a2cb33bbaef382f940197bb3a63591d13f25fc
d3994b4330bb59015b13cd5ebf8c244beaba0d44c26bff7cba8bad5c06535b63
d48c95e39e7dcd31ebeee1191f77770fa1cb0a4213bb84ac925406066218c841
d55a404d4189a99b64edcdefc7dc5168b305225278aaf791620aa73232136a1e
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6defd4e1566a22121686f1300b56bf76c7d9bebb2b3dc9defb6e64616d30566
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7f83d3bd357bf3046323ab5eab21aa339872cd5c58458d06fb26c7aa0253ff1
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
da1951dbb04576b09686de663bfb9ae7e68b7ac25cfa71cd5a6cca4241b0ac34
e12feafbd6e9c44e4984fa508c9a62e4a1fbf91a260e1447697853d41f2f24b9
e1ea5dff0e018403f3bb81b019d13d89fc378d2a34670590ccf2b49dd667269e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1
e476ee0536ebb5ddbb27a312bccd6f765803a4bf655f9427a62aec7a7da86556
e6e81d647c6b431b42c089c918d6cfc2319e617dd3d990625a299538de95643b
e70810e35807451cb90b6ed3dcdd5f785b2b5230da39427189219c2c473fb733
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
e97b41cba988279e6e91819fe6dfc699444f6d24c33d89ddc8afe33d4418efd5
e9c9244f08810a7573b16fd89288d4587f617de4c005b3e4d74ee034b6dbf280
e9dc048253b6c2084203ac3c62fcfff887c40126fe164c79c5accb8d72c479d2
ea340658ce0ac6284055d6cba53a1b8367998ac0bda3c566cde829914b2c44f3
eb6a2e6f164f507e63c24616b28474722cf694e70113ad4e7b333c23ae45bc03
ee019d5310b5439e163627498ed60dbf75dede813208891070ecf483b03acd95
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe9b266f0360dea874bb85ee0a50b69f3d7d0d515fb9e070a441c9df722ecd8
f191e4bcef8e8544a41ff1cdd7d7c1e1cbe85cf94e9bde7d337415d35ebdbfc2
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
f1ba3976d67b68e50c96b13b92cf9c032004746ebf667572b1ed489f7c62d17b
f2eed734f605a8196ad41babb8c17ce27288f4c54d48d2a20ea06f376956470d
f5174dcb629fa84ef493b129e69209105590471cb80bb24213b10fe4e0493958
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f8e2366a88ff7d871b8d027d8493d94d7f6a487b3f144715f17d6a1af7bd1208
f8e36c8804b285ff2bc99c2862f57334d1fa0c2e86eb742e197d657e9bb6be9d
f9aa104ca6f0ddb874767941608ae2ae01b7d384e1c8dd48c58c60f03fe66cee
fb4f29d525568e669da37c2535af0b121ebec0a85c3ab0121a49f909e9a8b696
feaa5d90cbf83f7b041b956dddaa40616805d9fbc27aa5d03cc9489b7c57a7b7