kimcartoon.li Open in urlscan Pro
2606:4700:20::681a:ba7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://kimcartoon.to/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Effective URL:
https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Submission Tags: falconsandbox
Submission: On May 30 via api (May 30th 2021, 4:05:08 pm UTC) from US

Summary HTTP 199 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 47 IPs in 10 countries across 56 domains to perform 199 HTTP transactions. The main IP is 2606:4700:20::681a:ba7, located in United States and belongs to CLOUDFLARENET, US. The main domain is kimcartoon.li.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 9th 2021. Valid for: a year.

This is the only time kimcartoon.li was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::ac43:90f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2606:4700:20:... 2606:4700:20::681a:ba7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	172.255.6.159 172.255.6.159	7979 (SERVERS-COM) (SERVERS-COM)
1 16	2606:4700:20:... 2606:4700:20::ac43:4597	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
11	2600:9000:218... 2600:9000:2182:3600:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	176.31.68.243 176.31.68.243	16276 (OVH) (OVH)
2	142.91.9.135 142.91.9.135	7979 (SERVERS-COM) (SERVERS-COM)
4	222.230.178.129 222.230.178.129	2519 (VECTANT A...) (VECTANT ARTERIA Networks Corporation)
6	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	18.214.201.148 18.214.201.148	14618 (AMAZON-AES) (AMAZON-AES)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 4	2606:4700:303... 2606:4700:3036::ac43:9a24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:218... 2600:9000:2182:9c00:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	3.223.238.47 3.223.238.47	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2 6	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	18.198.109.212 18.198.109.212	16509 (AMAZON-02) (AMAZON-02)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
3	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3 42	2606:4700:20:... 2606:4700:20::681a:34e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:3d::7	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::ac43:ceb1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:5ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
2	173.237.61.68 173.237.61.68	7979 (SERVERS-COM) (SERVERS-COM)
2	35.153.9.102 35.153.9.102	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
6 6	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
24 24	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
6 6	35.156.153.71 35.156.153.71	16509 (AMAZON-02) (AMAZON-02)
9 9	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
9 9	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
3 3	52.2.89.95 52.2.89.95	14618 (AMAZON-AES) (AMAZON-AES)
15 15	136.144.59.88 136.144.59.88	54825 (PACKET) (PACKET)
9 22	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
6 6	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 3	104.108.145.8 104.108.145.8	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
3	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
8 8	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3 6	54.239.17.112 54.239.17.112	16509 (AMAZON-02) (AMAZON-02)
3	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
2 3	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
2 2	3.66.135.160 3.66.135.160	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
2	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1	52.210.44.111 52.210.44.111	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
199	47

1 2606:4700:3034::ac43:90f5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kimcartoon.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:20::681a:ba7 (United States)

ASN13335 (CLOUDFLARENET, US)

kimcartoon.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.255.6.159 (Netherlands)

ASN7979 (SERVERS-COM, US)

toeschistache.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:20::ac43:4597 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
logs.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:2182:3600:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.31.68.243 (France)

ASN16276 (OVH, FR)
PTR: ip243.ip-176-31-68.eu

pailridarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.91.9.135 (Netherlands)

ASN7979 (SERVERS-COM, US)

video.your-notice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 222.230.178.129 (Sapporo, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)

js.genieessp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.214.201.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-201-148.compute-1.amazonaws.com

pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3036::ac43:9a24 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.luxubu.review	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:9c00:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.223.238.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-238-47.compute-1.amazonaws.com

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.109.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2606:4700:20::681a:34e (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ms.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:3d::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5ednz7.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:ceb1 (United States)

ASN13335 (CLOUDFLARENET, US)

ddmax20.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:5ac (United States)

ASN13335 (CLOUDFLARENET, US)

thumb.fvs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

awaitcola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.237.61.68 (United States)

ASN7979 (SERVERS-COM, US)

cdn.viaplays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vids.viaplays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.153.9.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-9-102.compute-1.amazonaws.com

1x1.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.42.196.115 (Luxembourg) 6 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 185.33.220.244 (Amsterdam, Netherlands) 24 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.156.153.71 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.126.56.137 (Frankfurt am Main, Germany) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 72.251.249.14 (Amsterdam, Netherlands) 9 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.2.89.95 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 136.144.59.88 (Secaucus, United States) 15 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2.18.234.21 (Frankfurt am Main, Germany) 9 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.189.110 (United Kingdom) 6 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.108.145.8 (Berlin, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.66 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.239.17.112 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.242.53 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.66.135.160 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.44.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	quantumdex.io 3 redirects useast.quantumdex.io sync.quantumdex.io ms.quantumdex.io	18 KB
25	casalemedia.com 11 redirects ssum.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	27 KB
24	adnxs.com 24 redirects ib.adnxs.com	23 KB
21	kimcartoon.li kimcartoon.li	255 KB
17	a-mo.net prebid.a-mo.net Failed 1x1.a-mo.net	3 KB
16	vlitag.com 1 redirects services.vlitag.com tag.vlitag.com assets.vlitag.com logs.vlitag.com media.vlitag.com stats.vlitag.com	398 KB
15	pubmatic.com 6 redirects pubmatic.com image2.pubmatic.com ads.pubmatic.com image6.pubmatic.com	55 KB
14	sharethis.com ws.sharethis.com count-server.sharethis.com l.sharethis.com	94 KB
10	yahoo.com 9 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	9 KB
9	lijit.com 9 redirects ap.lijit.com	5 KB
9	doubleclick.net 8 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net	110 KB
6	amazon-adsystem.com 3 redirects s.amazon-adsystem.com	3 KB
6	sonobi.com sync.go.sonobi.com	3 KB
6	advertising.com 6 redirects pixel.advertising.com	2 KB
6	betweendigital.com 6 redirects ads.betweendigital.com	3 KB
6	google-analytics.com www.google-analytics.com	39 KB
6	twitter.com platform.twitter.com syndication.twitter.com	149 KB
4	luxubu.review 1 redirects www.luxubu.review	66 KB
4	genieessp.com js.genieessp.com	1 KB
3	owneriq.net 2 redirects px.owneriq.net	1 KB
3	adsrvr.org match.adsrvr.org	793 B
3	onetag-sys.com onetag-sys.com	2 KB
3	advangelists.com 3 redirects nep.advangelists.com	673 B
3	yandex.com 1 redirects mc.yandex.com	2 KB
3	creativecdn.com prebid-eu.creativecdn.com	525 B
3	yandex.ru 1 redirects mc.yandex.ru	69 KB
3	facebook.com www.facebook.com
2	adform.net c1.adform.net	661 B
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	turn.com 2 redirects ad.turn.com	850 B
2	viaplays.com cdn.viaplays.com vids.viaplays.com	155 KB
2	googlevideo.com 1 redirects redirector.googlevideo.com r2---sn-4g5ednz7.googlevideo.com	845 B
2	facebook.net connect.facebook.net	67 KB
2	your-notice.com video.your-notice.com	6 KB
1	ad4m.at ad4m.at
1	bidr.io match.prod.bidr.io	430 B
1	quantserve.com 1 redirects pixel.quantserve.com	511 B
1	stickyadstv.com ads.stickyadstv.com	723 B
1	rfihub.com 1 redirects p.rfihub.com	779 B
1	googletagmanager.com www.googletagmanager.com	35 KB
1	awaitcola.com awaitcola.com
1	fvs.io thumb.fvs.io	2 KB
1	ddmax20.xyz ddmax20.xyz	5 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	googleapis.com imasdk.googleapis.com	115 KB
1	googletagservices.com www.googletagservices.com	21 KB
1	consensu.org c.sharethis.mgr.consensu.org	1 KB
1	pailridarm.com pailridarm.com	1 KB
1	toeschistache.com toeschistache.com	1 KB
1	jquery.com code.jquery.com	33 KB
1	kimcartoon.to 1 redirects kimcartoon.to	627 B
0	33across.com Failed ssc-cms.33across.com Failed
0	e-planning.net Failed ads.us.e-planning.net Failed
0	bebi.com Failed www.bebi.com Failed
0	propellerads.com Failed propellerads.com Failed
0	malinesmanses.com Failed malinesmanses.com Failed
199	56

	Domain	Requested by
36	sync.quantumdex.io	assets.vlitag.com sync.quantumdex.io ssum-sec.casalemedia.com
24	ib.adnxs.com	24 redirects
21	kimcartoon.li	kimcartoon.li code.jquery.com
15	prebid.a-mo.net	assets.vlitag.com
13	dsum-sec.casalemedia.com	5 redirects ssum-sec.casalemedia.com
11	ws.sharethis.com	kimcartoon.li ws.sharethis.com
9	ssum-sec.casalemedia.com	3 redirects sync.quantumdex.io ssum-sec.casalemedia.com
9	ap.lijit.com	9 redirects
9	ups.analytics.yahoo.com	9 redirects
8	cm.g.doubleclick.net	8 redirects
6	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com
6	ads.pubmatic.com	sync.quantumdex.io ads.pubmatic.com
6	sync.go.sonobi.com	sync.quantumdex.io
6	image2.pubmatic.com	6 redirects
6	pixel.advertising.com	6 redirects
6	ads.betweendigital.com	6 redirects
6	www.google-analytics.com	kimcartoon.li www.google-analytics.com www.googletagmanager.com
5	assets.vlitag.com	tag.vlitag.com kimcartoon.li
4	tag.vlitag.com	services.vlitag.com tag.vlitag.com
4	www.luxubu.review	1 redirects kimcartoon.li www.luxubu.review
4	js.genieessp.com	kimcartoon.li tag.vlitag.com
4	platform.twitter.com	kimcartoon.li platform.twitter.com
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
3	match.adsrvr.org	ssum-sec.casalemedia.com
3	onetag-sys.com	sync.quantumdex.io
3	ssum.casalemedia.com	3 redirects
3	nep.advangelists.com	3 redirects
3	ms.quantumdex.io	3 redirects
3	stats.vlitag.com	kimcartoon.li
3	mc.yandex.com	1 redirects www.luxubu.review
3	useast.quantumdex.io	assets.vlitag.com
3	prebid-eu.creativecdn.com	assets.vlitag.com
3	mc.yandex.ru	1 redirects www.luxubu.review
3	www.facebook.com	kimcartoon.li connect.facebook.net
2	c1.adform.net	ssum-sec.casalemedia.com
2	pm.w55c.net	2 redirects
2	ad.turn.com	2 redirects
2	1x1.a-mo.net	kimcartoon.li
2	syndication.twitter.com	platform.twitter.com kimcartoon.li
2	l.sharethis.com	ws.sharethis.com kimcartoon.li
2	connect.facebook.net	ws.sharethis.com connect.facebook.net
2	pubmatic.com	code.jquery.com
2	video.your-notice.com	kimcartoon.li video.your-notice.com
2	services.vlitag.com	kimcartoon.li services.vlitag.com
1	image6.pubmatic.com	ads.pubmatic.com
1	ad4m.at	ssum-sec.casalemedia.com
1	match.prod.bidr.io	ssum-sec.casalemedia.com
1	pixel.quantserve.com	1 redirects
1	ads.stickyadstv.com	ssum-sec.casalemedia.com
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	p.rfihub.com	1 redirects
1	vids.viaplays.com	cdn.viaplays.com
1	www.googletagmanager.com	tag.vlitag.com
1	cdn.viaplays.com	video.your-notice.com cdn.viaplays.com
1	awaitcola.com	ddmax20.xyz
1	thumb.fvs.io	www.luxubu.review
1	ddmax20.xyz	www.luxubu.review
1	r2---sn-4g5ednz7.googlevideo.com	kimcartoon.li
1	redirector.googlevideo.com	1 redirects
1	media.vlitag.com	1 redirects
1	logs.vlitag.com	kimcartoon.li
1	cdn.jsdelivr.net	assets.vlitag.com
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	imasdk.googleapis.com	tag.vlitag.com
1	www.googletagservices.com	tag.vlitag.com
1	count-server.sharethis.com	ws.sharethis.com
1	c.sharethis.mgr.consensu.org	ws.sharethis.com
1	pailridarm.com	kimcartoon.li
1	toeschistache.com	kimcartoon.li
1	code.jquery.com	kimcartoon.li
1	kimcartoon.to	1 redirects
0	ssc-cms.33across.com Failed	sync.quantumdex.io
0	ads.us.e-planning.net Failed	assets.vlitag.com
0	www.bebi.com Failed	code.jquery.com
0	propellerads.com Failed	code.jquery.com
0	malinesmanses.com Failed	kimcartoon.li
199	76

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
readcomiconline.li

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-04-09` - `2022-04-08`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
toeschistache.com R3	`2021-03-26` - `2021-06-24`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
pailridarm.com R3	`2021-03-25` - `2021-06-23`	3 months	crt.sh
your-notice.com R3	`2021-05-10` - `2021-08-08`	3 months	crt.sh
*.genieessp.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-30` - `2021-10-29`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
pubmatic.com Go Daddy Secure Certificate Authority - G2	`2020-08-05` - `2021-08-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-18` - `2022-03-26`	10 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-05-18` - `2021-07-27`	2 months	crt.sh
awaitcola.com R3	`2021-05-19` - `2021-08-17`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
cdn.viaplays.com R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
*.a-mo.net Amazon	`2020-08-24` - `2021-09-24`	a year	crt.sh
vids.viaplays.com R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
onetag-sys.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-11-17`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh

This page contains 35 frames:

Primary Page: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Frame ID: B0ACDE4CE9DD244575022FACF1709D02
Requests: 82 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fkimcartoonfp&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=dark&font&height=21
Frame ID: 47B2B63BEE36894850F09020E9AABAD6
Requests: 1 HTTP requests in this frame

Frame: https://www.luxubu.review/v/-p04lup6pzpl2rl
Frame ID: 37AEB5AAF55C544222759D6F0196CA17
Requests: 10 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=dark&font&height=21
Frame ID: F849B1ABFD536C595FB79F3A79F65AE8
Requests: 1 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: A0CCC05C96DA9D1550EDD7DAD9EBF1B7
Requests: 1 HTTP requests in this frame

Frame: https://video.your-notice.com/slider-44.php?html=102158&new_left=1&ref_page=https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Frame ID: 6E9BFBA857F60B78C3F6E34C86F85808
Requests: 5 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fkimcartoon.li
Frame ID: 6B15DD6BE0C754C6F2B3A16931794EE9
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/like.php?action=&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc310caa5ed31%26domain%3Dkimcartoon.li%26origin%3Dhttps%253A%252F%252Fkimcartoon.li%252Ff35d814dc720968%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FSouth-Park-Season-24%2FSpecial-The-Pandemic-Special%3Fid%3D98868%26s%3Dfe&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false
Frame ID: 8D6FCDA5AF3A778FE5D655F79C931A2E
Requests: 1 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure5x/index.html
Frame ID: 5BDAE8FEE35DBC5F622E99D414CC41BE
Requests: 3 HTTP requests in this frame

Frame: https://tag.vlitag.com/passback/?t=1622364808&d=14227&z=56192&divID=vi_1422756192_344&w=970&h=250
Frame ID: 67DCF9D8435E9584EE0C74102D0DFD97
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-29
Frame ID: 14CD4F4DB4172D4EDABD79F97D98CC32
Requests: 5 HTTP requests in this frame

Frame: https://tag.vlitag.com/passback/?t=1622364808&d=14227&z=56186&divID=vi_1422756186_495&w=300&h=250
Frame ID: 0D2E74FD07A0C5B6854F64F4BB9440EA
Requests: 2 HTTP requests in this frame

Frame: https://tag.vlitag.com/passback/?t=1622364808&d=14227&z=56194&divID=vi_1422756194_833&w=300&h=250
Frame ID: E673EDCB3FB093CF153815886D8F516F
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.en.html
Frame ID: 0C4E0F551EE38E056E8D913A2D84F73B
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 8E177D920FDB2C2CAC777051FCEA2B24
Requests: 12 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: DD3CCF4C16218C2816740DAEDC6C85F7
Requests: 12 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: C574C497DB3161C431FC94B01F550958
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: FF8318CC25842B1A5637AC73EB48821C
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 54BC5B82306014A373475C422F0107A4
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 2AADBD9603FFD7047BAE8A802ADEF0FF
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 862DDD79C74BCCEC65CE7745737C1D2E
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 12DCB29B829721BC1E144FAA304BDC1A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 4BAFBC287A2E894DFD48968B820AF364
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 799B431D880BC27E961804FDDEBB3172
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 3C4F6ACB1BF94ED14D29BB0C59FB74FD
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 467FC39AF89BE2F93BCAEBEC414BC0CE
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: BA15AD1BA11236A13458E205D8310730
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: D9EE859C96192D51001C0EE9C80D50D2
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 713DDA87A2C60C91F66ADE7C7251AFF8
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 77E2DBD93328D167592F52136A954A61
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 71CE7B07DDBE013187694D76BEC3DB81
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: BAB710DC2A970A151A79E861359EF8E9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0E9E191A6F01AE32DC149BF69145F072
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: DC503D9429D5354785BCA7C658517401
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5B606552E514ABB79E10E62DCF806533
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://kimcartoon.to/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe HTTP 301
https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

199
Requests

92 %
HTTPS

41 %
IPv6

56
Domains

76
Subdomains

47
IPs

10
Countries

1721 kB
Transfer

5221 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/messages/t/kimcartoonfp
Title: Request Cartoon

Search URL Search Domain Scan URL

URL: https://readcomiconline.li/
Title: Read Comic

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://kimcartoon.to/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe HTTP 301
https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://media.vlitag.com/vid/?id=5aWbsTPK-_0&t=y HTTP 302
https://redirector.googlevideo.com/videoplayback?expire=1622398473&ei=qYGzYLeiLqbYxN8Pu5OIkAY&ip=52.214.224.26&id=o-AD97HaH6YB-3xBrwlI5gPH53HHKjNHMZHVg6VIFoIMil&itag=22&source=youtube&requiressl=yes&mh=sg&mm=31%2C26&mn=sn-q0cedn7s%2Csn-4g5ednz7&ms=au%2Conr&mv=m&mvi=2&pl=13&initcwndbps=1118750&vprv=1&mime=video%2Fmp4&ns=07LgtWVanN742ITiw8oixIUF&ratebypass=yes&dur=312.331&lmt=1567965288795412&mt=1622376535&fvip=2&fexp=24001373%2C24007246&beids=23886218&c=WEB&txp=2216222&n=D_aCdpX9JlVBlQho&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRQIgIW1lfmWGIb8Tq5rDXoJ-iLpIO5fnXKgRiU32SA-FP3QCIQCVuHG8b1jz4PUXDCqKOb_YWnHjP3EbQXPHvUJEkqX_2w%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPPzCMihyrbU64TetTzicZcWog1_xW25yg5ElWHIShMXAiEA9cw6zU2d8m5mFO45vKIZOOQ1JJWXvqg8Hv0xkaYf5Q4%3D HTTP 302
https://r2---sn-4g5ednz7.googlevideo.com/videoplayback?expire=1622398473&ei=qYGzYLeiLqbYxN8Pu5OIkAY&ip=52.214.224.26&id=o-AD97HaH6YB-3xBrwlI5gPH53HHKjNHMZHVg6VIFoIMil&itag=22&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=07LgtWVanN742ITiw8oixIUF&ratebypass=yes&dur=312.331&lmt=1567965288795412&fexp=24001373%2C24007246&beids=23886218&c=WEB&txp=2216222&n=D_aCdpX9JlVBlQho&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRQIgIW1lfmWGIb8Tq5rDXoJ-iLpIO5fnXKgRiU32SA-FP3QCIQCVuHG8b1jz4PUXDCqKOb_YWnHjP3EbQXPHvUJEkqX_2w%3D%3D&cms_redirect=yes&mh=sg&mip=2a01:4f8:121:131a::2&mm=31&mn=sn-4g5ednz7&ms=au&mt=1622390456&mv=m&mvi=2&pl=44&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgIY_PE4uCmAE3Ao037-pm9b760VedmQqvUiMj0zt6AO4CIGzzZ6ht8C7l_IMG5rNaKsF8e403nCSC2hACFm3p-3U6

Request Chain 81

https://mc.yandex.ru/watch/56313682 HTTP 302
https://mc.yandex.ru/watch/56313682/1

Request Chain 82

https://www.luxubu.review/asset/userdata/236207/player/4970_poster.png?v=1558635393 HTTP 302
https://thumb.fvs.io/asset/userdata/236207/player/4970_poster.png?v=1558635393

Request Chain 83

https://mc.yandex.com/watch/49788082?wmode=7&page-url=https%3A%2F%2Fwww.luxubu.review%2Fv%2F-p04lup6pzpl2rl&page-ref=https%3A%2F%2Fkimcartoon.li%2F&charset=utf-8&site-info=%7B%22owner%22%3A%22236207%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A530%3Acn%3A1%3Adp%3A0%3Als%3A550637841960%3Ahid%3A693577862%3Az%3A120%3Ai%3A20210530180434%3Aet%3A1622390675%3Ac%3A1%3Arn%3A734932910%3Au%3A1622390675824110823%3Aw%3A706x505%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1622390673903%3Anp%3ATGludXggeDg2XzY0%3Ads%3A13%2C43%2C226%2C1%2C2%2C0%2C%2C313%2C0%2C%2C%2C%2C652%3Adsn%3A13%2C43%2C226%2C1%2C1%2C0%2C%2C365%2C0%2C%2C%2C%2C652%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622390675%3At%3AVideo%2098868-South.Park.S24E00.The.Pandemic.Special.1080p.CC.WEBDL.AAC2.0.H264JEW_1601570203.mp4 HTTP 302
https://mc.yandex.com/watch/49788082/1?wmode=7&page-url=https%3A%2F%2Fwww.luxubu.review%2Fv%2F-p04lup6pzpl2rl&page-ref=https%3A%2F%2Fkimcartoon.li%2F&charset=utf-8&site-info=%7B%22owner%22%3A%22236207%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A530%3Acn%3A1%3Adp%3A0%3Als%3A550637841960%3Ahid%3A693577862%3Az%3A120%3Ai%3A20210530180434%3Aet%3A1622390675%3Ac%3A1%3Arn%3A734932910%3Au%3A1622390675824110823%3Aw%3A706x505%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1622390673903%3Anp%3ATGludXggeDg2XzY0%3Ads%3A13%2C43%2C226%2C1%2C2%2C0%2C%2C313%2C0%2C%2C%2C%2C652%3Adsn%3A13%2C43%2C226%2C1%2C1%2C0%2C%2C365%2C0%2C%2C%2C%2C652%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622390675%3At%3AVideo%2098868-South.Park.S24E00.The.Pandemic.Special.1080p.CC.WEBDL.AAC2.0.H264JEW_1601570203.mp4

Request Chain 121

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=a87d6c2b-2e00-5296-a3d3-5852c360efc8

Request Chain 122

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=146146024204649675

Request Chain 123

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8559430856929472137

Request Chain 124

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPbea94f55-c160-11eb-87da-021d85f833f4 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPbea94f55-c160-11eb-87da-021d85f833f4

Request Chain 125

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3081307013577367410

Request Chain 126

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=db3d43fc-d1b8-425f-8db1-022f25f70f70

Request Chain 127

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-rflPZnZE2uFFwSHUKIiCMmQ9HRnvtAp3U09zhxA-~A

Request Chain 128

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=782d2e6929284ada9e399c4e

Request Chain 129

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-8b77a038-8f9b-435b-892a-eb2ae020068b

