urlscan.io logo urlscan.io
SecurityTrails logo

himado.com Open in urlscan Pro
2606:4700:3033::ac43:9405  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://oandaae.com/
Effective URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Submission: On August 16 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 32 IPs in 4 countries across 27 domains to perform 173 HTTP transactions. The main IP is 2606:4700:3033::ac43:9405, located in United States and belongs to CLOUDFLARENET, US. The main domain is himado.com. The Cisco Umbrella rank of the primary domain is 407006.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 6th 2022. Valid for: a year.
This is the only time himado.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 107.161.23.204 3842 (RAMNODE)
1 1 170.106.49.122 132203 (TENCENT-N...)
71 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 220.185.164.250 136190 (CHINATELE...)
7 2607:f8b0:400... 15169 (GOOGLE)
7 142.250.65.194 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 103.235.46.191 55967 (BAIDU Bei...)
3 2001:4860:480... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
6 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
14 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 4 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2408:873c:