Request Chain 130

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Damx-rtb%26uid%3D HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3Dd1b7525f-d24e-4757-8f7d-b8bc6998fc95%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%253FA%253Dd1b7525f-d24e-4757-8f7d-b8bc6998fc95%2526bidder%253Dappnexus%2526cbx%253DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%25253D%2526uid%253D%24UID HTTP 302
https://prebid.a-mo.net/cchain/0?A=d1b7525f-d24e-4757-8f7d-b8bc6998fc95&bidder=appnexus&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=611051608449761676 HTTP 302
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3Dd1b7525f-d24e-4757-8f7d-b8bc6998fc95%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D$UID HTTP 307
https://prebid.a-mo.net/cchain/1?A=d1b7525f-d24e-4757-8f7d-b8bc6998fc95&bidder=sovrn&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0=&uid=abfeaacf2453d1a084bd238e HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3Dd1b7525f-d24e-4757-8f7d-b8bc6998fc95%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D HTTP 302
https://prebid.a-mo.net/cchain/2?A=d1b7525f-d24e-4757-8f7d-b8bc6998fc95&bidder=index_rtb&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=YLO3mQSM0HaISZDWP4n8ywAA%261208 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3Dd1b7525f-d24e-4757-8f7d-b8bc6998fc95%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3Dd1b7525f-d24e-4757-8f7d-b8bc6998fc95%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D HTTP 302
https://prebid.a-mo.net/cchain/3?A=d1b7525f-d24e-4757-8f7d-b8bc6998fc95&bidder=pubmatic&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid= HTTP 302
https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=d1b7525f-d24e-4757-8f7d-b8bc6998fc95

Request Chain 132

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 137

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=a87d6c2b-2e00-5296-a3d3-5852c360efc8

Request Chain 138

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2540641314021875065

Request Chain 139

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8559430856929472137

Request Chain 140

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPbea94f55-c160-11eb-87da-021d85f833f4 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPbea94f55-c160-11eb-87da-021d85f833f4

Request Chain 141

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5131895463477007882

Request Chain 142

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=476376cf-ce55-4942-bf43-078b3c1c7e24

Request Chain 143

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-rflPZnZE2uFFwSHUKIiCMmQ9HRnvtAp3U09zhxA-~A

Request Chain 144

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3a413102b46170a3b714352a

Request Chain 145

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-ea3166b5-16a9-40fd-8010-2d34d469c631

Request Chain 146

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Damx-rtb%26uid%3D HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3Dba016e2f-49ef-4fae-9cd6-812ae0f8ccf7%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%253FA%253Dba016e2f-49ef-4fae-9cd6-812ae0f8ccf7%2526bidder%253Dappnexus%2526cbx%253DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%25253D%2526uid%253D%24UID HTTP 302
https://prebid.a-mo.net/cchain/0?A=ba016e2f-49ef-4fae-9cd6-812ae0f8ccf7&bidder=appnexus&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=5809129688323743397 HTTP 302
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3Dba016e2f-49ef-4fae-9cd6-812ae0f8ccf7%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D$UID HTTP 307
https://prebid.a-mo.net/cchain/1?A=ba016e2f-49ef-4fae-9cd6-812ae0f8ccf7&bidder=sovrn&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0=&uid=abfeaacf2453d1a084bd238e HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3Dba016e2f-49ef-4fae-9cd6-812ae0f8ccf7%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D HTTP 302
https://prebid.a-mo.net/cchain/2?A=ba016e2f-49ef-4fae-9cd6-812ae0f8ccf7&bidder=index_rtb&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=YLO3mQSM0HaISZDWP4n8ywAA%261208 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3Dba016e2f-49ef-4fae-9cd6-812ae0f8ccf7%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3Dba016e2f-49ef-4fae-9cd6-812ae0f8ccf7%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D HTTP 302
https://prebid.a-mo.net/cchain/3?A=ba016e2f-49ef-4fae-9cd6-812ae0f8ccf7&bidder=pubmatic&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid= HTTP 302
https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=ba016e2f-49ef-4fae-9cd6-812ae0f8ccf7

Request Chain 148

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 153

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3081307013577367410

Request Chain 154

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=89c82d5f-c7b3-47f2-802c-05a3fd3c85a5

Request Chain 155

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-rflPZnZE2uFFwSHUKIiCMmQ9HRnvtAp3U09zhxA-~A

Request Chain 156

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=abfeaacf2453d1a084bd238e

Request Chain 157

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-15e54628-3f67-441d-95e6-ce1aee3a39a9

Request Chain 158

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Damx-rtb%26uid%3D HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3Db1106248-d3c2-4c74-b40b-4f05b34d04b6%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%253FA%253Db1106248-d3c2-4c74-b40b-4f05b34d04b6%2526bidder%253Dappnexus%2526cbx%253DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%25253D%2526uid%253D%24UID HTTP 302
https://prebid.a-mo.net/cchain/0?A=b1106248-d3c2-4c74-b40b-4f05b34d04b6&bidder=appnexus&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=146146024204649675 HTTP 302
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3Db1106248-d3c2-4c74-b40b-4f05b34d04b6%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D$UID HTTP 307
https://prebid.a-mo.net/cchain/1?A=b1106248-d3c2-4c74-b40b-4f05b34d04b6&bidder=sovrn&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0=&uid=abfeaacf2453d1a084bd238e HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3Db1106248-d3c2-4c74-b40b-4f05b34d04b6%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D HTTP 302
https://prebid.a-mo.net/cchain/2?A=b1106248-d3c2-4c74-b40b-4f05b34d04b6&bidder=index_rtb&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=YLO3mQSM0HaISZDWP4n8ywAA%261208 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3Db1106248-d3c2-4c74-b40b-4f05b34d04b6%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3Db1106248-d3c2-4c74-b40b-4f05b34d04b6%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D HTTP 302
https://prebid.a-mo.net/cchain/3?A=b1106248-d3c2-4c74-b40b-4f05b34d04b6&bidder=pubmatic&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid= HTTP 302
https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=b1106248-d3c2-4c74-b40b-4f05b34d04b6

Request Chain 160

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=a87d6c2b-2e00-5296-a3d3-5852c360efc8

Request Chain 161

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=3081307013577367410

Request Chain 162

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPbea94f55-c160-11eb-87da-021d85f833f4 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPbea94f55-c160-11eb-87da-021d85f833f4

Request Chain 163

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3081307013577367410

Request Chain 164

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 169

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLO3mQSM0HaISZDWP4n8xwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBCyi76roA5E9HMvRJVr-vc&google_cver=1&gdpr=1

Request Chain 170

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLO3mQSM0HaISZDWP4n8xwAABMQAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLO3mQSM0HaISZDWP4n8xwAABMQAAAAB&dcc=t

Request Chain 172

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLO3mQSM0HaISZDWP4n8xwAABMQAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YLO3mQSM0HaISZDWP4n8xwAABMQAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOs9wLkuytKfwkqWsE0hxTs&google_cver=1

Request Chain 173

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6756770991874762631&uid=Q6756770991874762631&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 174

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871316020458577150 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871316020458577150&C=1

Request Chain 179

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLO3mQSM0HaISZDWP4n8ywAABLgAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YLO3mQSM0HaISZDWP4n8ywAABLgAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECvspAS9GxW8e8AqjMKFwcw&google_cver=1

Request Chain 180

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLO3mQSM0HaISZDWP4n8ywAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBCyi76roA5E9HMvRJVr-vc&google_cver=1&gdpr=1

Request Chain 181

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLO3mQSM0HaISZDWP4n8ywAABLgAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLO3mQSM0HaISZDWP4n8ywAABLgAAAIB&dcc=t

Request Chain 182

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7634866130787413332

Request Chain 183

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0I7t8ZWA1LNnVK5&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0I7t8ZWA1LNnVK5&gdpr=1&C=1

Request Chain 184

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=QzCHDhc33ARYOIAMEzbIXxdj3Q1YOdwMTDHOSkFk

Request Chain 187

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLO3mccQZpk07l2.JKif1wAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBCyi76roA5E9HMvRJVr-vc&google_cver=1&gdpr=1&google_hm=2

Request Chain 188

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLO3mccQZpk07l2-JKif1wAABG8AAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLO3mccQZpk07l2-JKif1wAABG8AAAAB&dcc=t

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLO3mccQZpk07l2-JKif1wAABG8AAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAiQJg7uwYJdGrW05XeKeyc&google_cver=1

Request Chain 193

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7634866130787413332

199 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Special-The-Pandemic-Special Show response
kimcartoon.li/Cartoon/South-Park-Season-24/
Redirect Chain

https://kimcartoon.to/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe

38 KB
10 KB

1638ms
1610ms

Document
text/html

2606:4700:20::681a:ba7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f5b58354a67dc216d2562a0ca969d2f7bb6ca29ad599828af9abe3b1461319

Request headers

:method: GET
:authority: kimcartoon.li
:scheme: https
:path: /Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:33 GMT
content-type: text/html; charset=utf-8
cache-control: private
set-cookie: ASP.NET_SessionId=bxworwkxzrmwan3nslcztsj3; path=/; HttpOnly k_token=WGnCH990XdoGm2mlEYyQmE8%2f0csOTwQsCn8SaC2dBBWLCv2IiAYLYI73IimBDvq6hwBJD04%2bxAqxOjM8pcwqgWim%2bdBGq222VxzLO73%2b8PkZV5cHjLU9oMBCC7b%2fo0FCjQtLGC%2fpTnMT5T%2bm8xdVsJjgYY2lgPDUf%2fvzOHJKw4KAljbspluVtjRoh1jPA9lm%2f%2banyyq4Zk4LVxjpr3S%2f9bBSe75tF35M; path=/
cf-cache-status: DYNAMIC
cf-request-id: 0a5f9e2190000097908cbe0000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8zPn8nNOmfyUX7%2BGfdINsSmxYh8vUbCb91HLnWyT%2Fyt0r3v5VCdgIlUG1ZR4rWydbbkZhKkla%2FoddiGhbl%2FWAxLOwI2MjppgCLJRU8RhY%2BFLKSGPt%2BazKXwo7rM3pV0aOith9Rmr"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 657932e27d019790-FRA
content-encoding: br

Redirect headers

date: Sun, 30 May 2021 16:04:31 GMT
cache-control: max-age=3600
expires: Sun, 30 May 2021 17:04:31 GMT
location: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
cf-request-id: 0a5f9e21630000062538001000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=OaUle%2FxSHAiY6dATLAiRHsgdNzL9S9G6CGwbH7QT34NPTNkHKJpoTN662iNOW2FI2cb3GFHAWXKIRllVUvKRRrQLzm35GtWWQuwN5c7K7YfTYlJ6cbzkUDGdW9dcgJpF%2Fi9cbhXVfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 657932e239550625-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-1.7.min.js Show response
code.jquery.com/ 92 KB
33 KB 31ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.7.min.js
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:33 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-16f44"
vary: Accept-Encoding
x-hw: 1622390673.dop002.fr8.t,1622390673.cds227.fr8.hn,1622390673.cds220.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33254

GET
H2 200 common.js Show response
kimcartoon.li/Scripts/ 2 KB
1019 B 17ms
15ms Script
application/javascript 2606:4700:20::681a:ba7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kimcartoon.li/Scripts/common.js?v=1
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 892446b6fc7ec9f18e9adb42e84bd178d3bfa714adcddda3112e9016e6a422ea

Request headers

:path: /Scripts/common.js?v=1
pragma: no-cache
cookie: ASP.NET_SessionId=bxworwkxzrmwan3nslcztsj3; k_token=WGnCH990XdoGm2mlEYyQmE8%2f0csOTwQsCn8SaC2dBBWLCv2IiAYLYI73IimBDvq6hwBJD04%2bxAqxOjM8pcwqgWim%2bdBGq222VxzLO73%2b8PkZV5cHjLU9oMBCC7b%2fo0FCjQtLGC%2fpTnMT5T%2bm8xdVsJjgYY2lgPDUf%2fvzOHJKw4KAljbspluVtjRoh1jPA9lm%2f%2banyyq4Zk4LVxjpr3S%2f9bBSe75tF35M
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: kimcartoon.li
referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5702
cf-polished: origSize=2396
cf-request-id: 0a5f9e27e3000097909cb09000000001
last-modified: Thu, 16 Mar 2017 01:50:50 GMT
server: cloudflare
etag: W/"509b5bbdf79dd21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7bX7Pjd3rL8V%2F3m0S1z6z%2Brhbx1b8LIVhWHuGQe41Fb9pxkUyEdTQnxkBe%2FDvUW83BIb7JBNt02zmVRSbBHwjly7A%2BpwVSGWfriBhVjAWtzJdpsNFI2Qq4F5t0TjE9M020tBEcOL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 657932ec9a119790-FRA
cf-bgj: minify

GET
H2 200 tpl_style.css
kimcartoon.li/Content/css/ 20 KB
5 KB 22ms
20ms Stylesheet
text/css 2606:4700:20::681a:ba7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b7b0a2762ce7182456b16464e33f025e9a24a4274b1df5d5a06694fd2baefa9

Request headers

:path: /Content/css/tpl_style.css?v=10.14.2
pragma: no-cache
cookie: ASP.NET_SessionId=bxworwkxzrmwan3nslcztsj3; k_token=WGnCH990XdoGm2mlEYyQmE8%2f0csOTwQsCn8SaC2dBBWLCv2IiAYLYI73IimBDvq6hwBJD04%2bxAqxOjM8pcwqgWim%2bdBGq222VxzLO73%2b8PkZV5cHjLU9oMBCC7b%2fo0FCjQtLGC%2fpTnMT5T%2bm8xdVsJjgYY2lgPDUf%2fvzOHJKw4KAljbspluVtjRoh1jPA9lm%2f%2banyyq4Zk4LVxjpr3S%2f9bBSe75tF35M
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: kimcartoon.li
referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5702
cf-polished: origSize=29409
cf-request-id: 0a5f9e27ea000097907bb21000000001
last-modified: Thu, 18 Apr 2019 03:33:23 GMT
server: cloudflare
etag: W/"f49e327a97f5d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=T2FlGMknDHq%2Fe5Uo78ftLNWr1dp%2FDGtfy6RaYO9vHyF6FfoGMs8g6ReyeuMCtFz9YBAJhXNzQ2RyVXKAzF%2B%2Bh%2FJc4XjMWZEIRVHtnA73RWusI%2B%2B0%2FpaE8NG2L7ZPjz8sSovqFWuw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 657932ec9a109790-FRA
cf-bgj: minify

GET
H2 200 upload-progress.css
kimcartoon.li/Content/css/ 613 B
581 B 25ms
24ms Stylesheet
text/css 2606:4700:20::681a:ba7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kimcartoon.li/Content/css/upload-progress.css
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a06db8dd7c05e79c587945cb8e38c2506a83c2e34177083d15a7d21a529e3744

Request headers

:path: /Content/css/upload-progress.css
pragma: no-cache
cookie: ASP.NET_SessionId=bxworwkxzrmwan3nslcztsj3; k_token=WGnCH990XdoGm2mlEYyQmE8%2f0csOTwQsCn8SaC2dBBWLCv2IiAYLYI73IimBDvq6hwBJD04%2bxAqxOjM8pcwqgWim%2bdBGq222VxzLO73%2b8PkZV5cHjLU9oMBCC7b%2fo0FCjQtLGC%2fpTnMT5T%2bm8xdVsJjgYY2lgPDUf%2fvzOHJKw4KAljbspluVtjRoh1jPA9lm%2f%2banyyq4Zk4LVxjpr3S%2f9bBSe75tF35M
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: kimcartoon.li
referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5216
cf-polished: origSize=669
cf-request-id: 0a5f9e27e4000097908a288000000001
last-modified: Thu, 12 Mar 2015 15:28:28 GMT
server: cloudflare
etag: W/"70968e30d95cd01:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jq6kQkZ2VbYS3rztXYRPzWggjAOQG0K0HHmbuRrxQGSOGsCDchZS42ZTyd0ooI4R%2BfQBD11PiWofHtOhsuajf%2FrAVw%2FivH3sWNAKMZmlcmiVINl8RIRyoKhGl%2Fj2qSWJ7tAA8aIz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 657932ec9a129790-FRA
cf-bgj: minify

GET
H2 200 jquery.allofthelights-min.js Show response
kimcartoon.li/Scripts/ 5 KB
2 KB 23ms
21ms Script
application/javascript 2606:4700:20::681a:ba7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kimcartoon.li/Scripts/jquery.allofthelights-min.js?v=4
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 493be982a44d563fae813236a9744cbd79762b517d3ed0a187df760c00218f7e

Request headers

:path: /Scripts/jquery.allofthelights-min.js?v=4
pragma: no-cache
cookie: ASP.NET_SessionId=bxworwkxzrmwan3nslcztsj3; k_token=WGnCH990XdoGm2mlEYyQmE8%2f0csOTwQsCn8SaC2dBBWLCv2IiAYLYI73IimBDvq6hwBJD04%2bxAqxOjM8pcwqgWim%2bdBGq222VxzLO73%2b8PkZV5cHjLU9oMBCC7b%2fo0FCjQtLGC%2fpTnMT5T%2bm8xdVsJjgYY2lgPDUf%2fvzOHJKw4KAljbspluVtjRoh1jPA9lm%2f%2banyyq4Zk4LVxjpr3S%2f9bBSe75tF35M
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: kimcartoon.li
referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Mar 2017 10:14:29 GMT
server: cloudflare
age: 6626
etag: W/"904af0ee749dd21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=njIB89D0Ps5tNPAJ2WsPZvGyq3WUDuZLtCcgVT1YGSMh3U0COdHY%2FYpYJ8PwG9fyd5aR4UNct3OnjYc4VxGzIcP7Zc2pEWqzYsgtvVpvFh6y%2FeErnY%2BJwS3wdgmXNN66YsfKjEd4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 657932ec9a149790-FRA
cf-request-id: 0a5f9e27e400009790a321a000000001

GET
H2 200 aes.js Show response
kimcartoon.li/Scripts/ 13 KB
5 KB 17ms
15ms Script
application/javascript 2606:4700:20::681a:ba7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kimcartoon.li/Scripts/aes.js
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30962f8be4baf6ea8ed594cb322a0330232842515b817e1ca95fed6fc769cc48

Request headers

:path: /Scripts/aes.js
pragma: no-cache
cookie: ASP.NET_SessionId=bxworwkxzrmwan3nslcztsj3; k_token=WGnCH990XdoGm2mlEYyQmE8%2f0csOTwQsCn8SaC2dBBWLCv2IiAYLYI73IimBDvq6hwBJD04%2bxAqxOjM8pcwqgWim%2bdBGq222VxzLO73%2b8PkZV5cHjLU9oMBCC7b%2fo0FCjQtLGC%2fpTnMT5T%2bm8xdVsJjgYY2lgPDUf%2fvzOHJKw4KAljbspluVtjRoh1jPA9lm%2f%2banyyq4Zk4LVxjpr3S%2f9bBSe75tF35M
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: kimcartoon.li
referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1538
cf-polished: origSize=13360
cf-request-id: 0a5f9e27e500009790b180d000000001
last-modified: Wed, 20 Apr 2016 02:26:32 GMT
server: cloudflare
etag: W/"905ba1dac9ad11:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uVRRFGKt%2F3XaKl1ZvhKh3lRDrGlS%2FaFt%2F2AP%2BEA%2BePeMRsa5%2F86mJXkVBchMeKZiQRhE0KMbHah8jrrlkn7hMnOSjK6FKjd4LZrdFhK1uBY3QFfuipbtUgKs0%2B3b7qKIP%2FGyGbrD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 657932ec9a169790-FRA
cf-bgj: minify

GET
H2 200 sha256.min.js Show response
kimcartoon.li/Scripts/ 1 KB
1 KB 23ms
22ms Script
application/javascript 2606:4700:20::681a:ba7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kimcartoon.li/Scripts/sha256.min.js
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc4cad9cefc9264c71ed0990cd216b68bab8c2c85a98ef697749d18728e98ae6

Request headers

:path: /Scripts/sha256.min.js
pragma: no-cache
cookie: ASP.NET_SessionId=bxworwkxzrmwan3nslcztsj3; k_token=WGnCH990XdoGm2mlEYyQmE8%2f0csOTwQsCn8SaC2dBBWLCv2IiAYLYI73IimBDvq6hwBJD04%2bxAqxOjM8pcwqgWim%2bdBGq222VxzLO73%2b8PkZV5cHjLU9oMBCC7b%2fo0FCjQtLGC%2fpTnMT5T%2bm8xdVsJjgYY2lgPDUf%2fvzOHJKw4KAljbspluVtjRoh1jPA9lm%2f%2banyyq4Zk4LVxjpr3S%2f9bBSe75tF35M
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: kimcartoon.li
referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Jun 2016 01:56:16 GMT
server: cloudflare
age: 1538
etag: W/"b03f25f371bcd11:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HNl6ajZHMxAdU7LdRLtGWeLSwgsvD%2BuqUXoapJ7ysYU3YzAaWXnWoxRyh6huynnzhu4732LYG0rcGNbjK%2Bb4UZwzjSIo3LiD%2ByIhz2WrclVSd3lQ8Q5Gx24%2F%2BKkj82aRqsqS7qan"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 657932ecaa179790-FRA
cf-request-id: 0a5f9e27e5000097909625f000000001

GET
H2 200 oran.min.js Show response
kimcartoon.li/Scripts/ 5 KB
2 KB 17ms
16ms Script
application/javascript 2606:4700:20::681a:ba7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kimcartoon.li/Scripts/oran.min.js?v=3.19
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f23c2708ab81c10c927c1ee0b56680868e9255f626e1bf9faf71e537530054f

Request headers

:path: /Scripts/oran.min.js?v=3.19
pragma: no-cache
cookie: ASP.NET_SessionId=bxworwkxzrmwan3nslcztsj3; k_token=WGnCH990XdoGm2mlEYyQmE8%2f0csOTwQsCn8SaC2dBBWLCv2IiAYLYI73IimBDvq6hwBJD04%2bxAqxOjM8pcwqgWim%2bdBGq222VxzLO73%2b8PkZV5cHjLU9oMBCC7b%2fo0FCjQtLGC%2fpTnMT5T%2bm8xdVsJjgYY2lgPDUf%2fvzOHJKw4KAljbspluVtjRoh1jPA9lm%2f%2banyyq4Zk4LVxjpr3S%2f9bBSe75tF35M
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: kimcartoon.li
referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Mar 2017 11:18:17 GMT
server: cloudflare
age: 1538
etag: W/"85d6d681a2a0d21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SJTyikmW5C8DPtEDXmUTTBfvHThHqMWUrezOgwEcoqqfi9iCEXcFAzbWJvq6UIUJ%2Bqo8jZaaOHkieYWnBoLWhdKRVkH%2BV%2Bj1Y%2FNVbEA7ShdVPBxCBB%2FDbMtO4EFm1i9SjolWcwWw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 657932ecaa189790-FRA
cf-request-id: 0a5f9e27e6000097907c2a8000000001

GET
H2 200 jquery.scrollTo-1.4.2-min.js Show response
kimcartoon.li/Scripts/ 2 KB
1 KB 17ms
16ms Script
application/javascript 2606:4700:20::681a:ba7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kimcartoon.li/Scripts/jquery.scrollTo-1.4.2-min.js
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cd02bdd539cb152085e4e1583428bcb06c8128a9ec912195f8a42ed8179804f

Request headers

:path: /Scripts/jquery.scrollTo-1.4.2-min.js
pragma: no-cache
cookie: ASP.NET_SessionId=bxworwkxzrmwan3nslcztsj3; k_token=WGnCH990XdoGm2mlEYyQmE8%2f0csOTwQsCn8SaC2dBBWLCv2IiAYLYI73IimBDvq6hwBJD04%2bxAqxOjM8pcwqgWim%2bdBGq222VxzLO73%2b8PkZV5cHjLU9oMBCC7b%2fo0FCjQtLGC%2fpTnMT5T%2bm8xdVsJjgYY2lgPDUf%2fvzOHJKw4KAljbspluVtjRoh1jPA9lm%2f%2banyyq4Zk4LVxjpr3S%2f9bBSe75tF35M
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: kimcartoon.li
referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Mar 2015 15:28:38 GMT
server: cloudflare
age: 6626
etag: W/"f06a5236d95cd01:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=F8zn%2F1zOCRr8%2BwE2ZOT0pbV%2FdCo7%2FmwKMkSOo8SjULLG5f0aT76qx4S%2BS0Brnual8a%2FjUjdsuISx6LO3gvtojQ0vmirkAK2h7vENPzsYH%2Ff23R94%2FqluLEkWRqA8qEWZXFmGfaWi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 657932ecaa199790-FRA
cf-request-id: 0a5f9e27e6000097908c827000000001

GET 11514
malinesmanses.com/tVQloilBkpdkqvg/ 0
0

GET
H/1.1 200
OK 10526 Show response
toeschistache.com/1clkn/ 0
1 KB 15383ms
21ms Script
application/javascript 172.255.6.159
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://toeschistache.com/1clkn/10526

Requested by

Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

172.255.6.159 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 16:04:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=1
Keep-Alive: timeout=20

GET
H2 200 / Show response
services.vlitag.com/adv1/ 933 B
1 KB 159ms
141ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/adv1/?q=064b31ebe1436b09c01ac0d0c8ea96d0

Requested by

Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cda5547fadbd0ab60184c79e8bd1cc1f8afeaf8fe2cc5d2b7e3b91e24ab92c49

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a5f9e29b10000d6f97c86e000000001
pragma: no-cache
last-modified: Sun, 30 May 2021 16:04:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZWpjanW1Hqcxca0YoM4qN4hOxszZfWYNlQcTGXUbb1T7C23Rz7YLrudOb%2FoFh5y27RcJS375peKRx153xlW%2BGpVHfFQt5YNkQ4AVNapOkGwpvlGt%2FfyfkmYzM3Ud40EnTv5h1nvM%2Fhdzr0tm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 657932ef8a6bd6f9-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adb.png
kimcartoon.li/Content/images/ 6 KB
7 KB 22ms
19ms Image
image/png 2606:4700:20::681a:ba7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kimcartoon.li/Content/images/adb.png
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bc0a5b35eabe7e056ae4f57e798c92415310942a93deb703f6e985cea44792f

Request headers

:path: /Content/images/adb.png
pragma: no-cache
cookie: ASP.NET_SessionId=bxworwkxzrmwan3nslcztsj3; k_token=WGnCH990XdoGm2mlEYyQmE8%2f0csOTwQsCn8SaC2dBBWLCv2IiAYLYI73IimBDvq6hwBJD04%2bxAqxOjM8pcwqgWim%2bdBGq222VxzLO73%2b8PkZV5cHjLU9oMBCC7b%2fo0FCjQtLGC%2fpTnMT5T%2bm8xdVsJjgYY2lgPDUf%2fvzOHJKw4KAljbspluVtjRoh1jPA9lm%2f%2banyyq4Zk4LVxjpr3S%2f9bBSe75tF35M
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: kimcartoon.li
referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5344
content-length: 6568
cf-request-id: 0a5f9e29a1000097908f905000000001
last-modified: Thu, 18 Apr 2019 02:46:52 GMT
server: cloudflare
etag: "076ffa90f5d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cVTpWJeJ05ElAF4RMtJG%2BI86eY4duaaOPJfH3x9j4PORQrRhd%2BqqzReI0%2B1Ybf1pSUPBTv5YatSkQssI4AJ3JRBfVuqADrSZt%2BFBjDejaZ7Q9I9Sh91%2BrNQf4rMfi3UmrKfmTS6F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 657932ef6b989790-FRA

GET
H2 200 user-small.png
kimcartoon.li/Content/images/ 3 KB
4 KB 28ms
26ms Image
image/png 2606:4700:20::681a:ba7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kimcartoon.li/Content/images/user-small.png
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d660eab52c2636d2de2a42173f071af45892b035a5fe65a0b4691b84d8a55495

Request headers

:path: /Content/images/user-small.png
pragma: no-cache
cookie: ASP.NET_SessionId=bxworwkxzrmwan3nslcztsj3; k_token=WGnCH990XdoGm2mlEYyQmE8%2f0csOTwQsCn8SaC2dBBWLCv2IiAYLYI73IimBDvq6hwBJD04%2bxAqxOjM8pcwqgWim%2bdBGq222VxzLO73%2b8PkZV5cHjLU9oMBCC7b%2fo0FCjQtLGC%2fpTnMT5T%2bm8xdVsJjgYY2lgPDUf%2fvzOHJKw4KAljbspluVtjRoh1jPA9lm%2f%2banyyq4Zk4LVxjpr3S%2f9bBSe75tF35M
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: kimcartoon.li
referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5449
content-length: 3542
cf-request-id: 0a5f9e29a200009790ac9be000000001
last-modified: Thu, 12 Mar 2015 15:26:43 GMT
server: cloudflare
etag: "b08fc1f1d85cd01:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=T7jeI7P2EBCaUiakyMSuyUtDhoN1HvDTgB976NrVlXRLIOgQ9m%2FEt4rD5fyum1BgAPgFklVA7cugMZJDBdmibQjNG3SIHrX80Bfk8nMNXHg1AOUiAzgV1VBVcZgfHnfg9oor1kz4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 657932ef6b999790-FRA

GET
H2 200 search.png
kimcartoon.li/Content/images/ 2 KB
3 KB 27ms
25ms Image
image/png 2606:4700:20::681a:ba7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kimcartoon.li/Content/images/search.png
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 872ef2eb7e062c1cea3fb5e7a4c1e5553818d68fc2d0b476c3af20baae42df89

Request headers

:path: /Content/images/search.png
pragma: no-cache
cookie: ASP.NET_SessionId=bxworwkxzrmwan3nslcztsj3; k_token=WGnCH990XdoGm2mlEYyQmE8%2f0csOTwQsCn8SaC2dBBWLCv2IiAYLYI73IimBDvq6hwBJD04%2bxAqxOjM8pcwqgWim%2bdBGq222VxzLO73%2b8PkZV5cHjLU9oMBCC7b%2fo0FCjQtLGC%2fpTnMT5T%2bm8xdVsJjgYY2lgPDUf%2fvzOHJKw4KAljbspluVtjRoh1jPA9lm%2f%2banyyq4Zk4LVxjpr3S%2f9bBSe75tF35M
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: kimcartoon.li
referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5449
content-length: 2539
cf-request-id: 0a5f9e29a200009790b4384000000001
last-modified: Thu, 12 Mar 2015 15:28:17 GMT
server: cloudflare
etag: "50b5e2ad95cd01:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=y7oBEosdjWLCK48dY3noSJK%2BBdaroKtLZDuON5g%2B%2BsTD3MYJRQmLYgXE6nviWMqJz7oiByGsyLO1r8SyYXmaSdAifiUpM9sIRSNzz86ODlNREMuYNGCLdS37cxbLI%2FBDNk5d%2FUX1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 657932ef6b9b9790-FRA

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 46ms
13ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668A) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 16:04:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/668A)
Age: 274
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28779

GET
H2 200 read.png
kimcartoon.li/Content/images/ 4 KB
5 KB 25ms
24ms Image
image/png 2606:4700:20::681a:ba7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kimcartoon.li/Content/images/read.png
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92e3577523bda5413fa3d9b324eef4248416f70f95cfac5090ede23969ed9f05

Request headers

:path: /Content/images/read.png
pragma: no-cache
cookie: ASP.NET_SessionId=bxworwkxzrmwan3nslcztsj3; k_token=WGnCH990XdoGm2mlEYyQmE8%2f0csOTwQsCn8SaC2dBBWLCv2IiAYLYI73IimBDvq6hwBJD04%2bxAqxOjM8pcwqgWim%2bdBGq222VxzLO73%2b8PkZV5cHjLU9oMBCC7b%2fo0FCjQtLGC%2fpTnMT5T%2bm8xdVsJjgYY2lgPDUf%2fvzOHJKw4KAljbspluVtjRoh1jPA9lm%2f%2banyyq4Zk4LVxjpr3S%2f9bBSe75tF35M
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: kimcartoon.li
referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5449
content-length: 4224
cf-request-id: 0a5f9e29a30000979096275000000001
last-modified: Thu, 12 Mar 2015 15:28:19 GMT
server: cloudflare
etag: "502ee02ad95cd01:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MY9sWtU1SDUsaVrmcDWKAs9ROau%2B8Xuvk6ZKfaoOWqHKHy%2FuZzt8uHmnTYTz02A7U89eBtdFihDfjwoNJhv8OYIifuElfzKM31Jix%2FExJX%2BJ2qV%2FazoX5KY9yq%2BLpLl4otVMZNnv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 657932ef6b9e9790-FRA

GET
H2 200 previous.png
kimcartoon.li/Content/images/ 4 KB
4 KB 17ms
16ms Image
image/png 2606:4700:20::681a:ba7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kimcartoon.li/Content/images/previous.png
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22f180938e896b3f624115f4f7224ba5cd0eea436c4d9cf9562cd85f8fb5ff61

Request headers

:path: /Content/images/previous.png
pragma: no-cache
cookie: ASP.NET_SessionId=bxworwkxzrmwan3nslcztsj3; k_token=WGnCH990XdoGm2mlEYyQmE8%2f0csOTwQsCn8SaC2dBBWLCv2IiAYLYI73IimBDvq6hwBJD04%2bxAqxOjM8pcwqgWim%2bdBGq222VxzLO73%2b8PkZV5cHjLU9oMBCC7b%2fo0FCjQtLGC%2fpTnMT5T%2bm8xdVsJjgYY2lgPDUf%2fvzOHJKw4KAljbspluVtjRoh1jPA9lm%2f%2banyyq4Zk4LVxjpr3S%2f9bBSe75tF35M
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: kimcartoon.li
referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4135
content-length: 3621
cf-request-id: 0a5f9e29a30000979080357000000001
last-modified: Thu, 12 Mar 2015 15:28:17 GMT
server: cloudflare
etag: "108e392ad95cd01:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dKS%2BSvLxvumZzYLSz2lte4zR0QS%2BwIoLKhFZrKExu%2FETfORWvnJIAz5fYolnUqRwSVnSq6t3fk%2FM2xF2tFmD1gU8qDcP3mmYWIlSOp1s74MxDucRys65o3%2ByuNJpHkG4nvEBnI%2B7"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 657932ef6ba19790-FRA

GET
H2 200 buttons.js Show response
ws.sharethis.com/button/ 59 KB
17 KB 34ms
9ms Script
application/javascript 2600:9000:2182:3600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/buttons.js
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:3600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 101952754cb8c2ae6e1b8b8cba16dc2a9b47e6e808bd563a8b87d0561daf7d85

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:15:22 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 179351
etag: W/"60256fd0-eabe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: DUS51-C1
x-robots-tag: noindex, nofollow
content-length: 16639
x-amz-cf-id: hx1TO68LlLn06gL4_FkOGssASaTazbVilQAyurgQ34HUpQLJ-PhgHQ==
expires: Mon, 31 May 2021 14:15:22 GMT

GET
H/1.1 200
OK 10790 Show response
pailridarm.com/rb48u1P297ztW/ 0
1 KB 93ms
23ms Script
application/javascript 176.31.68.243
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pailridarm.com/rb48u1P297ztW/10790

Requested by

Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

176.31.68.243 , France, ASN16276 (OVH, FR),

Reverse DNS

ip243.ip-176-31-68.eu

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 16:04:33 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=1
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://kimcartoon.li
Access-Control-Max-Age: 600
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
X-Content-Type-Options: nosniff
Keep-Alive: timeout=20

GET
H2 200 html_102158.js Show response
video.your-notice.com/ 5 KB
2 KB 74ms
17ms Script
application/javascript 142.91.9.135
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://video.your-notice.com/html_102158.js
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 142.91.9.135 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 772db8646a4510dc82ea60e5aa17c153354e28526e77cd4aed0ac1c41b2cdd26

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:40 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK a1482449.js Show response
js.genieessp.com/t/482/449/ 0
285 B 1817ms
276ms Script
text/plain 222.230.178.129
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.genieessp.com/t/482/449/a1482449.js
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.129 Sapporo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 16:04:35 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: nginx
Connection: keep-alive
Content-Length: 0
Warning: 199 - "You are prohibited from visiting this website due to GDPR compliance requirements."
Content-Type: text/plain

POST
H2 200 RSK Show response
kimcartoon.li/External/ 17 B
348 B 365ms
365ms XHR
text/html 2606:4700:20::681a:ba7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kimcartoon.li/External/RSK
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 651b09e8d03af4d9caa17f510e94715203722e1cbe6919f685722a237212d2d9

Request headers

sec-fetch-mode: cors
origin: https://kimcartoon.li
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: ASP.NET_SessionId=bxworwkxzrmwan3nslcztsj3; k_token=WGnCH990XdoGm2mlEYyQmE8%2f0csOTwQsCn8SaC2dBBWLCv2IiAYLYI73IimBDvq6hwBJD04%2bxAqxOjM8pcwqgWim%2bdBGq222VxzLO73%2b8PkZV5cHjLU9oMBCC7b%2fo0FCjQtLGC%2fpTnMT5T%2bm8xdVsJjgYY2lgPDUf%2fvzOHJKw4KAljbspluVtjRoh1jPA9lm%2f%2banyyq4Zk4LVxjpr3S%2f9bBSe75tF35M
content-length: 9
:path: /External/RSK
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: kimcartoon.li
referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 30 May 2021 16:04:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oWLUI5ZiwWYOnPujQZhZL5jMNeOzqJ8S96xf%2BFlyAkJpyfI6SmgBnBDIvrdWz5ToXKfzWBzRgdaWHGgMnwAubbIqKW264xE53MJYaW%2B3hMoFf5EBuhb6ptH8KEEbcGvd5S%2BEL3ms"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private
cf-ray: 657932ed1a679790-FRA
cf-request-id: 0a5f9e2831000097907bb25000000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5861
date: Sun, 30 May 2021 14:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 30 May 2021 16:26:52 GMT

GET
H/1.1 200
OK jquery.alignHeight.js Show response
pubmatic.com/wp-content/themes/pubmatic/js/ 1 KB
973 B 3446ms
98ms Script
application/javascript 18.214.201.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pubmatic.com/wp-content/themes/pubmatic/js/jquery.alignHeight.js?ver=1.0&_=1622390673826
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.214.201.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-201-148.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: fe302b4183e2cc9e3656a025c76373e0c317cc715de84c4daca0a0bc9ffddeb9

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 16:04:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 May 2021 18:54:42 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "550-5c2db97b4febd-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 583

GET radiantthemes-tab-element-four.js
propellerads.com/wp-content/plugins/radiantthemes-addons/tabs/js/ 0
0

GET plugins.js
www.bebi.com/js/ 0
0

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 47B2 0
0 42ms
41ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fkimcartoonfp&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=dark&font&height=21

Requested by

Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fkimcartoonfp&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=dark&font&height=21
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kimcartoon.li/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://kimcartoon.li/

Response headers

pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
content-type: text/html;charset=utf-8
x-content-type-options: nosniff
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
x-fb-debug: 9hrA3WafvMTzCO7yiXsbja6FLs3xAfph6hDNP3yFXCU6wDxtzCeO7RUGMntdzjqfZCB6BwIkI6uBAyE4Tt2rgA==
content-length: 0
date: Sun, 30 May 2021 16:04:33 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 body_bg.gif
kimcartoon.li/Content/images/ 11 KB
11 KB 18ms
17ms Image
image/gif 2606:4700:20::681a:ba7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kimcartoon.li/Content/images/body_bg.gif
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07b968f6566378b91936898db46bf0c5024513658194a8f66aa4847fd9840b3d

Request headers

:path: /Content/images/body_bg.gif
pragma: no-cache
cookie: ASP.NET_SessionId=bxworwkxzrmwan3nslcztsj3; k_token=WGnCH990XdoGm2mlEYyQmE8%2f0csOTwQsCn8SaC2dBBWLCv2IiAYLYI73IimBDvq6hwBJD04%2bxAqxOjM8pcwqgWim%2bdBGq222VxzLO73%2b8PkZV5cHjLU9oMBCC7b%2fo0FCjQtLGC%2fpTnMT5T%2bm8xdVsJjgYY2lgPDUf%2fvzOHJKw4KAljbspluVtjRoh1jPA9lm%2f%2banyyq4Zk4LVxjpr3S%2f9bBSe75tF35M
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: kimcartoon.li
referer: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5449
content-length: 11287
cf-request-id: 0a5f9e29a8000097907bb34000000001
last-modified: Fri, 24 Mar 2017 02:58:47 GMT
server: cloudflare
etag: "808d5a8e4aa4d21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TY4q5LaCyd1Uah0Na8ebBvAWUttAS9VH9xeNiPIFMGEmy7gzonF7QxjU3iNI%2F9UBs05LqUiPmFXd7sD7NlM31xIl%2Fk2p7T6SarlqaQU6i8RYcepYI2A0qB7eFZLsc5fQAOno4dZQ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 657932ef7ba49790-FRA

GET
H2 200 tpl_input_bg.gif
kimcartoon.li/Content/images/ 3 KB
4 KB 18ms
17ms Image
image/gif 2606:4700:20::681a:ba7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kimcartoon.li/Content/images/tpl_input_bg.gif
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba233b29c19c0e9fc90d01b572c05cbc0844ba9595eca12d66f704ffbfa13424

Request headers

:path: /Content/images/tpl_input_bg.gif
pragma: no-cache
cookie: ASP.NET_SessionId=bxworwkxzrmwan3nslcztsj3; k_token=WGnCH990XdoGm2mlEYyQmE8%2f0csOTwQsCn8SaC2dBBWLCv2IiAYLYI73IimBDvq6hwBJD04%2bxAqxOjM8pcwqgWim%2bdBGq222VxzLO73%2b8PkZV5cHjLU9oMBCC7b%2fo0FCjQtLGC%2fpTnMT5T%2bm8xdVsJjgYY2lgPDUf%2fvzOHJKw4KAljbspluVtjRoh1jPA9lm%2f%2banyyq4Zk4LVxjpr3S%2f9bBSe75tF35M
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: kimcartoon.li
referer: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5449
content-length: 3451
cf-request-id: 0a5f9e29a9000097908a2a0000000001
last-modified: Thu, 12 Mar 2015 15:26:43 GMT
server: cloudflare
etag: "10f1c3f1d85cd01:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Yh013XpjEVDiRrOCDlMkrI2Lfyzo9YHPfnkkQg90OKYUoK3L%2B5NEQ2AZor6dcLl44%2F%2B8vSBgB5Hpjl1BuXvWSa2dG%2BC2YsR3FKbI2zjQdL2kUooEmmFy8afCR0lxlsgxJTE8SdhH"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 657932ef7ba59790-FRA

GET
H2 200 logo.png
kimcartoon.li/Content/images/ 21 KB
21 KB 17ms
13ms Image
image/png 2606:4700:20::681a:ba7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kimcartoon.li/Content/images/logo.png?v=4
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e11e5b545c945273300b9eea5835e2735eb06781ee9e879f90dd8ed9522052c8

Request headers

:path: /Content/images/logo.png?v=4
pragma: no-cache
cookie: ASP.NET_SessionId=bxworwkxzrmwan3nslcztsj3; k_token=WGnCH990XdoGm2mlEYyQmE8%2f0csOTwQsCn8SaC2dBBWLCv2IiAYLYI73IimBDvq6hwBJD04%2bxAqxOjM8pcwqgWim%2bdBGq222VxzLO73%2b8PkZV5cHjLU9oMBCC7b%2fo0FCjQtLGC%2fpTnMT5T%2bm8xdVsJjgYY2lgPDUf%2fvzOHJKw4KAljbspluVtjRoh1jPA9lm%2f%2banyyq4Zk4LVxjpr3S%2f9bBSe75tF35M
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: kimcartoon.li
referer: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5449
content-length: 20997
cf-request-id: 0a5f9e29de00009790ba89f000000001
last-modified: Mon, 29 Jan 2018 01:16:36 GMT
server: cloudflare
etag: "07276ce9e98d31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=o84XaHe5DwrW6NOmdUqz8JD5bocIAx%2Bs2NSXICr99XL2Ze%2FK%2Fpq421uBlNyq%2B68X0Q9U2y6%2FWzPZbZTUXJwXmO2tpU6NMFZVfeuXe0fE6T9PABrCoX9B8ZsYizxhJgnYjFWKWQJc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 657932efcbd49790-FRA

GET
H2 200 -p04lup6pzpl2rl Show response
www.luxubu.review/v/ Frame 37AE 7 KB
2 KB 284ms
226ms Document
text/html 2606:4700:3036::ac43:9a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.luxubu.review/v/-p04lup6pzpl2rl
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e42582932ce2b5612f561c64d584f93088222933106217d0dc4a5ddba4235d28

Request headers

:method: GET
:authority: www.luxubu.review
:scheme: https
:path: /v/-p04lup6pzpl2rl
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kimcartoon.li/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://kimcartoon.li/

Response headers

date: Sun, 30 May 2021 16:04:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
cf-request-id: 0a5f9e2a2d00004e5b5e13c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qkmBAtH%2Bc2cRd%2BKxHOOFVfUve5VHjnsvCsylLrpCo8M9S5G%2B%2FTvYmlQHlx6Nitbt4TyqmzmS4E3y4biWB3%2BXTXYg%2FCZhMEc6lXdXFcUafPu3i%2BiJbPl3WsY1hn59HqdxlUW1QR2B6dg0%2FPk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 657932f04a9a4e5b-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 plus.png
kimcartoon.li/Content/images/ 3 KB
3 KB 25ms
25ms Image
image/png 2606:4700:20::681a:ba7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kimcartoon.li/Content/images/plus.png
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b6c131e8583746c21be515c3dea1f7094de98c7eb4d88b4c13a02191ce5d23c

Request headers

:path: /Content/images/plus.png
pragma: no-cache
cookie: ASP.NET_SessionId=bxworwkxzrmwan3nslcztsj3; k_token=WGnCH990XdoGm2mlEYyQmE8%2f0csOTwQsCn8SaC2dBBWLCv2IiAYLYI73IimBDvq6hwBJD04%2bxAqxOjM8pcwqgWim%2bdBGq222VxzLO73%2b8PkZV5cHjLU9oMBCC7b%2fo0FCjQtLGC%2fpTnMT5T%2bm8xdVsJjgYY2lgPDUf%2fvzOHJKw4KAljbspluVtjRoh1jPA9lm%2f%2banyyq4Zk4LVxjpr3S%2f9bBSe75tF35M
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: kimcartoon.li
referer: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4871
content-length: 3178
cf-request-id: 0a5f9e29f1000097909cb22000000001
last-modified: Sun, 18 Dec 2016 00:43:58 GMT
server: cloudflare
etag: "529a9d1c758d21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RDyCyfmOj2ru6%2FtPbCGznqpxa21EoloKlnyw1CCrfGl3XHcOSxER47YqP7pg%2FH9S4lQF4mrEv7sFK67lpMb2mfXflFpCF%2B6YkXOIrxAsiPrAfsUfxSzgtkTIKFz7fSaEEKHi4N3a"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 657932efebe49790-FRA

GET
H2 200 fontawesome-webfont.ttf
kimcartoon.li/Content/font/ 162 KB
162 KB 18ms
18ms Font
application/octet-stream 2606:4700:20::681a:ba7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kimcartoon.li/Content/font/fontawesome-webfont.ttf
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8

Request headers

sec-fetch-mode: cors
origin: https://kimcartoon.li
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: ASP.NET_SessionId=bxworwkxzrmwan3nslcztsj3; k_token=WGnCH990XdoGm2mlEYyQmE8%2f0csOTwQsCn8SaC2dBBWLCv2IiAYLYI73IimBDvq6hwBJD04%2bxAqxOjM8pcwqgWim%2bdBGq222VxzLO73%2b8PkZV5cHjLU9oMBCC7b%2fo0FCjQtLGC%2fpTnMT5T%2bm8xdVsJjgYY2lgPDUf%2fvzOHJKw4KAljbspluVtjRoh1jPA9lm%2f%2banyyq4Zk4LVxjpr3S%2f9bBSe75tF35M
:path: /Content/font/fontawesome-webfont.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: kimcartoon.li
referer: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://kimcartoon.li
Referer: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6208
content-length: 165548
cf-request-id: 0a5f9e29f2000097907c2c2000000001
last-modified: Thu, 22 Dec 2016 08:50:34 GMT
server: cloudflare
etag: "0291a75305cd21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zm15IkEMATqZ%2Bb%2FCwbqSBJwp2UqO4SVYtDgp%2BzmbFiCJPqIBV5%2BOhxWr4GInCffToi6RePl3BB4b1F9%2BochoJKvw88nsgipLY3r4JUtXFRYyWqw1VgaRLxy8d3A6mSRzHvCaWKl4"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 657932efebe69790-FRA

GET
H/1.1 200
OK jquery.alignHeight.js Show response
pubmatic.com/wp-content/themes/pubmatic/js/ 1 KB
972 B 3430ms
98ms Script
application/javascript 18.214.201.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pubmatic.com/wp-content/themes/pubmatic/js/jquery.alignHeight.js?ver=1.0&_=1622390673943
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.214.201.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-201-148.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: fe302b4183e2cc9e3656a025c76373e0c317cc715de84c4daca0a0bc9ffddeb9

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 16:04:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 May 2021 18:54:42 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "550-5c2db97b4febd-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 583

GET radiantthemes-tab-element-four.js
propellerads.com/wp-content/plugins/radiantthemes-addons/tabs/js/ 0
0

GET plugins.js
www.bebi.com/js/ 0
0

GET
H3-29 200 like.php
www.facebook.com/plugins/ Frame F849 0
0 27ms
25ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=dark&font&height=21

Requested by

Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=dark&font&height=21
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kimcartoon.li/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://kimcartoon.li/

Response headers

pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
content-type: text/html;charset=utf-8
x-content-type-options: nosniff
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
x-fb-debug: RnTdgE04vA3EnRSYb2KYECoA6Lk3uLdyCplOWH5JJINKW3nn8jPMsQMz2znCUteS4sNgLB+i+uhDrjAto8um+w==
content-length: 0
date: Sun, 30 May 2021 16:04:33 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 async-buttons.js Show response
ws.sharethis.com/button/ 89 KB
19 KB 10ms
9ms Script
application/javascript 2600:9000:2182:3600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/async-buttons.js
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:3600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f3bc548fe0ec38e954e193e2048fcd89948a61e9b321e69476b807cfb530215b

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 15:05:34 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 3539
etag: W/"60257011-16245"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: DUS51-C1
x-robots-tag: noindex, nofollow
content-length: 18815
x-amz-cf-id: O8rstDYMkAT2ZJvsj02EEfUQckLzROg0Rkg-jwaEyAaJtIPsnvz9-Q==
expires: Wed, 02 Jun 2021 15:05:34 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1213031763&t=pageview&_s=1&dl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FSouth-Park-Season-24%2FSpecial-The-Pandemic-Special%3Fid%3D98868%26s%3Dfe&ul=en-us&de=UTF-8&dt=Watch%20South%20Park%20Season%2024%20_Special%20-%20The%20Pandemic%20Special%20online%20FREE%20%7C%20KimCartoon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=531703630&gjid=1217543998&cid=460521190.1622390674&tid=UA-63783416-9&_gid=2060961250.1622390674&_r=1&_slc=1&z=1431248049

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 16:04:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kimcartoon.li
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tpl_footer_bg.png
kimcartoon.li/Content/images/ 3 KB
4 KB 14ms
13ms Image
image/png 2606:4700:20::681a:ba7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kimcartoon.li/Content/images/tpl_footer_bg.png
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a77934c9ba958163b297b2adf4eeab588ef21268f594e45bcee29905c632b269

Request headers

:path: /Content/images/tpl_footer_bg.png
pragma: no-cache
cookie: ASP.NET_SessionId=bxworwkxzrmwan3nslcztsj3; k_token=WGnCH990XdoGm2mlEYyQmE8%2f0csOTwQsCn8SaC2dBBWLCv2IiAYLYI73IimBDvq6hwBJD04%2bxAqxOjM8pcwqgWim%2bdBGq222VxzLO73%2b8PkZV5cHjLU9oMBCC7b%2fo0FCjQtLGC%2fpTnMT5T%2bm8xdVsJjgYY2lgPDUf%2fvzOHJKw4KAljbspluVtjRoh1jPA9lm%2f%2banyyq4Zk4LVxjpr3S%2f9bBSe75tF35M; _ga=GA1.2.460521190.1622390674; _gid=GA1.2.2060961250.1622390674; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: kimcartoon.li
referer: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:34 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5215
content-length: 3236
cf-request-id: 0a5f9e2a6d000097908c846000000001
last-modified: Thu, 12 Mar 2015 15:28:18 GMT
server: cloudflare
etag: "50e15a2ad95cd01:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tvlUoiwC%2FOB%2B8G6vXsP%2Bn1hsB%2BGoNUmQqxfQpqItIU6qFD6brimFrM4nCyNnKk3YHcpexmIfCb7v4NfrbObcrSOVjNkF5b8n5D%2Boj0CuSmIrQ6mdlEQsJOhlpypXiHuYo%2BcK2Tzq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 657932f0ac4f9790-FRA

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame A0CC 2 KB
1 KB 36ms
10ms Document
text/html 2600:9000:2182:9c00:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:9c00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kimcartoon.li/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://kimcartoon.li/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
date: Sun, 30 May 2021 15:25:19 GMT
cache-control: max-age=3600, public
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: y80_D6UW4EBnz1T5SBKiA_W7T-K5Q2MSd9kEY6FxWnTaf4pJQ5g6_Q==
age: 2355

GET
H2 200 buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 9ms
9ms Stylesheet
text/css 2600:9000:2182:3600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/css/buttons-secure.css
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:3600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 19:06:33 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 17:57:38 GMT
server: nginx/1.16.1
age: 75481
etag: W/"60257012-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-robots-tag: noindex, nofollow
content-length: 3851
x-amz-cf-id: KZSGgmNgpgq8YUooGgOQ74ZzEQJSH0XxfKtKG_Vi9K4ti-88PrZn2w==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

82b69e0603b854e68cb0fcc54daab9a07a2c1c6bbc1c2303942285be8cef1ec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: lGF7JnIH3nyOquu/HGKCtA==
cross-origin-resource-policy: cross-origin
expires: Sun, 30 May 2021 16:18:06 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1782
x-fb-rlafr: 0
x-fb-debug: l1u9hG5WWtIl3NlEaPpRsANQMGpS8qe75I5hBlqpYI/0w+1akusrZEdA9C2X9agzM/NgFK37Ef7/uOuQB5CBpQ==
x-fb-trip-id: 686109401
x-fb-content-md5: a1dd0f35a61c1874602414d4dc3e3f53
date: Sun, 30 May 2021 16:04:34 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "4e44a3a749801c83a8626e5f90f38e94"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK get_counts Show response
count-server.sharethis.com/v2.0/ 188 B
434 B 1693ms
111ms Script
text/javascript 3.223.238.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://count-server.sharethis.com/v2.0/get_counts?url=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FSouth-Park-Season-24%2FSpecial-The-Pandemic-Special%3Fid%3D98868%26s%3Dfe&cb=stButtons.processCB&wd=true
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.238.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-238-47.compute-1.amazonaws.com
Software: / Express
Resource Hash: 6e0a40220ab47a90b87c8ad1edd122da87414fd9a760a3e5c5e9c0b3f5f79eb3

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 16:04:35 GMT
Cache-Control: public, max-age=900
ETag: 2ba4a18b79106e8e1900ef50172f9a67
Connection: keep-alive
X-Powered-By: Express
Content-Length: 188
Content-Type: text/javascript; charset=utf-8

GET
H3-29 200 / Show response
services.vlitag.com/uv/ 13 B
698 B 323ms
155ms XHR
application/json 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/uv/?page_url=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FSouth-Park-Season-24%2FSpecial-The-Pandemic-Special%3Fid%3D98868%26s%3Dfe&mtk=14227

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=064b31ebe1436b09c01ac0d0c8ea96d0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:34 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13
cf-request-id: 0a5f9e2b410000dfcb7134e000000001
pragma: no-cache
last-modified: Sun, 30 May 2021 16:04:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hQMHCS5Wp1Zch7RmGpcWsHJXAJxVKua1hQsay9QpzvyG4TuGPXki%2BhNTT5agxqCaD8BO8Ma5IFDhd%2BVgP0Wr7EXfpKcj2OTFjaLby9AlNVbWCK5xLy3okMqTyynWbhOS1%2BOHZlLgZZkn6MKp"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://kimcartoon.li
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 657932f20bf4dfcb-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 064b31ebe1436b09c01ac0d0c8ea96d0.js Show response
tag.vlitag.com/v1/1622364808/ 504 KB
112 KB 49ms
41ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/v1/1622364808/064b31ebe1436b09c01ac0d0c8ea96d0.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=064b31ebe1436b09c01ac0d0c8ea96d0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92fe1fc91bceb663e6f08b4ea426bffc5a7ce511a62f587f3569c25853be7795

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 25861
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a5f9e2aa20000d6f9c002a000000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=peCxufN4%2Bf%2FwV1dXupCu4gDMELU8PbG0okfXcqlbsodUljUKSaqBmrsZRCOCTLppGgMbhz9ac7jyoWswabQu%2BJygP0hhFdDuYZdw1FGvI%2FBrv9nyNU2WR5nNajcxPv%2FOYv3idAmHZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, immutable
cf-ray: 657932f10d1cd6f9-FRA

GET
H2 200 facebook_counter.png
ws.sharethis.com/images/2017/ 2 KB
3 KB 10ms
9ms Image
image/png 2600:9000:2182:3600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/facebook_counter.png
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:3600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 19:07:06 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 9320248
etag: "60256fcb-977"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2423
x-amz-cf-id: 3Y8HQ3zKtOUkUd0k5lSygwd7mWc68EFmX5akp1wkMP_I0uMFZCPggw==
expires: Fri, 11 Feb 2022 19:07:06 GMT

GET
H2 200 twitter_counter.png
ws.sharethis.com/images/2017/ 2 KB
3 KB 10ms
9ms Image
image/png 2600:9000:2182:3600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/twitter_counter.png
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:3600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: aeae37bae2130513ef8b5ea4fde8fd776b32ff8969b848b59399a63d9455e29a

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 19:07:06 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 9320248
etag: "60256fcb-9ae"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2478
x-amz-cf-id: BC-Xmu1JE_1EXkjpoZSZxgUJ-g-_hVDvCSU7wzEobeMOTg-eo8lZHQ==
expires: Fri, 11 Feb 2022 19:07:06 GMT

GET
H2 200 sharethis_counter.png
ws.sharethis.com/images/2017/ 3 KB
3 KB 14ms
8ms Image
image/png 2600:9000:2182:3600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/sharethis_counter.png
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:3600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4e2b38b4f0180fd5671604c482ae7b38eaa7d3b008099314bd261206045b0413

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:43:41 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 4656053
etag: "60256fcb-a58"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2648
x-amz-cf-id: RvtGcR2_RxafxNr_GJbk5d4qlzYxotSJadWu_ZR9eAfGwXqRA674jQ==
expires: Wed, 06 Apr 2022 18:43:41 GMT

GET
H2 200 bubble_arrow.png
ws.sharethis.com/secure/images/ 979 B
1 KB 14ms
10ms Image
image/png 2600:9000:2182:3600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/secure/images/bubble_arrow.png
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:3600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 516630dc137782b6ea784ed6891b487b8a2fff9be9ed921977008453039cc1fe

Request headers

Referer: https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 22:16:34 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 841680
etag: "60257011-3d3"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 979
x-amz-cf-id: a1nJ40JNVoeM8wZUyMnR4tg9YKjnzcdSX1cveu7uS5-7CrPQ06cqNQ==
expires: Fri, 20 May 2022 22:16:34 GMT

GET
H2 200 googleplus_16.png
ws.sharethis.com/images/2017/ 2 KB
2 KB 14ms
10ms Image
image/png 2600:9000:2182:3600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/googleplus_16.png
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:3600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 592a848da6f427ea5d9169179bd309484f531d3c23c5aaf858afa22fc28d40c8

Request headers

Referer: https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 19:07:07 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 9320247
etag: "60256fcb-61f"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1567
x-amz-cf-id: vL7pMWCa-_h6DidDE4yb4jTxk0nspm_Xu2IXQZc2wCiLOX6sR9MhSw==
expires: Fri, 11 Feb 2022 19:07:07 GMT

GET
H2 200 cmp-v2.0.1.js Show response
assets.vlitag.com/plugins/cmptcf2/ 267 KB
68 KB 41ms
33ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1622364808/064b31ebe1436b09c01ac0d0c8ea96d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 585508
cf-polished: origSize=489839
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a5f9e2c170000d6f959174000000001
x-robots-tag: noindex, nofollow
last-modified: Tue, 29 Dec 2020 02:18:12 GMT
server: cloudflare
etag: W/"5fea91e4-7796f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=F2kF%2FzfE7QmAX9ItAGWIS3bVY3nThYSJ3kF8oTjsthM63WkEyYNWT41YbCHH1IGiWBrtA7u6RyziDHIIFuJSEUvaaxLFDMbReg8WmLBbv6jJSu8DISqmMioXS1ti6ENwk6gp6p59KhXEvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 657932f35902d6f9-FRA
expires: Sun, 23 May 2021 21:56:06 GMT

GET
H3-29 200 prebid-v4.38.0.js Show response
assets.vlitag.com/prebid/default/ 411 KB
117 KB 75ms
57ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1622364808/064b31ebe1436b09c01ac0d0c8ea96d0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58694600a9bb19ab424e8752ab649f1365563963d2541becd627f15045a107aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1751956
cf-polished: origSize=421400
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a5f9e2c4f00002b89e03fd000000001
x-robots-tag: noindex, nofollow
last-modified: Mon, 10 May 2021 09:25:11 GMT
server: cloudflare
etag: W/"6098fbf7-66e18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IJMpRUluWtHzh8TRqxpdtwUNTEq4eRIvMHxs08xbIyLTtL2U3AZSus0htYSra6pYiSFJZcZG%2FkieI1hi0BfkUiLhzQ87U8ZIRQFscfp6HfDUr5HNIcFOQo4ZL6a%2F6DI6JCLFl7JUFORplA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 657932f3ab792b89-FRA
expires: Mon, 10 May 2021 09:55:18 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1622364808/064b31ebe1436b09c01ac0d0c8ea96d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed8fd5966c1d769a76d49fe6929becc99ca387a013c2bbed13165f9e5bfb315c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "887 / 135 of 1000 / last-modified: 1622153345"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21426
x-xss-protection: 0
expires: Sun, 30 May 2021 16:04:34 GMT

GET
H3-29 200 viPlayer_v42.min.js Show response
assets.vlitag.com/plugins/vlPlayer/ 13 KB
5 KB 41ms
24ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/vlPlayer/viPlayer_v42.min.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1622364808/064b31ebe1436b09c01ac0d0c8ea96d0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbeb241324f4c3e889518c86ec74c1f6f634fff0c6f23f8c5af28273b8f31112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 586960
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a5f9e2c4b00002b8981b27000000001
x-robots-tag: noindex, nofollow
last-modified: Thu, 26 Nov 2020 03:46:23 GMT
server: cloudflare
etag: W/"5fbf250f-33d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=OUU%2BX4sxRgR59RXPvPc3Wz3wuWzC5mJwEjdPZddlyJ%2FfIwUsQvw5EKJkTLCIXnZdnNjVZedE4ykt8BQkXOzOvl2t%2BcvLLQZk%2FUKi2xm%2BHb%2BO%2BGSu8d%2B0vHBbWnZRdgR7eMHMrm1R3VHeYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 657932f3ab752b89-FRA
expires: Sun, 23 May 2021 21:31:54 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 337 KB
115 KB 24ms
16ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1622364808/064b31ebe1436b09c01ac0d0c8ea96d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be3b48dbe04f652fba8973decb94e84bf9e06fd3b0d0beddfe8859d11ccd7576

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117995
x-xss-protection: 0
expires: Sun, 30 May 2021 16:04:34 GMT

GET
H3-29 200 sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
16 KB 47ms
39ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1622364808/064b31ebe1436b09c01ac0d0c8ea96d0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 586960
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a5f9e2c5a00002b89d7bd9000000001
x-robots-tag: noindex, nofollow
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
etag: W/"5dbbbcf2-9806"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9Yi43faxtjubAIv7zp3pESthvhkWnddkX33mbpp3eu2UgNNFq502STkFS1TYrZ7x9UkOI%2FSfvmfDhi%2FT7vyGFgVoirbGXWHS70lTSvFh6CpgNDBFHAuatbcbVXzI%2BbZeq3gjrOspf%2BKRIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 657932f3cba62b89-FRA
expires: Sun, 23 May 2021 21:31:54 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 218 KB
65 KB 20ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=dd57f68c1fc599b6d8e0c187c2954528&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

68c41e02ad85cf80b5c4174f1682519daf05880621ebf3c9bf3b58116f5c3ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://kimcartoon.li
Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: RhdC0uSlMLWQmzyBGyOXnQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65697
x-fb-rlafr: 0
x-fb-debug: GzKLvhIM4IQ0ny7Z/Y3enRH4finUSEpbHRiDKzuFnLKnl/SLQNEJ/cg1zGzyt7pqjUepJ+4InPp8AXvxYlilNw==
x-fb-trip-id: 686109401
x-fb-content-md5: 7c75e0c821c61b6bf4535f254b42c73b
x-frame-options: DENY
date: Sun, 30 May 2021 16:04:34 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "6e0406bc3f8a717ca0277c490f2623b3"
timing-allow-origin: *
expires: Mon, 30 May 2022 14:22:58 GMT

GET
H2 200 base.js Show response
www.luxubu.review/asset/default/player/ Frame 37AE 196 KB
61 KB 25ms
25ms Script
application/javascript 2606:4700:3036::ac43:9a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.luxubu.review/asset/default/player/base.js?v=1595607720
Requested by: Host: www.luxubu.review
URL: https://www.luxubu.review/v/-p04lup6pzpl2rl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 852b8e4b98f80848776b0914e5c122da54824a69619975e8a136e138b64d0471

Request headers

Referer: https://www.luxubu.review/v/-p04lup6pzpl2rl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 814287
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a5f9e2c3000004e5b2eb29000000001
last-modified: Fri, 24 Jul 2020 16:22:00 GMT
server: cloudflare
etag: W/"5f1b0aa8-30eae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dL46WHURi7iAs4d%2BBtzcidGwvEaaMOItwr2wIQhPKdbEBAZBA1RcS3ow1AwpC2KurWeRiu4998eWsLEBDOtLKC2oeRsXGQ2Zgh9LErcYUAqYu%2FqW8rNt5jbc7OmU5DbHhbbLcfhafuCPBxY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
access-control-allow-credentials: true
cf-ray: 657932f38ac44e5b-FRA

POST
H3-29 200 -p04lup6pzpl2rl Show response
www.luxubu.review/api/source/ Frame 37AE 3 KB
2 KB 242ms
213ms XHR
application/json 2606:4700:3036::ac43:9a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.luxubu.review/api/source/-p04lup6pzpl2rl
Requested by: Host: www.luxubu.review
URL: https://www.luxubu.review/asset/default/player/base.js?v=1595607720
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d69924c1dbf66553d4d9a8d48cbd48b91f62f34adaf0e2857dfde88d722ac0fd

Request headers

Accept: */*
Referer: https://www.luxubu.review/v/-p04lup6pzpl2rl
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 30 May 2021 16:04:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=McThrr4HCKWH%2Ba8WIe5JRgyxMJEBfvrsVHpZFWdOgDuSVyyJ8ekESaFHy9bqNIxrdN0Tv9M8NJcMlnBiZwmza1o%2BkwvJ%2BneS%2FW%2FNdnJ13tLjSW1DfPEjZYuGRGWktRVNRKBcPQWGFuGyhMk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 657932f42d2f2c0d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a5f9e2c9900002c0d0e869000000001

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame 37AE 216 KB
69 KB 164ms
50ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.luxubu.review
URL: https://www.luxubu.review/v/-p04lup6pzpl2rl

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

14f5b9c2901a58cb9e77ccd997a844b32824e54b2e6626990e0e0ae5b962ae2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.luxubu.review/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:34 GMT
content-encoding: br
last-modified: Fri, 28 May 2021 17:10:10 GMT
etag: "60ae3a7b-11182"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 70018
expires: Sun, 30 May 2021 17:04:34 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
335 B 3073ms
9ms XHR
text/plain 18.198.109.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1622390673950.23694&hostname=kimcartoon.li&location=%2FCartoon%2FSouth-Park-Season-24%2FSpecial-The-Pandemic-Special&product=widget&fcmp=false&fcmpv2=false&publisher=39da8212-8bbb-4097-a85f-6cedb7bc9464&bsamesite=true&consent_cookie_duration=652&consent_duration=652&gdpr_domain=.consensu.org&gdpr_method=cookie&url=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FSouth-Park-Season-24%2FSpecial-The-Pandemic-Special%3Fid%3D98868%26s%3Dfe&title=Watch%20South%20Park%20Season%2024%20_Special%20-%20The%20Pandemic%20Special%20online%20FREE%20%7C%20KimCartoon&sop=false&description=Watch%20online%20and%20download%20cartoon%20South%20Park%20Season%2024%20_Special%20-%20The%20Pandemic%20Special%20in%20high%20quality.%20Various%20formats%20from%20240p%20to%20720p%20HD%20(or%20even%201080p).%20HTML5%20available%20for%20mobile%20devices
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 16:04:37 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://kimcartoon.li
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 pubads_impl_2021052401.js Show response
securepubads.g.doubleclick.net/gpt/ 309 KB
109 KB 1052ms
22ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

6aa7181afe0bea9dc4e90e1d040c0b27be388088f6a5ec3d195c60229fe3c9b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 May 2021 08:37:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110966
x-xss-protection: 0
expires: Sun, 30 May 2021 16:04:35 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 29ms
12ms XHR
application/json 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210530

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3147f8a14b0c4402290dc9371bfff77f6de623094fb85de0f6e61ad9f610d90c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3799
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 957
etag: W/"69a-F6y50PVc7OFRY2XKh1tI2OZc9cM"
x-served-by: cache-fra19145-FRA, cache-hhn4057-HHN
date: Sun, 30 May 2021 16:04:34 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 317ms
21ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kimcartoon.li
date: Sun, 30 May 2021 16:04:35 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST c
prebid.a-mo.net/a/ 0
0

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
389 B 147ms
122ms XHR
text/plain 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 May 2021 16:04:34 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://kimcartoon.li
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ey8gTxDtzU5PCiTQdUKmiZ%2BbZCx%2FeNJlW0n8IvTIxYI9nM0u9X7UUeJaZnJ1e0h4oJAFYtt0u7UfXi%2FyzKIBy1RH9vjgEkOxLvz7dX1HNM26YaZ%2Bn%2FokmrsfAKp0j9BVrRQAUwVDQk6uYL6YtA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 657932f52e3f0631-FRA
cf-request-id: 0a5f9e2d370000063146254000000001

GET ROS
ads.us.e-planning.net/hb/1/2c995/1/kimcartoon.li/ 0
0

POST c
prebid.a-mo.net/a/ 0
0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 307ms
28ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kimcartoon.li
date: Sun, 30 May 2021 16:04:35 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
642 B 129ms
119ms XHR
text/plain 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 May 2021 16:04:34 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://kimcartoon.li
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6BenYZyP3hPUMR2aZssp1KZjN872CDTVA87gaPk9BPSKNFZ0JVVsdg6Grjjnuy5Mcp0p4J42IvT%2FI0vTtT2AvYJmeZwqKlAfVsGJZUXVafj%2B17EwQOayi1WgCTltp5x9RW0t6seX4Sb1WMrIRw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 657932f52e450631-FRA
cf-request-id: 0a5f9e2d370000063183234000000001

POST c
prebid.a-mo.net/a/ 0
0

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
386 B 118ms
118ms XHR
text/plain 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 May 2021 16:04:34 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://kimcartoon.li
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8Hwp7tIIJZfgBC1WmWG5fKuCJONz21IKWqN%2F9qQQ11UeSdUVyxvQUU9Yu46zekb2FOvdjbC%2Bv%2BAXBfDSeBwQI6EnD0fiAND6Mchg1ragatbQPhxCYM7mxAvyWttAl4l3QNaoNbLyIcnzFVKoFA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 657932f52e4a0631-FRA
cf-request-id: 0a5f9e2d3800000631be853000000001

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 286ms
20ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kimcartoon.li
date: Sun, 30 May 2021 16:04:35 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET ROS
ads.us.e-planning.net/hb/1/2c995/1/kimcartoon.li/ 0
0

GET
H2 200 /
logs.vlitag.com/sub/ 0
341 B 128ms
117ms Image
image/jpeg 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logs.vlitag.com/sub/?d=kimcartoon.li&h=kimcartoon.li
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:35 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=v%2FIhysExD46%2FDWjoHeu9cMS4GX%2F1A0Uj4jgXVHQoOGoruLZ%2Bh%2FkmarqOlU0S5qBzq9rO7hMVKNT4vPukREB%2B2HZH1E8FroPtd36sBIFSKZMu%2BaM9hra%2BDRWUtImxfTtv9OEZcPsr7F4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-ray: 657932fb2f28d6f9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 0a5f9e30f70000d6f9c41cc000000001

GET
H3-29 200 1592801729.jpg
assets.vlitag.com/widget/2020/06/22/ 74 KB
74 KB 18ms
17ms Image
image/webp 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg

Requested by

Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 333234
cf-polished: qual=85, origFmt=jpeg, origSize=103053
content-disposition: inline; filename="1592801729.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75514
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Mon, 22 Jun 2020 04:55:29 GMT
server: cloudflare
etag: "5ef039c1-1928d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3PUoC6BgCp%2B6S3%2BTCfspJJLrpHp6w5%2BZb6yCqEAe8JTLfhEYazOHmwo9vwOFi3TGisOdO6%2B3EZcKTeolA9ajN4bMWYpnXWHpBZIddwlspA%2FCrv%2BYqDtoYnlukD4MUPAsQfuwwfuNynVwWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 26 May 2021 20:00:40 GMT
cache-control: max-age=16070400
cf-request-id: 0a5f9e2d4500002b8971b0b000000001
accept-ranges: bytes
cf-ray: 657932f53f5e2b89-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29

206

videoplayback
r2---sn-4g5ednz7.googlevideo.com/
Redirect Chain

https://media.vlitag.com/vid/?id=5aWbsTPK-_0&t=y
https://redirector.googlevideo.com/videoplayback?expire=1622398473&ei=qYGzYLeiLqbYxN8Pu5OIkAY&ip=52.214.224.26&id=o-AD97HaH6YB-3xBrwlI5gPH53HHKjNHMZHVg6VIFoIMil&itag=22&source=youtube&requiressl=ye...
https://r2---sn-4g5ednz7.googlevideo.com/videoplayback?expire=1622398473&ei=qYGzYLeiLqbYxN8Pu5OIkAY&ip=52.214.224.26&id=o-AD97HaH6YB-3xBrwlI5gPH53HHKjNHMZHVg6VIFoIMil&itag=22&source=youtube&require...

267 KB
0

18ms
8ms

Media
video/mp4

2a00:1450:4001:3d::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5ednz7.googlevideo.com/videoplayback?expire=1622398473&ei=qYGzYLeiLqbYxN8Pu5OIkAY&ip=52.214.224.26&id=o-AD97HaH6YB-3xBrwlI5gPH53HHKjNHMZHVg6VIFoIMil&itag=22&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=07LgtWVanN742ITiw8oixIUF&ratebypass=yes&dur=312.331&lmt=1567965288795412&fexp=24001373%2C24007246&beids=23886218&c=WEB&txp=2216222&n=D_aCdpX9JlVBlQho&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRQIgIW1lfmWGIb8Tq5rDXoJ-iLpIO5fnXKgRiU32SA-FP3QCIQCVuHG8b1jz4PUXDCqKOb_YWnHjP3EbQXPHvUJEkqX_2w%3D%3D&cms_redirect=yes&mh=sg&mip=2a01:4f8:121:131a::2&mm=31&mn=sn-4g5ednz7&ms=au&mt=1622390456&mv=m&mvi=2&pl=44&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgIY_PE4uCmAE3Ao037-pm9b760VedmQqvUiMj0zt6AO4CIGzzZ6ht8C7l_IMG5rNaKsF8e403nCSC2hACFm3p-3U6

Requested by

Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:3d::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 08 Sep 2019 17:54:48 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-60993565/60993566
client-protocol: quic
cache-control: private, max-age=7498
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 60993566
expires: Sun, 30 May 2021 16:04:35 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 16:04:35 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r2---sn-4g5ednz7.googlevideo.com/videoplayback?expire=1622398473&ei=qYGzYLeiLqbYxN8Pu5OIkAY&ip=52.214.224.26&id=o-AD97HaH6YB-3xBrwlI5gPH53HHKjNHMZHVg6VIFoIMil&itag=22&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=07LgtWVanN742ITiw8oixIUF&ratebypass=yes&dur=312.331&lmt=1567965288795412&fexp=24001373%2C24007246&beids=23886218&c=WEB&txp=2216222&n=D_aCdpX9JlVBlQho&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRQIgIW1lfmWGIb8Tq5rDXoJ-iLpIO5fnXKgRiU32SA-FP3QCIQCVuHG8b1jz4PUXDCqKOb_YWnHjP3EbQXPHvUJEkqX_2w%3D%3D&cms_redirect=yes&mh=sg&mip=2a01:4f8:121:131a::2&mm=31&mn=sn-4g5ednz7&ms=au&mt=1622390456&mv=m&mvi=2&pl=44&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgIY_PE4uCmAE3Ao037-pm9b760VedmQqvUiMj0zt6AO4CIGzzZ6ht8C7l_IMG5rNaKsF8e403nCSC2hACFm3p-3U6
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1165
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ddmax20.xyz/scripts/ff20/hi/35/68/boa/ Frame 37AE 13 KB
5 KB 43ms
22ms Script
application/javascript 2606:4700:3035::ac43:ceb1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ddmax20.xyz/scripts/ff20/hi/35/68/boa/
Requested by: Host: www.luxubu.review
URL: https://www.luxubu.review/asset/default/player/base.js?v=1595607720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ceb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e06992bdb46900cb02707614a1212d0907440636dd222d4b8181907a6077e680

Request headers

Referer: https://www.luxubu.review/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Eavi9XU4qiI6wk%2F%2FO%2BG2DKMq7kg862WR1qzTh8nyFvB%2F4GuOLWevAHPSn0xppfqMso6wXrqGkohrc6rqe6cwJEH8yeFX3PkoXfFipgxwWO82oHRr7tJnT849vDtVgYKQYG5dEvc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset="utf-8"
cache-control: no-store, no-cache, must-revalidate
cf-ray: 657932f5c99c4a55-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a5f9e2d9c00004a5512a6b000000001

GET
H2

200

1
mc.yandex.ru/watch/56313682/ Frame 37AE
Redirect Chain

https://mc.yandex.ru/watch/56313682
https://mc.yandex.ru/watch/56313682/1

43 B
71 B

53ms
53ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56313682/1

Requested by

Host: www.luxubu.review
URL: https://www.luxubu.review/v/-p04lup6pzpl2rl

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.luxubu.review/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 16:04:34 GMT
last-modified: Sun, 30-May-2021 16:04:34 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 30-May-2021 16:04:34 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 16:04:34 GMT
last-modified: Sun, 30-May-2021 16:04:34 GMT
strict-transport-security: max-age=31536000
location: /watch/56313682/1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Sun, 30-May-2021 16:04:34 GMT

GET
H2

200

4970_poster.png
thumb.fvs.io/asset/userdata/236207/player/ Frame 37AE
Redirect Chain

https://www.luxubu.review/asset/userdata/236207/player/4970_poster.png?v=1558635393
https://thumb.fvs.io/asset/userdata/236207/player/4970_poster.png?v=1558635393

2 KB
2 KB

54ms
23ms

Image
image/png

2606:4700:10::6816:5ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumb.fvs.io/asset/userdata/236207/player/4970_poster.png?v=1558635393
Requested by: Host: www.luxubu.review
URL: https://www.luxubu.review/v/-p04lup6pzpl2rl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:5ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc85e6a9de48edb7a89512d5e12e96999e868cc4f0b103cf80696246ce8fd26b

Request headers

Referer: https://www.luxubu.review/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:34 GMT
cf-cache-status: HIT
last-modified: Thu, 23 May 2019 18:16:33 GMT
server: cloudflare
age: 6850
etag: "5ce6e381-648"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 657932f69e30dfdb-FRA
content-length: 1608
cf-request-id: 0a5f9e2e1f0000dfdb3c121000000001

Redirect headers

date: Sun, 30 May 2021 16:04:34 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TVfXAKraW6rZI9pI1pMzbmi8XBtRfYPVATyIjSv7fZ0P7SauV2AVt9VfteCNeypNPkJdmLZdtO6vBkqaVYYPCTR5MMFGE2JVAuEeoz8pjZBzBoAAU3onbgZ80vXGq3wkBSM5PHdxtM5EolM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://thumb.fvs.io/asset/userdata/236207/player/4970_poster.png?v=1558635393
cf-ray: 657932f5b8972c0d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 145
cf-request-id: 0a5f9e2d9000002c0d5594a000000001

GET
H2

200

1 Show response
mc.yandex.com/watch/49788082/ Frame 37AE
Redirect Chain

https://mc.yandex.com/watch/49788082?wmode=7&page-url=https%3A%2F%2Fwww.luxubu.review%2Fv%2F-p04lup6pzpl2rl&page-ref=https%3A%2F%2Fkimcartoon.li%2F&charset=utf-8&site-info=%7B%22owner%22%3A%2223620...
https://mc.yandex.com/watch/49788082/1?wmode=7&page-url=https%3A%2F%2Fwww.luxubu.review%2Fv%2F-p04lup6pzpl2rl&page-ref=https%3A%2F%2Fkimcartoon.li%2F&charset=utf-8&site-info=%7B%22owner%22%3A%22236...

203 B
284 B

57ms
57ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/49788082/1?wmode=7&page-url=https%3A%2F%2Fwww.luxubu.review%2Fv%2F-p04lup6pzpl2rl&page-ref=https%3A%2F%2Fkimcartoon.li%2F&charset=utf-8&site-info=%7B%22owner%22%3A%22236207%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A530%3Acn%3A1%3Adp%3A0%3Als%3A550637841960%3Ahid%3A693577862%3Az%3A120%3Ai%3A20210530180434%3Aet%3A1622390675%3Ac%3A1%3Arn%3A734932910%3Au%3A1622390675824110823%3Aw%3A706x505%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1622390673903%3Anp%3ATGludXggeDg2XzY0%3Ads%3A13%2C43%2C226%2C1%2C2%2C0%2C%2C313%2C0%2C%2C%2C%2C652%3Adsn%3A13%2C43%2C226%2C1%2C1%2C0%2C%2C365%2C0%2C%2C%2C%2C652%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622390675%3At%3AVideo%2098868-South.Park.S24E00.The.Pandemic.Special.1080p.CC.WEBDL.AAC2.0.H264JEW_1601570203.mp4

Requested by

Host: www.luxubu.review
URL: https://www.luxubu.review/v/-p04lup6pzpl2rl

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

251ecaabb3c95e3957824856e78eed715c6604a857b8aafd13a6620bce2ed61e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.luxubu.review/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 16:04:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 30-May-2021 16:04:34 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.luxubu.review
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 203
x-xss-protection: 1; mode=block
expires: Sun, 30-May-2021 16:04:34 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 16:04:34 GMT
last-modified: Sun, 30-May-2021 16:04:34 GMT
location: /watch/49788082/1?wmode=7&page-url=https%3A%2F%2Fwww.luxubu.review%2Fv%2F-p04lup6pzpl2rl&page-ref=https%3A%2F%2Fkimcartoon.li%2F&charset=utf-8&site-info=%7B%22owner%22%3A%22236207%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A530%3Acn%3A1%3Adp%3A0%3Als%3A550637841960%3Ahid%3A693577862%3Az%3A120%3Ai%3A20210530180434%3Aet%3A1622390675%3Ac%3A1%3Arn%3A734932910%3Au%3A1622390675824110823%3Aw%3A706x505%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1622390673903%3Anp%3ATGludXggeDg2XzY0%3Ads%3A13%2C43%2C226%2C1%2C2%2C0%2C%2C313%2C0%2C%2C%2C%2C652%3Adsn%3A13%2C43%2C226%2C1%2C1%2C0%2C%2C365%2C0%2C%2C%2C%2C652%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622390675%3At%3AVideo%2098868-South.Park.S24E00.The.Pandemic.Special.1080p.CC.WEBDL.AAC2.0.H264JEW_1601570203.mp4
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.luxubu.review
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 30-May-2021 16:04:34 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 37AE 43 B
112 B 50ms
49ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.luxubu.review
URL: https://www.luxubu.review/v/-p04lup6pzpl2rl

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.luxubu.review/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:34 GMT
last-modified: Fri, 28 May 2021 17:10:10 GMT
etag: "60ae3a7b-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 30 May 2021 17:04:34 GMT

GET
H2 403 456c95f88064d2106d30239a23150d66.js
awaitcola.com/45/6c/95/ Frame 37AE 0
0 538ms
98ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://awaitcola.com/45/6c/95/456c95f88064d2106d30239a23150d66.js
Requested by: Host: ddmax20.xyz
URL: https://ddmax20.xyz/scripts/ff20/hi/35/68/boa/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://www.luxubu.review/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 30 May 2021 16:04:35 GMT
server: nginx/1.17.6
content-type: application/javascript
content-length: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 slider-44.php Show response
video.your-notice.com/ Frame 6E9B 11 KB
4 KB 15ms
14ms Script
application/javascript 142.91.9.135
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://video.your-notice.com/slider-44.php?html=102158&new_left=1&ref_page=https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Requested by: Host: video.your-notice.com
URL: https://video.your-notice.com/html_102158.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 142.91.9.135 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 801fee1d0722daa559428642286585b12ebec3ca6bd1d8e56bbe7fa5f76f9286

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame 6B15 319 KB
103 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fkimcartoon.li
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://kimcartoon.li/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://kimcartoon.li/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 323008
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 30 May 2021 16:04:35 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6723)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H2 200 like.php
www.facebook.com/v2.0/plugins/ Frame 8D6F 0
0 25ms
24ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.0/plugins/like.php?action=&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc310caa5ed31%26domain%3Dkimcartoon.li%26origin%3Dhttps%253A%252F%252Fkimcartoon.li%252Ff35d814dc720968%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FSouth-Park-Season-24%2FSpecial-The-Pandemic-Special%3Fid%3D98868%26s%3Dfe&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=dd57f68c1fc599b6d8e0c187c2954528&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.0/plugins/like.php?action=&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc310caa5ed31%26domain%3Dkimcartoon.li%26origin%3Dhttps%253A%252F%252Fkimcartoon.li%252Ff35d814dc720968%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FSouth-Park-Season-24%2FSpecial-The-Pandemic-Special%3Fid%3D98868%26s%3Dfe&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kimcartoon.li/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://kimcartoon.li/

Response headers

pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
content-type: text/html;charset=utf-8
x-content-type-options: nosniff
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
x-fb-debug: 7TDaOo0lNEz75ypwOMMXOihe69faetuhe0BvznqbWsmFZKozAVjx+s7Wb43+9knTJZQTgg0y3IR0nAH2Ck+n2g==
content-length: 0
date: Sun, 30 May 2021 16:04:35 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 6B15 256 B
442 B 1164ms
114ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=cf89fb184c0f458929a290df7dd0df1ed3668acb

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fkimcartoon.li

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:36 GMT
content-encoding: gzip
last-modified: Sun, 30 May 2021 16:04:36 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: fdd65566879ecdc6ea4ddb5072d825d8dcb7da4e64c724ab264cbd139973df88
content-length: 176

GET
H2 200 PLAYER-200128-pack.js Show response
cdn.viaplays.com/static/ Frame 6E9B 710 KB
154 KB 498ms
168ms Script
application/javascript 173.237.61.68
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.viaplays.com/static/PLAYER-200128-pack.js

Requested by

Host: video.your-notice.com
URL: https://video.your-notice.com/slider-44.php?html=102158&new_left=1&ref_page=https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.237.61.68 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

0f91afb2ddf53f0744c1a5a8c94773cee45e7f2197b81806c26aa420950f1ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 17:43:54 GMT
server: nginx
etag: W/"5e5e975a-b1749"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 index.html Show response
ws.sharethis.com/secure5x/ Frame 5BDA 14 KB
4 KB 13ms
9ms Document
text/html 2600:9000:2182:3600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure5x/index.html
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:3600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 8beb64042187cc51fd691d55ff0221b6e9abf5ac8abe9dd494797d694f8b49b5

Request headers

:method: GET
:authority: ws.sharethis.com
:scheme: https
:path: /secure5x/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kimcartoon.li/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://kimcartoon.li/

Response headers

content-type: text/html
content-length: 4082
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 17:57:38 GMT
server: nginx/1.16.1
x-robots-tag: noindex, nofollow
date: Sat, 29 May 2021 19:06:10 GMT
etag: W/"60257012-390f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 7fZGXUsqcvyzXjK_BlY-NWR6NmVBtQJxJGw1HzqKHKueNwIJ9fXRcA==
age: 75506

GET
H2 200 stcommon.1f60705adac788a51a8240cf535237b0.js Show response
ws.sharethis.com/secure5x/js/ Frame 5BDA 16 KB
6 KB 10ms
10ms Script
application/javascript 2600:9000:2182:3600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:3600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65

Request headers

Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 21:47:25 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 9224231
etag: W/"60257012-40f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-robots-tag: noindex, nofollow
content-length: 5630
x-amz-cf-id: Qozp_MvpxXPeOvZy8W0xZGWiQAn3lHXzv3cLZyHbVZzMk4LTMV2ZFQ==
expires: Sat, 12 Feb 2022 21:47:25 GMT

GET
H2 200 st.5583d3f0facb4d4a55d1a93224fb446d.js Show response
ws.sharethis.com/secure5x/js/ Frame 5BDA 132 KB
32 KB 11ms
10ms Script
application/javascript 2600:9000:2182:3600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure5x/js/st.5583d3f0facb4d4a55d1a93224fb446d.js
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:3600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: c6d530197393988cfa840fdfe6f2cad81353a523398e861c0521b52f03b1b43b

Request headers

Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 02:00:58 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 9209018
etag: W/"60257012-20eab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: IZViC00u-MLPsqs5Od2IfPALxizqagvBX-b8v4Pryz6Mxw1VCBEVMg==
expires: Sun, 13 Feb 2022 02:00:58 GMT

GET
H2 200 / Show response
tag.vlitag.com/passback/ Frame 67DC 160 B
437 B 266ms
266ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/passback/?t=1622364808&d=14227&z=56192&divID=vi_1422756192_344&w=970&h=250

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1622364808/064b31ebe1436b09c01ac0d0c8ea96d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c73e1d1365aca4ebfc26951028e3b0ab9e8016100122bb3ad8a65868744b3107

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:36 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nVvSxYMXVbeSfMs3Se0rsbNbq%2BR04ZqKbmZtjeLf79H1wFZtx5fFbExS8Yp08eabcsrNU%2Fe8diXjpNSAKwg9yhkJoT%2BIelwrXXQPlTNZIgHerteNMGjDuzgJGU4JLNEKBZGk5N3Zgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-request-id: 0a5f9e34fa0000d6f95d826000000001
cf-ray: 657933018b73d6f9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 /
stats.vlitag.com/pi/ 0
302 B 123ms
121ms Image
image/jpeg 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.vlitag.com/pi/?e=zdNwUArrrtZ-KUKa-PUUq-weMw-KeetwPYMYyweRzNhqllwqe0RrNTPYYKRmNZUTaYRrcorNco_TPYYKZUTaY_BPPRrtNRcsokty_orN
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:36 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kTgZmgMbTcenMtVx0EACGzIPJ7SP7D17tjNKqv384w1qOXWyDs44QtwRjmzjjRMYoFj02RMeptcOfAi3WMHiW5BvkB1N4R7kQ8LBGfjOt1QVCIGDi1hHv1efz8mH%2BYBQTX5CG7QZZtIq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 657933019b81d6f9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 0a5f9e34fe0000d6f941820000000001

GET
H2 204 g_pbto
1x1.a-mo.net/hbx/ 0
89 B 562ms
99ms Image
text/plain 35.153.9.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1622390676733&eid=25bcaed4449cf1c
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.153.9.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-153-9-102.compute-1.amazonaws.com
Software: MonetEngine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:37 GMT
cache-control: max-age=0, private, must-revalidate
server: MonetEngine

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 14CD 89 KB
35 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-29

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1622364808/064b31ebe1436b09c01ac0d0c8ea96d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe5ca67f21eefeca7cd2a4bea7b1b6fe068c4e31d175ef58a370144e3f5fcb07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35883
x-xss-protection: 0
last-modified: Sun, 30 May 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 30 May 2021 16:04:36 GMT

GET
H2 200 / Show response
tag.vlitag.com/passback/ Frame 0D2E 161 B
546 B 18ms
17ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/passback/?t=1622364808&d=14227&z=56186&divID=vi_1422756186_495&w=300&h=250

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1622364808/064b31ebe1436b09c01ac0d0c8ea96d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d430e424beaf45f77abdd3a6cbee70b1f357cf7d6fa3fd591a007ee3034e6832

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8563
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sT3p9nw9vFRBHbFEwUyP8RROx7VAZiT3C9Bs5oWFfuzXTwmFenjPNxWC9u2wr%2BBPzx3M9Zs8wZF%2BnN4Lhq7pqAH5vkpi43SyRcnewpYPYf3Wl3uqX8s7vgXCovBq49iH6H75fa4LVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-request-id: 0a5f9e353f0000d6f97c94a000000001
cf-ray: 65793301fc24d6f9-FRA

GET
H3-29 200 /
stats.vlitag.com/pi/ 0
533 B 122ms
121ms Image
image/jpeg 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.vlitag.com/pi/?e=zdNBZqMYtUP-qAYw-Pewe-qeaA-qMwYAKqaPAAwRzNhqllwqe0RrNTPYYKRmNZUTMURrcorNco_TPYYKZUTMU_PaZRrtNRcsokty_orN
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:36 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AtXqtw6A8BzWPeVOVFjbgNLMv27EQFz0D8lpjgcVouThpcw%2BxNDEOquaopZ4o9w0ilTFm2GgzICglkQgPnhisoqT%2FcJI%2BpwcDdBflKLo1D7MiIrqAzKQEWJHichZTeuJQPAH8O1rZYTv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6579330259112b89-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 0a5f9e357900002b8979b5c000000001

GET
H2 200 / Show response
tag.vlitag.com/passback/ Frame E673 161 B
437 B 13ms
12ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/passback/?t=1622364808&d=14227&z=56194&divID=vi_1422756194_833&w=300&h=250

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1622364808/064b31ebe1436b09c01ac0d0c8ea96d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f65066f6db9765ba6900cae0fc7e207ef9e96505d009430cd2d96a8324eba80c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 24353
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rCDUMVhwh%2B3VG14ZX2CPkQGGI8nODdLGpZLSk42CA207BdiLr6a58er9G6%2BFfafkR5somLUZTgiw10nKtyPlcdB5pGciAZor6Vz6g8xwCBkBogtpw7EKx8o%2FuY2ffxTRaQ0xnD70AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-request-id: 0a5f9e354f0000d6f97f2ef000000001
cf-ray: 657933021c58d6f9-FRA

GET
H3-29 200 /
stats.vlitag.com/pi/ 0
538 B 122ms
121ms Image
image/jpeg 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.vlitag.com/pi/?e=zdNrTATKeUZ-AATa-PwtB-aTry-qyqyAYrZYeAARzNhqllwqe0RrNTPYYKRmNZUTaPRrcorNco_TPYYKZUTaP_MBBRrtNRcsokty_orN
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:36 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uWaQ%2FTAgjJZrDh4nBs3jjIRICheIutFDdBJJGSR%2BnAZUtrHB9Q%2F0nomEQKp6lc2pB0ZINzG7V%2Bf9rLu0AOxxKrT7vT5ocFOdzw5GqDsCTEcWjMAG%2BWKfLJ0J5PRPoQtVdkq%2FapazBFeX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6579330259132b89-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 0a5f9e357900002b89e4b48000000001

GET
H2 204 g_pbto
1x1.a-mo.net/hbx/ 0
88 B 501ms
100ms Image
text/plain 35.153.9.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1622390676817&eid=26920e60051db8d
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.153.9.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-153-9-102.compute-1.amazonaws.com
Software: MonetEngine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:37 GMT
cache-control: max-age=0, private, must-revalidate
server: MonetEngine

GET
H/1.1 200
OK a1495179.js Show response
js.genieessp.com/t/495/179/ Frame 0D2E 0
285 B 274ms
265ms Script
text/plain 222.230.178.129
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.genieessp.com/t/495/179/a1495179.js
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1622364808&d=14227&z=56186&divID=vi_1422756186_495&w=300&h=250
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.129 Sapporo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 16:04:36 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: nginx
Connection: keep-alive
Content-Length: 0
Warning: 199 - "You are prohibited from visiting this website due to GDPR compliance requirements."
Content-Type: text/plain

GET
H/1.1 200
OK a1495180.js Show response
js.genieessp.com/t/495/180/ Frame E673 0
285 B 535ms
267ms Script
text/plain 222.230.178.129
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.genieessp.com/t/495/180/a1495180.js
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1622364808&d=14227&z=56194&divID=vi_1422756194_833&w=300&h=250
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.129 Sapporo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 16:04:37 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: nginx
Connection: keep-alive
Content-Length: 0
Warning: 199 - "You are prohibited from visiting this website due to GDPR compliance requirements."
Content-Type: text/plain

GET
DATA 200
OK truncated
/ Frame 6E9B 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK a1495170.js Show response
js.genieessp.com/t/495/170/ Frame 67DC 0
285 B 638ms
267ms Script
text/plain 222.230.178.129
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.genieessp.com/t/495/170/a1495170.js
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1622364808&d=14227&z=56192&divID=vi_1422756192_344&w=970&h=250
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.129 Sapporo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 16:04:37 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: nginx
Connection: keep-alive
Content-Length: 0
Warning: 199 - "You are prohibited from visiting this website due to GDPR compliance requirements."
Content-Type: text/plain

GET
H/1.1 200
OK button.5573c974dc31bbdab5ea7923a0bd5cf3.js Show response
platform.twitter.com/js/ 7 KB
3 KB 8ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.5573c974dc31bbdab5ea7923a0bd5cf3.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668A) /
Resource Hash: e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 16:04:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:41 GMT
Server: ECS (frb/668A)
Age: 323011
Etag: "382be2960021b88f6ce982d997cdbd01+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 14CD 48 KB
19 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5865
date: Sun, 30 May 2021 14:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 30 May 2021 16:26:52 GMT

GET
H/1.1 200
OK follow_button.06c6ee58c3810956b7509218508c7b56.en.html Show response
platform.twitter.com/widgets/ Frame 0C4E 36 KB
14 KB 9ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668A) /
Resource Hash: 2aad1dea74398906714d858498fcf050795f15a08fac55ce829a107393b5cfa6

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://kimcartoon.li/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://kimcartoon.li/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 323010
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 30 May 2021 16:04:37 GMT
Etag: "2619db8370b1a8c68c62850e51110674+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:42 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/668A)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13632

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ Frame 14CD 1 B
21 B 16ms
14ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1293194873&t=pageview&_s=1&dl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FSouth-Park-Season-24%2FSpecial-The-Pandemic-Special%3Fid%3D98868%26s%3Dfe&ul=en-us&de=UTF-8&dt=noBid_kimcartoon.li_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=kimcartoon.li&cm=noBid&cc=Default&_u=YEBAAUABAAAAAC~&jid=1844103820&gjid=1603859198&cid=465262716.1622390677&tid=UA-128776493-29&_gid=1784490582.1622390677&_r=1&gtm=2ou5q1&z=21321486

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 16:04:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kimcartoon.li
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ Frame 14CD 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1293194873&t=pageview&_s=2&dl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FSouth-Park-Season-24%2FSpecial-The-Pandemic-Special%3Fid%3D98868%26s%3Dfe&ul=en-us&de=UTF-8&dt=noBid_kimcartoon.li_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=kimcartoon.li&cm=noBid&cc=Default&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=465262716.1622390677&tid=UA-128776493-29&_gid=1784490582.1622390677&gtm=2ou5q1&z=1179680747

Requested by

Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 08:55:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25770
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ Frame 14CD 35 B
55 B 9ms
9ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1293194873&t=pageview&_s=3&dl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FSouth-Park-Season-24%2FSpecial-The-Pandemic-Special%3Fid%3D98868%26s%3Dfe&ul=en-us&de=UTF-8&dt=noBid_kimcartoon.li_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=kimcartoon.li&cm=noBid&cc=Default&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=465262716.1622390677&tid=UA-128776493-29&_gid=1784490582.1622390677&gtm=2ou5q1&z=1857704242

Requested by

Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 08:55:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25770
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0C4E 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
375 B 114ms
114ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fkimcartoon.li%2FCartoon%2FSouth-Park-Season-24%2FSpecial-The-Pandemic-Special%3Fid%3D98868%26s%3Dfe%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1622390677474%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Sun, 30 May 2021 16:04:37 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: fdd65566879ecdc6ea4ddb5072d825d8dcb7da4e64c724ab264cbd139973df88
x-transaction: 534170b61f2b9fcf
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 102158 Show response
vids.viaplays.com/dsp/vast/ Frame 6E9B 71 B
489 B 492ms
165ms XHR
application/xml 173.237.61.68
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://vids.viaplays.com/dsp/vast/102158?&randoms=138846167753

Requested by

Host: cdn.viaplays.com
URL: https://cdn.viaplays.com/static/PLAYER-200128-pack.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.237.61.68 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 16:04:37 GMT
x-content-type-options: nosniff
server: nginx
age: 0
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST
content-type: application/xml; charset=utf-8
access-control-allow-origin: https://kimcartoon.li
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept
content-length: 71

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
315 B 10ms
10ms Image
text/plain 18.198.109.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1622390673950.23694&hostname=kimcartoon.li&location=%2FCartoon%2FSouth-Park-Season-24%2FSpecial-The-Pandemic-Special&product=widget&fcmp=false&fcmpv2=false&publisher=39da8212-8bbb-4097-a85f-6cedb7bc9464&bsamesite=true&consent_cookie_duration=652&consent_duration=652&gdpr_domain=.consensu.org&gdpr_method=cookie&url=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FSouth-Park-Season-24%2FSpecial-The-Pandemic-Special%3Fid%3D98868%26s%3Dfe&title=Watch%20South%20Park%20Season%2024%20_Special%20-%20The%20Pandemic%20Special%20online%20FREE%20%7C%20KimCartoon&sop=false&description=Watch%20online%20and%20download%20cartoon%20South%20Park%20Season%2024%20_Special%20-%20The%20Pandemic%20Special%20in%20high%20quality.%20Various%20formats%20from%20240p%20to%20720p%20HD%20(or%20even%201080p).%20HTML5%20available%20for%20mobile%20devices&gdpr_domain=.consensu.org&gdpr_method=cookie&description=Watch%20online%20and%20download%20cartoon%20South%20Park%20Season%2024%20_Special%20-%20The%20Pandemic%20Special%20in%20high%20quality.%20Various%20formats%20from%20240p%20to%20720p%20HD%20(or%20even%201080p).%20HTML5%20available%20for%20mobile%20devices&img_pview=true
Requested by: Host: kimcartoon.li
URL: https://kimcartoon.li/Cartoon/South-Park-Season-24/Special-The-Pandemic-Special?id=98868&s=fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kimcartoon.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 16:04:37 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET blank.mp4
cdn.viaplays.com/video/ Frame 6E9B 0
0

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame 8E17 4 KB
1 KB 142ms
138ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 200a204d4a5955c603138e1a17cb798622e68c1c1f61fb6c338e9155e7767012

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kimcartoon.li/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://kimcartoon.li/

Response headers

date: Sun, 30 May 2021 16:04:39 GMT
content-type: text/html
set-cookie: uid=852d37a6-6d93-48c7-b1dc-9887418cb620; expires=Sat, 19 Jun 2021 16:04:39 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 0a5f9e40c10000063175860000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4%2FZ0zk0y8F80Nz9MPDezQKbYn2uAuIyvvIBRUK1F3g5y%2B%2FU9cq%2BXiv0er8Tsvt2yS%2BtxJFOTN0o35xyVPSvaObSiIP1WI8%2F216yE5iHyg4%2FkmgRaAab6SuLnAQKtzloz%2BWzVOoi1tQSAnDA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 657933146f940631-FRA
content-encoding: br

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame DD3C 4 KB
1 KB 157ms
154ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 784ceb3ec35b65d61a409f124ee0fdc0bb46c7e7668ceef9340c44d065ddd8d9

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kimcartoon.li/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://kimcartoon.li/

Response headers

date: Sun, 30 May 2021 16:04:39 GMT
content-type: text/html
set-cookie: uid=93771256-0ef4-4439-a099-1e19d4d4f2c1; expires=Sat, 19 Jun 2021 16:04:39 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 0a5f9e40c1000006318b831000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8MpkD6gxM0O2KMccT%2BxKH1CAZ7ge%2BoED2EH%2B3QqoCTUWZOhht%2BOW8%2B61zp1kA6qhrO0jKPt2WFVRTHeGwHmbHl2a2QCBNnn8jzyn8pRUo15XRiHWz8YzdS1YvzTh7O%2BO7qKguwcroE%2FbPks%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 657933146f930631-FRA
content-encoding: br

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame C574 4 KB
1 KB 139ms
138ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38716191b8a952582a11b8259f75a89138b5cf96ddc9941d842c04cc5fa05c8b

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kimcartoon.li/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://kimcartoon.li/

Response headers

date: Sun, 30 May 2021 16:04:39 GMT
content-type: text/html
set-cookie: uid=7dbcdc9c-5fdb-43ff-a855-b1c629c06629; expires=Sat, 19 Jun 2021 16:04:39 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 0a5f9e40c100000631601bf000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4Xq%2FxKwPMtVTkDtOqaaIsxpOK%2FNbiYnNr4NFmm0kAz3yhO7uvGV1GS4aCv0OKkTDqXrKPzgEmDj8%2FLbs1G%2Bdq159KegNd3t%2Fk36CDpXhrVKv0lZdvxwtqHTjSupOw6IPOZp312VMexSfrE8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 657933146f970631-FRA
content-encoding: br

GET
H2

200

setuid
sync.quantumdex.io/ Frame 8E17
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=a87d6c2b-2e00-5296-a3d3-5852c360efc8

43 B
343 B

138ms
134ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=a87d6c2b-2e00-5296-a3d3-5852c360efc8
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vLFI79ELZxMDiKrM5LZUAne6iJZZGIhJPtlwhG7O1bDP2j2JRQmckGrsNx4%2B0dRiDy69sOyionWj3iJb9Ef%2BHyZfXNz6nUh6jVthwaOgMQTY8Xb7%2FjuCnx9imD8hWl6rukHb8xHUxzt1NLE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65793325fa340631-FRA
content-length: 43
cf-request-id: 0a5f9e4bba000006316a953000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=a87d6c2b-2e00-5296-a3d3-5852c360efc8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 8E17
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=146146024204649675

43 B
340 B

137ms
136ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=146146024204649675
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jo9AyslB4mzRrpt4PVjx7bTGdnPFIH0RNbznYE9jgZDaWTYv4VUfUNLdEduKq2b7VVgzkDzMadVioQFegcZpMLMWwytYZDoDtQgw9W43JP1lg%2BQfZ1xGkCvFNJj61Q3DBmeYDh0J4pDnjNw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657933261a740631-FRA
content-length: 43
cf-request-id: 0a5f9e4bcb000006314613f000000001

Redirect headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:42 GMT
X-Proxy-Origin: 37.120.217.220; 37.120.217.220; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.146:80
AN-X-Request-Uuid: e6855be0-99a5-4ac7-a471-4790d58f223b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=146146024204649675
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 8E17
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8559430856929472137

43 B
486 B

244ms
244ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8559430856929472137
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zH40bu%2FI%2BSfMCWw1Dd9dXBXYsV5Ds4KRsOBXZjz9IA7Ri6f%2FiYB7c42rG0N2W4RTx6Xo5Ovn1aRmaNNrAiOoWmOQuSKkBwKkSZ%2B5JXVCXX%2BDvc5bxr%2BH%2FZ3wnwb3P7MaGTsywmfG4qSF6z4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657933261a8b0631-FRA
content-length: 43
cf-request-id: 0a5f9e4bd20000063149186000000001

Redirect headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:42 GMT
X-Proxy-Origin: 37.120.217.220; 37.120.217.220; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.235:80
AN-X-Request-Uuid: 8d7f3942-76eb-414d-a56e-f44bdd64f084
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8559430856929472137
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 8E17
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPbea94f55-c160-11eb-87da-021d85f833f4
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPbea94f55-c160-11eb-87da-021d85f833f4

43 B
348 B

140ms
136ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPbea94f55-c160-11eb-87da-021d85f833f4
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3zGcavVG%2BqiQJpq%2BA2T117O2tmdhJ%2F%2FuXY5rqaHLtWjryxGs3P7KxT%2BeCNX3kP2APQbSbEn%2BypuGijyyUEWH0cseKESrHYQ4EBUpcCyUtIGl93GeJUPwVV5Keq%2BgqZiBSxkaCLBe2IcsSVY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65793325fa370631-FRA
content-length: 43
cf-request-id: 0a5f9e4bba00000631be1d4000000001

Redirect headers

Date: Sun, 30 May 2021 16:04:42 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPbea94f55-c160-11eb-87da-021d85f833f4
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 8E17
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3081307013577367410

43 B
350 B

130ms
130ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3081307013577367410
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CtRW3H%2BSjrdqRjNYwnwXdFRsnYnj8YW%2F3lHbBu%2FwpJ2jxe3ycMe6u6GxnyboMv7lc88dzkkHh93x3qARwaq2RGgi%2BH%2B6WgMqsCS2PPS%2Bd6DmDjZ8NU7bp8hawHQLO%2Fc5hhYthrN%2B4JS9ZSQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657933262ab20631-FRA
content-length: 43
cf-request-id: 0a5f9e4bd9000006314c9cf000000001

Redirect headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:42 GMT
X-Proxy-Origin: 37.120.217.220; 37.120.217.220; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.177:80
AN-X-Request-Uuid: 6010bb29-9f7c-4895-96dd-f1107427e53c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3081307013577367410
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 8E17
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=db3d43fc-d1b8-425f-8db1-022f25f70f70

43 B
345 B

135ms
135ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=db3d43fc-d1b8-425f-8db1-022f25f70f70
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:40 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aHr5I4j1dIi2FPVTWk7hjrV9sKuf2eKjATIGubwzeqseUTAFKQPG%2FPxzA%2FHgOT3AAcITqSBmbDd%2Fm24wfWHgF6dcKq%2FPJOerZISPrWauHc3305lUaTgGkD5ys%2BFHEEWKzCRvkdeu9LRAWL4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65793316dd2e0631-FRA
content-length: 43
cf-request-id: 0a5f9e4249000006316a860000000001

Redirect headers

date: Sun, 30 May 2021 16:04:40 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=K%2BevZ7OQ5R%2FsoXGB8ek82MKhXBDy8x8Zz3FHmC9EVdmIbNpzTMJQccZYskaEqQ2kNYBf5DLl0tJkyl%2BYPFkBdds6SnALN%2Bv1aIphYIil77yNS%2Bb9ZJC6vLnyZr6xBFXRj17RAIZL7ztR"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=db3d43fc-d1b8-425f-8db1-022f25f70f70
cf-ray: 657933156a020631-FRA
content-length: 0
cf-request-id: 0a5f9e4166000006316ea55000000001

GET
H2

200

setuid
sync.quantumdex.io/ Frame 8E17
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-rflPZnZE2uFFwSHUKIiCMmQ9HRnvtAp3U09zhxA-~A

43 B
363 B

132ms
130ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-rflPZnZE2uFFwSHUKIiCMmQ9HRnvtAp3U09zhxA-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hSdN3dUqscmAIcwbw0ajfsl3OVqHFjaVuiLyvBA7y1Gag3DKf5l0U7hsyZ73oswwXnXMXVxObGG1AE3AYAd5hYnz0XtNGXvGna%2F8LZSVjIgUtrqnSQFYbpg8xem7uuMQTU157D2A%2F4BlEqI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65793325b9940631-FRA
content-length: 43
cf-request-id: 0a5f9e4b9600000631879fa000000001

Redirect headers

Date: Sun, 30 May 2021 16:04:42 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-rflPZnZE2uFFwSHUKIiCMmQ9HRnvtAp3U09zhxA-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 8E17
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=782d2e6929284ada9e399c4e

43 B
346 B

125ms
125ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=782d2e6929284ada9e399c4e
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TQCjgfk6jo3MUjHp2YVwRL%2FCyGifRkt%2FUZQ7%2FXkcsGPbtGRq6sPR2%2BQNI7jnYoQPzqULDPbpk7s828j3RV4oBL6vxgmm63w0hos%2F4hvBBHuFPNPtEZJQmusmjI7OEKcQRw4lPv6hW1m0zOM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657933263ac00631-FRA
content-length: 43
cf-request-id: 0a5f9e4bdf000006316eb5d000000001

Redirect headers

Date: Sun, 30 May 2021 16:04:42 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=782d2e6929284ada9e399c4e
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 8E17
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-8b77a038-8f9b-435b-892a-eb2ae020068b

43 B
340 B

129ms
129ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-8b77a038-8f9b-435b-892a-eb2ae020068b
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YvGfHKrwxEcomjoRBkv9afgwz62tubmIDUiQHuY6eH6bx3oWA0hWhEziK0IPbAUn6GUg59X9k5rBKV1cUdRuAqFeDZ9HuCcIveiFzo5Ho7iP2zwViy1mvYPVkv%2FUZG2rhJ%2BMcNQzgf5uFFk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657933273d5e0631-FRA
content-length: 43
cf-request-id: 0a5f9e4c8200000631a828f000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-8b77a038-8f9b-435b-892a-eb2ae020068b
date: Sun, 30 May 2021 16:04:42 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 8E17
Redirect Chain

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Damx-rtb%26uid%3D
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3Dd1b7525f-d24e-4757-8f7d-b8bc6998fc95%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%253FA%253Dd1b7525f-d24e-4757-8f7d-b8bc6998fc95%2526bidder%253Dappnexus%2526cbx%253DaHR0cHM6Ly9zeW5jLnF1Y...
https://prebid.a-mo.net/cchain/0?A=d1b7525f-d24e-4757-8f7d-b8bc6998fc95&bidder=appnexus&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=611051608449761676
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3Dd1b7525f-d24e-4757-8f7d-b8bc6998fc95%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlc...
https://prebid.a-mo.net/cchain/1?A=d1b7525f-d24e-4757-8f7d-b8bc6998fc95&bidder=sovrn&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0=&uid=abfeaacf2453d1a084bd238e
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3Dd1b7525f-d24e-4757-8f7d-b8bc6998fc95%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW...
https://prebid.a-mo.net/cchain/2?A=d1b7525f-d24e-4757-8f7d-b8bc6998fc95&bidder=index_rtb&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=YLO3mQSM0HaISZDWP4n8ywAA%...
https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3Dd1b7525f-d24e-4757-8f7d-b8bc6998fc95%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZ...
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3Dd1b7525f-d24e-4757-8f7d-b8bc6998fc95%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW5...
https://prebid.a-mo.net/cchain/3?A=d1b7525f-d24e-4757-8f7d-b8bc6998fc95&bidder=pubmatic&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=
https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=d1b7525f-d24e-4757-8f7d-b8bc6998fc95

43 B
341 B

132ms
132ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=d1b7525f-d24e-4757-8f7d-b8bc6998fc95
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:44 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0tQi5kuWa3h%2Fa5jiyyfU%2FKHPcNjA7e48AlwuOxMrvs7cy23tEvCA7d5SCX63APMXqMvpeVPWBMMjj1htOKXkL0lWeiUn1VRCArbKpZTxsdRX9Oo5o4N97gpdo1wjZDtBB%2F3FnUGjFh2luCk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6579333029be0631-FRA
content-length: 43
cf-request-id: 0a5f9e52170000063149217000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=d1b7525f-d24e-4757-8f7d-b8bc6998fc95
date: Sun, 30 May 2021 16:04:43 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 8E17 0
478 B 7236ms
23ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:47 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame FF83
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

52ms
20ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6fc782d5123fb35c8cdf3db0d1f9710f4af2c8e7cb00241126a610dc38ffb167

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YLO3mQSM0HaISZDWP4n8xwAA; CMPS=5186
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|241|39|230|31|57|73|239
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1838
Expires: Sun, 30 May 2021 16:04:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 30 May 2021 16:04:41 GMT
Connection: keep-alive
Set-Cookie: CMID=YLO3mQSM0HaISZDWP4n8xwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 30 May 2022 16:04:41 GMT CMPS=5186;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 Aug 2021 16:04:41 GMT CMPRO=1220;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 Aug 2021 16:04:41 GMT CMST=YLO3mWCzt5kA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 31 May 2021 16:04:41 GMT CMRUM3=4960b3b79905a0&f160b3b79905a0&ef60b3b79905a0&e660b3b7992760&3960b3b79905a0&2760b3b7990b40&2d60b3b79905a0&1f60b3b79905a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 30 May 2022 16:04:41 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sun, 30 May 2021 16:04:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 30 May 2021 16:04:41 GMT
Connection: keep-alive
Set-Cookie: CMID=YLO3mQSM0HaISZDWP4n8xwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 30 May 2022 16:04:41 GMT CMPS=5186;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 Aug 2021 16:04:41 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 54BC 8 KB
3 KB 2576ms
8ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Wed, 21 Oct 2020 18:57:29 GMT
etag: "1300708-1f78-5b232eb4914bb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2654
content-type: text/html; charset=UTF-8
cache-control: max-age=23393
expires: Sun, 30 May 2021 22:34:35 GMT
date: Sun, 30 May 2021 16:04:42 GMT
vary: Accept-Encoding

GET /
ssc-cms.33across.com/ps/ Frame 2AAD 0
0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 862D 2 KB
818 B 15395ms
14ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame 12DC 43 B
551 B 7480ms
14ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Sun, 30 May 2021 16:04:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YLO3o; path=/; domain=.go.sonobi.com

GET
H2

200

setuid
sync.quantumdex.io/ Frame C574
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=a87d6c2b-2e00-5296-a3d3-5852c360efc8

43 B
492 B

141ms
139ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=a87d6c2b-2e00-5296-a3d3-5852c360efc8
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Bpewj%2F9WJwPXh2v19Jeee%2B%2FWlgbHZU%2BXDulRWEcHqj43v5orbSZCb5JUrHnvQiiC3x%2FO6snV47XH%2B7S4nHx5Div4XHrlqkk48DR8G7nyyx%2By%2B9YqrgH7Ifrxr%2F%2FjgQFpqOKXDIOf7Dhlh%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65793325fa360631-FRA
content-length: 43
cf-request-id: 0a5f9e4bba0000063163b9b000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=a87d6c2b-2e00-5296-a3d3-5852c360efc8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame C574
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2540641314021875065

43 B
366 B

126ms
125ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2540641314021875065
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9MfWOsa2n7RHPklWj66Px8KxSBdMPnkXPAX7D1BkF%2F6QnXVSdjiA6h57Xvc8XoA7w3wSCP0JGPvl0hD0MRiD90SHoTxbZCb8V0pVulWY%2FeljZbTHaVZQv%2BeQVjMUbXdmCdhlBOzr5q6t4wM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657933261a6f0631-FRA
content-length: 43
cf-request-id: 0a5f9e4bca00000631c1af3000000001

Redirect headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:42 GMT
X-Proxy-Origin: 37.120.217.220; 37.120.217.220; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.79:80
AN-X-Request-Uuid: 6bbf7192-82ef-45c0-b7d9-44b7221f7def
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2540641314021875065
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame C574
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8559430856929472137

43 B
365 B

246ms
246ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8559430856929472137
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bjAP27OjXY0L7%2FRq7SThwRtYHTL00jyb9kzc%2BvpvyWcSqpr7T9thwb2Oee6o1BikkT6FdoxYIfN0Xov2nw1mYPsDYzKRmMyFKbkapmI%2B1VVaj2GxF5CGN04ZFrcwGMT553B678SfqNM6pjM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657933262aba0631-FRA
content-length: 43
cf-request-id: 0a5f9e4bdc000006319a86b000000001

Redirect headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:42 GMT
X-Proxy-Origin: 37.120.217.220; 37.120.217.220; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.81:80
AN-X-Request-Uuid: 2d8685d6-9d6e-44dc-b941-f9f13bea03e0
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8559430856929472137
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame C574
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPbea94f55-c160-11eb-87da-021d85f833f4
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPbea94f55-c160-11eb-87da-021d85f833f4

43 B
345 B

141ms
135ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPbea94f55-c160-11eb-87da-021d85f833f4
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bOztKHaDLjx6P2eKRa4YX%2BfJUpp58pwXuja5raAjj4P833%2Fimy%2FLfW2dgW4epOO8JoX24YV%2BCQjZcXYa56TUYcVIZhx3SjCSWeRE96bzvDqxtVvkFI3RQagpl4rKgH%2BxeISyaweLqak4bM0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65793325fa300631-FRA
content-length: 43
cf-request-id: 0a5f9e4bba000006314fbad000000001

Redirect headers

Date: Sun, 30 May 2021 16:04:42 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPbea94f55-c160-11eb-87da-021d85f833f4
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame C574
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5131895463477007882

43 B
342 B

138ms
137ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5131895463477007882
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HLF6i3oioN9smfdeowOe4npKh4%2Bljv04VWt99gv3%2Bs7BUX8fS6MmsaDu7sTi%2FyIbmMo32FrgB2WYn%2BFpqfFFQyX4kcqJ4IS9XmRM3AJ0ZvX1ZT3dgQF6RTgGsxcTxJK3m8aqqckfICIv18E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657933261a710631-FRA
content-length: 43
cf-request-id: 0a5f9e4bcb0000063151093000000001

Redirect headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:42 GMT
X-Proxy-Origin: 37.120.217.220; 37.120.217.220; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.76:80
AN-X-Request-Uuid: a33c98eb-26d8-4ed9-ba61-5708b75918d8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5131895463477007882
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame C574
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=476376cf-ce55-4942-bf43-078b3c1c7e24

43 B
345 B

130ms
130ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=476376cf-ce55-4942-bf43-078b3c1c7e24
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:40 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HNUIh7ENxaCReqmhx97usp%2B91OMlR5jgrRjPGRAFwuRqKKM7aH4odrgmlJv%2F482Adsq45n38Pub6IEoanAlZSPWCA0gfdQ7PPXnSKmhOlyJt%2F%2BqmIFzRDZtURU%2BBR7INOy5FfVdElGhFtDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65793316ed630631-FRA
content-length: 43
cf-request-id: 0a5f9e42550000063176250000000001

Redirect headers

date: Sun, 30 May 2021 16:04:40 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BP5bPrIv7MypPcKbuKU4Ein%2FVpEiihYA4f1Y2R2CYIu%2BN8aNSa6xwboTMU7uezCgEylyjYPTcXl3TXe83My1kgMV1koISwf9C0%2FduGsQ9nasuAe5U5AmcxM6iccNSVXcrLEtiMKXKRN1"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=476376cf-ce55-4942-bf43-078b3c1c7e24
cf-ray: 657933157a1d0631-FRA
content-length: 0
cf-request-id: 0a5f9e41700000063192076000000001

GET
H2

200

setuid
sync.quantumdex.io/ Frame C574
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-rflPZnZE2uFFwSHUKIiCMmQ9HRnvtAp3U09zhxA-~A

43 B
343 B

151ms
150ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-rflPZnZE2uFFwSHUKIiCMmQ9HRnvtAp3U09zhxA-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tbeF1cD0Bn8oRqBZP5nnRAWheOUNjnb06hTiUgLM%2BrRL2TRJTXu15ziw4oBWXu82VT%2Bta23P5ijXh2TquO6MwnUHaITaSm9K%2BGFvt7Xkns03tVx23FzxDF%2BbKPw7mEw2Ps3Q6AarZXgqOXw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65793325b9950631-FRA
content-length: 43
cf-request-id: 0a5f9e4b95000006317327a000000001

Redirect headers

Date: Sun, 30 May 2021 16:04:42 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-rflPZnZE2uFFwSHUKIiCMmQ9HRnvtAp3U09zhxA-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame C574
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3a413102b46170a3b714352a

43 B
347 B

249ms
249ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3a413102b46170a3b714352a
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zPDXN6LJJLzkbCl8jycWMbV%2Fc5%2B%2BbRfB7duJbEuG5ZbvTMSrUsRG7X5aa58VOZyPac0a81nFd%2FkygbAwzRMuFf8yeGIqh9M9d63dQ%2BQUAts4YXG%2Ftun06QLSZrMbyMRrwyVykYBQKJa97iQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657933265b180631-FRA
content-length: 43
cf-request-id: 0a5f9e4bf70000063175985000000001

Redirect headers

Date: Sun, 30 May 2021 16:04:42 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3a413102b46170a3b714352a
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame C574
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-ea3166b5-16a9-40fd-8010-2d34d469c631

43 B
352 B

126ms
126ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-ea3166b5-16a9-40fd-8010-2d34d469c631
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MZy5mv7nrp4dHPrxL0EHpJ%2FAggnh70UKnP6e6c8hbGo8AApKAG8blGH6yiavHkglmUAtQS5r0NFqcJQi%2FIZLRkrUL57vkjXv5UFtkujeddus4zKL41ETPMQbF1lV2JJA5JT%2B4OvC0CYfzV0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657933273d5c0631-FRA
content-length: 43
cf-request-id: 0a5f9e4c8100000631b4036000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-ea3166b5-16a9-40fd-8010-2d34d469c631
date: Sun, 30 May 2021 16:04:42 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame C574
Redirect Chain

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Damx-rtb%26uid%3D
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3Dba016e2f-49ef-4fae-9cd6-812ae0f8ccf7%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%253FA%253Dba016e2f-49ef-4fae-9cd6-812ae0f8ccf7%2526bidder%253Dappnexus%2526cbx%253DaHR0cHM6Ly9zeW5jLnF1Y...
https://prebid.a-mo.net/cchain/0?A=ba016e2f-49ef-4fae-9cd6-812ae0f8ccf7&bidder=appnexus&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=5809129688323743397
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3Dba016e2f-49ef-4fae-9cd6-812ae0f8ccf7%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlc...
https://prebid.a-mo.net/cchain/1?A=ba016e2f-49ef-4fae-9cd6-812ae0f8ccf7&bidder=sovrn&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0=&uid=abfeaacf2453d1a084bd238e
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3Dba016e2f-49ef-4fae-9cd6-812ae0f8ccf7%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW...
https://prebid.a-mo.net/cchain/2?A=ba016e2f-49ef-4fae-9cd6-812ae0f8ccf7&bidder=index_rtb&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=YLO3mQSM0HaISZDWP4n8ywAA%...
https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3Dba016e2f-49ef-4fae-9cd6-812ae0f8ccf7%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZ...
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3Dba016e2f-49ef-4fae-9cd6-812ae0f8ccf7%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW5...
https://prebid.a-mo.net/cchain/3?A=ba016e2f-49ef-4fae-9cd6-812ae0f8ccf7&bidder=pubmatic&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=
https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=ba016e2f-49ef-4fae-9cd6-812ae0f8ccf7

43 B
368 B

126ms
126ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=ba016e2f-49ef-4fae-9cd6-812ae0f8ccf7
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:44 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2F1RBbNsNFZtSYQ%2BXKEhoXVsxHzH9UwqpwLpcjNY3sstrqVsvOWUqLhYZil4OCG8MfAHQg1RX789v%2BRnf2JeT08HnGjULnxo5HC2XMYIS3kVdNI%2BOUpSwr6VHLA237g866FXoBjx9p3YZSFU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6579333029c00631-FRA
content-length: 43
cf-request-id: 0a5f9e5218000006318c131000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=ba016e2f-49ef-4fae-9cd6-812ae0f8ccf7
date: Sun, 30 May 2021 16:04:43 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame C574 0
478 B 7538ms
16ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:47 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 4BAF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

19ms
17ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1324c56fee066abdaba4ea55cccfefe7b0d1e33f5997a0e7b8fe8b0997262b3b

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=5186; CMID=YLO3mQSM0HaISZDWP4n8ywAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|230|45|241|4|47|81|111
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1724
Expires: Sun, 30 May 2021 16:04:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 30 May 2021 16:04:41 GMT
Connection: keep-alive
Set-Cookie: CMID=YLO3mQSM0HaISZDWP4n8ywAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 30 May 2022 16:04:41 GMT CMPS=5186;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 Aug 2021 16:04:41 GMT CMPRO=1208;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 Aug 2021 16:04:41 GMT CMST=YLO3mWCzt5kA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 31 May 2021 16:04:41 GMT CMRUM3=2760b3b7990b40&5160b3b79905a0&2d60b3b79905a0&f160b3b79905a0&2f60b3b79905a0&6f60b3b79905a0&e660b3b7992760&0460b3b79905a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 30 May 2022 16:04:41 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sun, 30 May 2021 16:04:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 30 May 2021 16:04:41 GMT
Connection: keep-alive
Set-Cookie: CMID=YLO3mQSM0HaISZDWP4n8ywAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 30 May 2022 16:04:41 GMT CMPS=5186;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 Aug 2021 16:04:41 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 799B 8 KB
3 KB 2563ms
16ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Wed, 21 Oct 2020 18:57:29 GMT
etag: "1300708-1f78-5b232eb4914bb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2654
content-type: text/html; charset=UTF-8
cache-control: max-age=23393
expires: Sun, 30 May 2021 22:34:35 GMT
date: Sun, 30 May 2021 16:04:42 GMT
vary: Accept-Encoding

GET /
ssc-cms.33across.com/ps/ Frame 3C4F 0
0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 467F 2 KB
818 B 15385ms
13ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame BA15 43 B
555 B 7480ms
15ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Sun, 30 May 2021 16:04:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s57129|YLO3o; path=/; domain=.go.sonobi.com

GET
H2

200

setuid
sync.quantumdex.io/ Frame DD3C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3081307013577367410

43 B
360 B

127ms
127ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3081307013577367410
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=11v%2FITaK2jwsyNqAQr8sd%2BUNy4MAIPUwAtc%2FPfOeNsT7mWQi7r7%2Fsa2v%2BzP4vKBSq9%2Bk9qwyNIp2go1OtcS1RvMdpVvXSFRG2ejvP%2F5B4D2OrsDRH%2F5fIBdLfWtuk9TMK2XXFicqMgERrmE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657933262aad0631-FRA
content-length: 43
cf-request-id: 0a5f9e4bd90000063164112000000001

Redirect headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:42 GMT
X-Proxy-Origin: 37.120.217.220; 37.120.217.220; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.85:80
AN-X-Request-Uuid: 0aa14800-fcbc-4a34-a36b-55f38ce22491
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3081307013577367410
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame DD3C
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=89c82d5f-c7b3-47f2-802c-05a3fd3c85a5

43 B
351 B

128ms
128ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=89c82d5f-c7b3-47f2-802c-05a3fd3c85a5
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:40 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HTOVIakiZ2tcPjEwFytKWfJJaliZoPhsyUu%2BcnFJnsT5kHBIjW5BUAKrzxuysyOJehsECjvagoJ82w8DZjhXX%2FTgQfbz9GAHuyEZLe9NTEFOiUWdg4pWKeLnHVQoFZyCcST0p4M02hk6lqM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657933167c370631-FRA
content-length: 43
cf-request-id: 0a5f9e420c00000631be0ea000000001

Redirect headers

date: Sun, 30 May 2021 16:04:40 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ocouqbNAdAQF4k0MfdOZ2p5FmXceJ%2FHTxyQQ6sOk6BJqLsR30r2FRFxWqrMmVqJwjFuNFARgF52NdkB%2BmywSoe0gg8BB0KA%2F85ePEifXEiLvUKECQupLFwD48Aaxm9X1oucut3921jeh"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=89c82d5f-c7b3-47f2-802c-05a3fd3c85a5
cf-ray: 65793315ba8b0631-FRA
content-length: 0
cf-request-id: 0a5f9e418f00000631878fb000000001

GET
H2

200

setuid
sync.quantumdex.io/ Frame DD3C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-rflPZnZE2uFFwSHUKIiCMmQ9HRnvtAp3U09zhxA-~A

43 B
347 B

134ms
130ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-rflPZnZE2uFFwSHUKIiCMmQ9HRnvtAp3U09zhxA-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tHYeZG0%2BztSaVyRCACxOyPqrk2iNfWozoFMNBMA%2BcCdAUIVwayjvby7xJTQFkQVG3qXu%2F83165XLLcHISaetQdIY4VN%2FToioE43DBfJ8U6Ww46NcjYYd3V91gb%2F1X7e%2BmXiF2EjUDvsxkI4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65793325ea1e0631-FRA
content-length: 43
cf-request-id: 0a5f9e4bb500000631a2b4f000000001

Redirect headers

Date: Sun, 30 May 2021 16:04:42 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-rflPZnZE2uFFwSHUKIiCMmQ9HRnvtAp3U09zhxA-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame DD3C
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=abfeaacf2453d1a084bd238e

43 B
338 B

245ms
245ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=abfeaacf2453d1a084bd238e
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Yollgeu5l4lGRWUMQhrsPnRqfXkvajfTLC%2B7hmo3wZKE9YZmBCh1oBX1BvZj3aTAAhL1llKD5r3Almr5dE1VULcTAckr0Q85jAmPZOkGf3VtLN16PIQ5mfA2zTtCUAre2k5T2z8SoNCnUQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657933267b6b0631-FRA
content-length: 43
cf-request-id: 0a5f9e4c0900000631b02db000000001

Redirect headers

Date: Sun, 30 May 2021 16:04:42 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=abfeaacf2453d1a084bd238e
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame DD3C
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-15e54628-3f67-441d-95e6-ce1aee3a39a9

43 B
339 B

157ms
157ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-15e54628-3f67-441d-95e6-ce1aee3a39a9
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZJHA00ydv3ocCbh%2FXgr6BJ%2BXajNiHPTtDI8VDjb2che8WAGsp3MUc1WGIcmhFVaCsJujbXP8Jv6ZcAhrqvrnOVJ4ihfY9UeGME%2FgSXe8zIMFbW2uaehy5e9bLwMmbtqOxY2iz4MScOcS7sA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657933273d580631-FRA
content-length: 43
cf-request-id: 0a5f9e4c8100000631602ee000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-15e54628-3f67-441d-95e6-ce1aee3a39a9
date: Sun, 30 May 2021 16:04:42 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame DD3C
Redirect Chain

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Damx-rtb%26uid%3D
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3Db1106248-d3c2-4c74-b40b-4f05b34d04b6%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%253FA%253Db1106248-d3c2-4c74-b40b-4f05b34d04b6%2526bidder%253Dappnexus%2526cbx%253DaHR0cHM6Ly9zeW5jLnF1Y...
https://prebid.a-mo.net/cchain/0?A=b1106248-d3c2-4c74-b40b-4f05b34d04b6&bidder=appnexus&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=146146024204649675
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3Db1106248-d3c2-4c74-b40b-4f05b34d04b6%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlc...
https://prebid.a-mo.net/cchain/1?A=b1106248-d3c2-4c74-b40b-4f05b34d04b6&bidder=sovrn&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0=&uid=abfeaacf2453d1a084bd238e
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3Db1106248-d3c2-4c74-b40b-4f05b34d04b6%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW...
https://prebid.a-mo.net/cchain/2?A=b1106248-d3c2-4c74-b40b-4f05b34d04b6&bidder=index_rtb&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=YLO3mQSM0HaISZDWP4n8ywAA%...
https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3Db1106248-d3c2-4c74-b40b-4f05b34d04b6%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZ...
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3Db1106248-d3c2-4c74-b40b-4f05b34d04b6%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW5...
https://prebid.a-mo.net/cchain/3?A=b1106248-d3c2-4c74-b40b-4f05b34d04b6&bidder=pubmatic&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=
https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=b1106248-d3c2-4c74-b40b-4f05b34d04b6

43 B
477 B

132ms
131ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=b1106248-d3c2-4c74-b40b-4f05b34d04b6
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:44 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FxiqsKxHBUhz2eXmtsz1jYYae4kOo1hSLf41yMmaha7kK73Dec2M5S0L9Irnm%2F5x8m4CP776TfvL0Nwaa1XfiTJULOFTaKsZQ%2F1oRZG9t02r1voxU8su4tErn6oOmfytqr9l%2FwHtJ85Gguw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6579333029c30631-FRA
content-length: 43
cf-request-id: 0a5f9e52180000063160372000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=b1106248-d3c2-4c74-b40b-4f05b34d04b6
date: Sun, 30 May 2021 16:04:43 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame DD3C 0
478 B 7539ms
28ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:47 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame DD3C
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=a87d6c2b-2e00-5296-a3d3-5852c360efc8

43 B
342 B

127ms
127ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=a87d6c2b-2e00-5296-a3d3-5852c360efc8
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=daQyyS5OTDGfdcpS8ZGDhlrg08rq9dy%2FMB0vG9Z0ZCK35SAoTBHs9Zg9N7TwXfWt0uyg%2BotUK%2F1u0HkOoe3l1ekNXbZWV7JUj0Le2wz4nk2TGcFSUylUCr8jsWVsN2XsoLA7wSrHVPQV8aM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65793325fa480631-FRA
content-length: 43
cf-request-id: 0a5f9e4bbe00000631879fd000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=a87d6c2b-2e00-5296-a3d3-5852c360efc8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame DD3C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=3081307013577367410

43 B
340 B

136ms
136ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=3081307013577367410
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QoWMeOeaWu0QcyuvhsUWMsn21iHpN%2FZQ%2BzazvWIxmoQBf3XHe5bb7h8MC9UyjYluefGlC1U7EpsrZrq7B3tKitvSlTejuaiyUdwYRna0yHH4LHeih2b0hkKXMQyQ1xNS9humuZvRWmmP%2FP4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657933262aab0631-FRA
content-length: 43
cf-request-id: 0a5f9e4bd900000631a1862000000001

Redirect headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:42 GMT
X-Proxy-Origin: 37.120.217.220; 37.120.217.220; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.141:80
AN-X-Request-Uuid: b63ffe47-36ee-473b-aa53-a28066e5a1b1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=3081307013577367410
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame DD3C
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPbea94f55-c160-11eb-87da-021d85f833f4
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPbea94f55-c160-11eb-87da-021d85f833f4

43 B
357 B

139ms
133ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPbea94f55-c160-11eb-87da-021d85f833f4
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uU%2Blv58QG3OUUWouAyX0nTCIEVMgDBNv5aQeAcgo4RiW3kEVW3K8KqQLyXA%2B9nNIfkwiI2xtnUTObA6z57dh9wbr5IS%2Fj3R5bN%2B2jo9ITPps%2B8SJikGTnVV4hbmxxVPxOJVpCgH3DDKMbqY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65793325fa330631-FRA
content-length: 43
cf-request-id: 0a5f9e4bba000006317597c000000001

Redirect headers

Date: Sun, 30 May 2021 16:04:42 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPbea94f55-c160-11eb-87da-021d85f833f4
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame DD3C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3081307013577367410

43 B
338 B

142ms
142ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3081307013577367410
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=U1SvR5V0iyAnKLedqXkOvM4SSOh1VQdTiPXMDhqiCiR0Rk9uCe8W8lhHMgrVDEK6r6kx6b4InAIYHlqBqpYyQvW2zxeZirskHKoA67uaoYiZN1TxoQfZK6g2EBPRBNtbnVKrXqtphmHDVfA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657933264aea0631-FRA
content-length: 43
cf-request-id: 0a5f9e4bed00000631a2b57000000001

Redirect headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:42 GMT
X-Proxy-Origin: 37.120.217.220; 37.120.217.220; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.81:80
AN-X-Request-Uuid: dc2f7f83-1937-45af-8e45-ebbb46ea0ab9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3081307013577367410
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame D9EE
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

95ms
76ms

Document
text/html

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1819a7ce08a9864019a661b170849532628c946924d17675fde17cfe4cd10dc1

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=5186; CMID=YLO3mccQZpk07l2.JKif1wAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|241|39|230|130|5|4|111
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1596
Expires: Sun, 30 May 2021 16:04:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 30 May 2021 16:04:41 GMT
Connection: keep-alive
Set-Cookie: CMID=YLO3mccQZpk07l2.JKif1wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 30 May 2022 16:04:41 GMT CMPS=5186;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 Aug 2021 16:04:41 GMT CMPRO=1135;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 Aug 2021 16:04:41 GMT CMST=YLO3mWCzt5kA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 31 May 2021 16:04:41 GMT CMRUM3=0460b3b79905a0&e660b3b7992760&6f60b3b79905a0&0560b3b79905a0&f160b3b79905a0&8260b3b799a8c0&2d60b3b79905a0&2760b3b7990b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 30 May 2022 16:04:41 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sun, 30 May 2021 16:04:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 30 May 2021 16:04:41 GMT
Connection: keep-alive
Set-Cookie: CMID=YLO3mccQZpk07l2.JKif1wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 30 May 2022 16:04:41 GMT CMPS=5186;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 Aug 2021 16:04:41 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 713D 2 KB
818 B 15373ms
14ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame 77E2 43 B
555 B 7490ms
18ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Sun, 30 May 2021 16:04:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s57129|YLO3o; path=/; domain=.go.sonobi.com

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 71CE 8 KB
3 KB 2541ms
17ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Wed, 21 Oct 2020 18:57:29 GMT
etag: "1300708-1f78-5b232eb4914bb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2654
content-type: text/html; charset=UTF-8
cache-control: max-age=23393
expires: Sun, 30 May 2021 22:34:35 GMT
date: Sun, 30 May 2021 16:04:42 GMT
vary: Accept-Encoding

GET /
ssc-cms.33across.com/ps/ Frame BAB7 0
0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame FF83
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLO3mQSM0HaISZDWP4n8xwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBCyi76roA5E9HMvRJVr-vc&google_cver=1&gdpr=1

43 B
999 B

86ms
60ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBCyi76roA5E9HMvRJVr-vc&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 30 May 2021 16:04:41 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 16:04:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBCyi76roA5E9HMvRJVr-vc&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame FF83
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLO3mQSM0HaISZDWP4n8xwAABMQAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLO3mQSM0HaISZDWP4n8xwAABMQAAAAB&dcc=t

43 B
433 B

308ms
102ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLO3mQSM0HaISZDWP4n8xwAABMQAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:43 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:42 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLO3mQSM0HaISZDWP4n8xwAABMQAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame FF83 70 B
264 B 17784ms
34ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YLO3mQSM0HaISZDWP4n8xwAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 16:04:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame FF83
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLO3mQSM0HaISZDWP4n8xwAABMQAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YLO3mQSM0HaISZDWP4n8xwAABMQAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOs9wLkuytKfwkqWsE0hxTs&google_cver=1

43 B
315 B

14ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOs9wLkuytKfwkqWsE0hxTs&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sun, 30 May 2021 16:04:41 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 16:04:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOs9wLkuytKfwkqWsE0hxTs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame FF83
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6756770991874762631&uid=Q6756770991874762631&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

7ms
7ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 16:04:59 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Sun, 30 May 2021 16:04:59 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame FF83
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871316020458577150
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871316020458577150&C=1

43 B
1006 B

17ms
17ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871316020458577150&C=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:59 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 30 May 2021 16:04:59 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871316020458577150&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 283
Expires: Sun, 30 May 2021 16:04:59 GMT

GET
H2 200 YLO3mQSM0HaISZDWP4n8xwAABMQAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FF83 43 B
834 B 109ms
32ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YLO3mQSM0HaISZDWP4n8xwAABMQAAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:41 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame FF83 43 B
723 B 7107ms
26ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=YLO3mQSM0HaISZDWP4n8xwAA%261220&gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:48 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1622390688494068-96
Expires: Sun, 30 May 2021 16:04:48 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame FF83 43 B
348 B 150ms
149ms Image
image/gif 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YLO3mQSM0HaISZDWP4n8xwAABMQAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:41 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xdlS33zFdlt30niJPqR9EvcpQjJAegdzUm6UF%2F70xaXqotVXR9M21keAvNlw%2FxedTXFfLdn8Og4v%2FqHjo3WXPUTvMO4EapAy3%2FGxU80qTO0N8T3ao78tXDPHTP0HhqIO%2BsiuCZ%2Fp%2Be9QWJI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6579331fcb460631-FRA
content-length: 43
cf-request-id: 0a5f9e47d900000631beac2000000001

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 4BAF 70 B
265 B 17767ms
34ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YLO3mQSM0HaISZDWP4n8ywAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 16:04:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 4BAF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLO3mQSM0HaISZDWP4n8ywAABLgAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YLO3mQSM0HaISZDWP4n8ywAABLgAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECvspAS9GxW8e8AqjMKFwcw&google_cver=1

43 B
315 B

13ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECvspAS9GxW8e8AqjMKFwcw&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sun, 30 May 2021 16:04:41 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 16:04:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECvspAS9GxW8e8AqjMKFwcw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 4BAF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLO3mQSM0HaISZDWP4n8ywAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBCyi76roA5E9HMvRJVr-vc&google_cver=1&gdpr=1

43 B
1 KB

77ms
16ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBCyi76roA5E9HMvRJVr-vc&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 30 May 2021 16:04:41 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 16:04:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBCyi76roA5E9HMvRJVr-vc&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 4BAF
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLO3mQSM0HaISZDWP4n8ywAABLgAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLO3mQSM0HaISZDWP4n8ywAABLgAAAIB&dcc=t

43 B
433 B

301ms
101ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLO3mQSM0HaISZDWP4n8ywAABLgAAAIB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:43 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:42 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLO3mQSM0HaISZDWP4n8ywAABLgAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4BAF
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7634866130787413332

43 B
991 B

31ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7634866130787413332
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 30 May 2021 16:04:41 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7634866130787413332
pragma: no-cache
date: Sun, 30 May 2021 16:04:41 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 4BAF
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0I7t8ZWA1LNnVK5&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0I7t8ZWA1LNnVK5&gdpr=1&C=1

43 B
1002 B

15ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0I7t8ZWA1LNnVK5&gdpr=1&C=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 30 May 2021 16:04:48 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:48 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0I7t8ZWA1LNnVK5&gdpr=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 290
Expires: Sun, 30 May 2021 16:04:48 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4BAF
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=QzCHDhc33ARYOIAMEzbIXxdj3Q1YOdwMTDHOSkFk

43 B
1012 B

54ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=QzCHDhc33ARYOIAMEzbIXxdj3Q1YOdwMTDHOSkFk
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 30 May 2021 16:04:41 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 16:04:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=QzCHDhc33ARYOIAMEzbIXxdj3Q1YOdwMTDHOSkFk
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame 4BAF 0
331 B 1314ms
20ms Image
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 16:04:42 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 setuid
sync.quantumdex.io/ Frame 4BAF 43 B
369 B 127ms
126ms Image
image/gif 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YLO3mQSM0HaISZDWP4n8ywAABLgAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:41 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=61e47YpuE9qKZpRMMMDu4VkwQTJ5ETfBQSKiKMLq8vJERHzz%2BN56G2INPzBeY5%2FPbV2OXICo9yVF1f%2BGUqqAS52LcEqjh9XJPDDq5dgUn70JvVuEznDYKLYKlsnSOuvjHkzuQAvtdy%2FA9Os%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6579331fdb850631-FRA
content-length: 43
cf-request-id: 0a5f9e47e9000006314008a000000001

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D9EE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLO3mccQZpk07l2.JKif1wAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBCyi76roA5E9HMvRJVr-vc&google_cver=1&gdpr=1&google_hm=2

43 B
1 KB

16ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBCyi76roA5E9HMvRJVr-vc&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 30 May 2021 16:04:41 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 16:04:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBCyi76roA5E9HMvRJVr-vc&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame D9EE
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLO3mccQZpk07l2-JKif1wAABG8AAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLO3mccQZpk07l2-JKif1wAABG8AAAAB&dcc=t

43 B
433 B

204ms
101ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLO3mccQZpk07l2-JKif1wAABG8AAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:43 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:43 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLO3mccQZpk07l2-JKif1wAABG8AAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame D9EE 70 B
264 B 17710ms
35ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YLO3mccQZpk07l2.JKif1wAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 16:04:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame D9EE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLO3mccQZpk07l2-JKif1wAABG8AAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAiQJg7uwYJdGrW05XeKeyc&google_cver=1

43 B
315 B

14ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAiQJg7uwYJdGrW05XeKeyc&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sun, 30 May 2021 16:04:41 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 16:04:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAiQJg7uwYJdGrW05XeKeyc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame D9EE 43 B
430 B 2401ms
28ms Image
image/gif 52.210.44.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.44.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 30 May 2021 16:04:44 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ix
ad4m.at/ad/sim/ Frame D9EE 0
0 32ms
30ms Image
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D9EE
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7634866130787413332

43 B
1 KB

81ms
23ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7634866130787413332
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 16:04:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 30 May 2021 16:04:41 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7634866130787413332
pragma: no-cache
date: Sun, 30 May 2021 16:04:41 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame D9EE 0
330 B 1255ms
20ms Image
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 16:04:42 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 setuid
sync.quantumdex.io/ Frame D9EE 43 B
483 B 139ms
137ms Image
image/gif 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YLO3mccQZpk07l2-JKif1wAABG8AAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:41 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=10QSe5GDZQeXqx9evgTqFtYs0%2BxEX6d10BH45pf7ImKVA4QtxZcj0TBwaTLZN159ugHx4q%2FXKUgf%2FBONSXMghn4ESlBgOHirSNV%2Bg64Qq7jugy%2BD5VJQrAlTQCif%2FocYsJUV6TkfndthsO0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657933203c660631-FRA
content-length: 43
cf-request-id: 0a5f9e482500000631a821e000000001

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 0E9E 38 KB
14 KB 11ms
7ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=51444
expires: Mon, 31 May 2021 06:22:06 GMT
date: Sun, 30 May 2021 16:04:42 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame DC50 38 KB
14 KB 16ms
14ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=51444
expires: Mon, 31 May 2021 06:22:06 GMT
date: Sun, 30 May 2021 16:04:42 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 5B60 38 KB
14 KB 15ms
13ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=51444
expires: Mon, 31 May 2021 06:22:06 GMT
date: Sun, 30 May 2021 16:04:42 GMT
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 0E9E 0
39 B 19ms
12ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=89509779&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:04:42 GMT
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: malinesmanses.com
URL: https://malinesmanses.com/tVQloilBkpdkqvg/11514

Domain: propellerads.com
URL: https://propellerads.com/wp-content/plugins/radiantthemes-addons/tabs/js/radiantthemes-tab-element-four.js?_=1622390673827

Domain: www.bebi.com
URL: https://www.bebi.com/js/plugins.js?_=1622390673827

Domain: propellerads.com
URL: https://propellerads.com/wp-content/plugins/radiantthemes-addons/tabs/js/radiantthemes-tab-element-four.js?_=1622390673943

Domain: www.bebi.com
URL: https://www.bebi.com/js/plugins.js?_=1622390673943

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/a/c

Domain: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/hb/1/2c995/1/kimcartoon.li/ROS?rnd=0.08106733393888454&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FSouth-Park-Season-24%2FSpecial-The-Pandemic-Special%3Fid%3D98868%26s%3Dfe&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FSouth-Park-Season-24%2FSpecial-The-Pandemic-Special%3Fid%3D98868%26s%3Dfe&gdpr=1&gdprcs=

Domain: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/hb/1/2c995/1/kimcartoon.li/ROS?rnd=0.08106733393888454&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FSouth-Park-Season-24%2FSpecial-The-Pandemic-Special%3Fid%3D98868%26s%3Dfe&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FSouth-Park-Season-24%2FSpecial-The-Pandemic-Special%3Fid%3D98868%26s%3Dfe&gdpr=1&gdprcs=

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/a/c

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/a/c

Domain: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/hb/1/2c995/1/kimcartoon.li/ROS?rnd=0.08106733393888454&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FSouth-Park-Season-24%2FSpecial-The-Pandemic-Special%3Fid%3D98868%26s%3Dfe&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FSouth-Park-Season-24%2FSpecial-The-Pandemic-Special%3Fid%3D98868%26s%3Dfe&gdpr=1&gdprcs=

Domain: cdn.viaplays.com
URL: https://cdn.viaplays.com/video/blank.mp4

Domain: ssc-cms.33across.com
URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X

Domain: ssc-cms.33across.com
URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X

Domain: ssc-cms.33across.com
URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X

Verdicts & Comments Add Verdict or Comment

188 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js(Line 439) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://tag.vlitag.com/v1/1622364808/064b31ebe1436b09c01ac0d0c8ea96d0.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://tag.vlitag.com/v1/1622364808/064b31ebe1436b09c01ac0d0c8ea96d0.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://cdn.viaplays.com/static/PLAYER-200128-pack.js(Line 632) Message: vast type = preroll
console-api	log	URL: https://cdn.viaplays.com/static/PLAYER-200128-pack.js(Line 632) Message: vast type = preroll
console-api	log	URL: https://video.your-notice.com/html_102158.js(Line 76) Message: +++++ None

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1x1.a-mo.net
ad.turn.com
ad4m.at
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
ap.lijit.com
assets.vlitag.com
awaitcola.com
c.sharethis.mgr.consensu.org
c1.adform.net
cdn.jsdelivr.net
cdn.viaplays.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
count-server.sharethis.com
ddmax20.xyz
dsum-sec.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
js.genieessp.com
kimcartoon.li
kimcartoon.to
l.sharethis.com
logs.vlitag.com
malinesmanses.com
match.adsrvr.org
match.prod.bidr.io
mc.yandex.com
mc.yandex.ru
media.vlitag.com
ms.quantumdex.io
nep.advangelists.com
onetag-sys.com
p.rfihub.com
pailridarm.com
pixel.advertising.com
pixel.quantserve.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
propellerads.com
pubmatic.com
px.owneriq.net
r2---sn-4g5ednz7.googlevideo.com
redirector.googlevideo.com
s.amazon-adsystem.com
securepubads.g.doubleclick.net
services.vlitag.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stats.vlitag.com
sync.go.sonobi.com
sync.quantumdex.io
syndication.twitter.com
tag.vlitag.com
thumb.fvs.io
toeschistache.com
ups.analytics.yahoo.com
useast.quantumdex.io
video.your-notice.com
vids.viaplays.com
ws.sharethis.com
www.bebi.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.luxubu.review
ads.us.e-planning.net
cdn.viaplays.com
malinesmanses.com
prebid.a-mo.net
propellerads.com
ssc-cms.33across.com
www.bebi.com
104.108.145.8
104.111.242.53
104.244.42.8
136.144.59.88
142.250.181.226
142.250.186.66
142.91.9.135
172.255.6.159
173.237.61.68
176.31.68.243
178.162.133.149
18.198.109.212
18.214.201.148
185.184.8.65
185.33.220.244
185.64.189.110
185.64.189.115
188.42.196.115
192.243.59.13
193.0.160.128
2.18.233.180
2.18.234.21
2.18.234.233
2001:4de0:ac18::1:a:2b
2001:678:cb4:bbbb::11
222.230.178.129
2600:9000:2182:3600:3:c04e:c780:93a1
2600:9000:2182:9c00:c:a9b7:ddc0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:5ac
2606:4700:20::681a:34e
2606:4700:20::681a:ad1
2606:4700:20::681a:ba7
2606:4700:20::ac43:4597
2606:4700:3034::ac43:90f5
2606:4700:3035::ac43:ceb1
2606:4700:3036::ac43:9a24
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:110:c305::8000
2a00:1450:4001:3d::7
2a00:1450:4001:801::200e
2a00:1450:4001:810::2008
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:831::200e
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::621
3.126.56.137
3.223.238.47
3.66.135.160
35.153.9.102
35.156.153.71
37.157.2.234
51.38.120.206
52.2.89.95
52.210.44.111
54.239.17.112
72.251.249.14
76.223.111.131
07b968f6566378b91936898db46bf0c5024513658194a8f66aa4847fd9840b3d
08f5b58354a67dc216d2562a0ca969d2f7bb6ca29ad599828af9abe3b1461319
0b7b0a2762ce7182456b16464e33f025e9a24a4274b1df5d5a06694fd2baefa9
0f91afb2ddf53f0744c1a5a8c94773cee45e7f2197b81806c26aa420950f1ce1
101952754cb8c2ae6e1b8b8cba16dc2a9b47e6e808bd563a8b87d0561daf7d85
1324c56fee066abdaba4ea55cccfefe7b0d1e33f5997a0e7b8fe8b0997262b3b
14f5b9c2901a58cb9e77ccd997a844b32824e54b2e6626990e0e0ae5b962ae2b
1819a7ce08a9864019a661b170849532628c946924d17675fde17cfe4cd10dc1
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1bc0a5b35eabe7e056ae4f57e798c92415310942a93deb703f6e985cea44792f
1cd02bdd539cb152085e4e1583428bcb06c8128a9ec912195f8a42ed8179804f
200a204d4a5955c603138e1a17cb798622e68c1c1f61fb6c338e9155e7767012
22f180938e896b3f624115f4f7224ba5cd0eea436c4d9cf9562cd85f8fb5ff61
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
251ecaabb3c95e3957824856e78eed715c6604a857b8aafd13a6620bce2ed61e
2aad1dea74398906714d858498fcf050795f15a08fac55ce829a107393b5cfa6
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65
2f23c2708ab81c10c927c1ee0b56680868e9255f626e1bf9faf71e537530054f
30962f8be4baf6ea8ed594cb322a0330232842515b817e1ca95fed6fc769cc48
3147f8a14b0c4402290dc9371bfff77f6de623094fb85de0f6e61ad9f610d90c
3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38716191b8a952582a11b8259f75a89138b5cf96ddc9941d842c04cc5fa05c8b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
493be982a44d563fae813236a9744cbd79762b517d3ed0a187df760c00218f7e
4e2b38b4f0180fd5671604c482ae7b38eaa7d3b008099314bd261206045b0413
516630dc137782b6ea784ed6891b487b8a2fff9be9ed921977008453039cc1fe
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58694600a9bb19ab424e8752ab649f1365563963d2541becd627f15045a107aa
592a848da6f427ea5d9169179bd309484f531d3c23c5aaf858afa22fc28d40c8
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
651b09e8d03af4d9caa17f510e94715203722e1cbe6919f685722a237212d2d9
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68c41e02ad85cf80b5c4174f1682519daf05880621ebf3c9bf3b58116f5c3ad8
6aa7181afe0bea9dc4e90e1d040c0b27be388088f6a5ec3d195c60229fe3c9b5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e0a40220ab47a90b87c8ad1edd122da87414fd9a760a3e5c5e9c0b3f5f79eb3
6fc782d5123fb35c8cdf3db0d1f9710f4af2c8e7cb00241126a610dc38ffb167
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
772db8646a4510dc82ea60e5aa17c153354e28526e77cd4aed0ac1c41b2cdd26
784ceb3ec35b65d61a409f124ee0fdc0bb46c7e7668ceef9340c44d065ddd8d9
801fee1d0722daa559428642286585b12ebec3ca6bd1d8e56bbe7fa5f76f9286
82b69e0603b854e68cb0fcc54daab9a07a2c1c6bbc1c2303942285be8cef1ec9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
852b8e4b98f80848776b0914e5c122da54824a69619975e8a136e138b64d0471
872ef2eb7e062c1cea3fb5e7a4c1e5553818d68fc2d0b476c3af20baae42df89
892446b6fc7ec9f18e9adb42e84bd178d3bfa714adcddda3112e9016e6a422ea
8beb64042187cc51fd691d55ff0221b6e9abf5ac8abe9dd494797d694f8b49b5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92e3577523bda5413fa3d9b324eef4248416f70f95cfac5090ede23969ed9f05
92fe1fc91bceb663e6f08b4ea426bffc5a7ce511a62f587f3569c25853be7795
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
9b6c131e8583746c21be515c3dea1f7094de98c7eb4d88b4c13a02191ce5d23c
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a06db8dd7c05e79c587945cb8e38c2506a83c2e34177083d15a7d21a529e3744
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a77934c9ba958163b297b2adf4eeab588ef21268f594e45bcee29905c632b269
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aeae37bae2130513ef8b5ea4fde8fd776b32ff8969b848b59399a63d9455e29a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
ba233b29c19c0e9fc90d01b572c05cbc0844ba9595eca12d66f704ffbfa13424
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
be3b48dbe04f652fba8973decb94e84bf9e06fd3b0d0beddfe8859d11ccd7576
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c6d530197393988cfa840fdfe6f2cad81353a523398e861c0521b52f03b1b43b
c73e1d1365aca4ebfc26951028e3b0ab9e8016100122bb3ad8a65868744b3107
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
cc4cad9cefc9264c71ed0990cd216b68bab8c2c85a98ef697749d18728e98ae6
cc85e6a9de48edb7a89512d5e12e96999e868cc4f0b103cf80696246ce8fd26b
cda5547fadbd0ab60184c79e8bd1cc1f8afeaf8fe2cc5d2b7e3b91e24ab92c49
d430e424beaf45f77abdd3a6cbee70b1f357cf7d6fa3fd591a007ee3034e6832
d660eab52c2636d2de2a42173f071af45892b035a5fe65a0b4691b84d8a55495
d69924c1dbf66553d4d9a8d48cbd48b91f62f34adaf0e2857dfde88d722ac0fd
dbeb241324f4c3e889518c86ec74c1f6f634fff0c6f23f8c5af28273b8f31112
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88
e06992bdb46900cb02707614a1212d0907440636dd222d4b8181907a6077e680
e11e5b545c945273300b9eea5835e2735eb06781ee9e879f90dd8ed9522052c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42582932ce2b5612f561c64d584f93088222933106217d0dc4a5ddba4235d28
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
ed8fd5966c1d769a76d49fe6929becc99ca387a013c2bbed13165f9e5bfb315c
f3bc548fe0ec38e954e193e2048fcd89948a61e9b321e69476b807cfb530215b
f65066f6db9765ba6900cae0fc7e207ef9e96505d009430cd2d96a8324eba80c
fe302b4183e2cc9e3656a025c76373e0c317cc715de84c4daca0a0bc9ffddeb9
fe5ca67f21eefeca7cd2a4bea7b1b6fe068c4e31d175ef58a370144e3f5fcb07
ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce

kimcartoon.li Open in urlscan Pro 2606:4700:20::681a:ba7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

199 Requests

92 %HTTPS

41 %IPv6

56 Domains

76 Subdomains

47 IPs

10 Countries

1721 kBTransfer

5221 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

199 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

kimcartoon.li Open in urlscan Pro
2606:4700:20::681a:ba7 Public Scan

Screenshot
Live screenshot

Full Image

199
Requests

92 %
HTTPS

41 %
IPv6

56
Domains

76
Subdomains

47
IPs

10
Countries

1721 kB
Transfer

5221 kB
Size

0
Cookies

199 HTTP transactions
2 data transactions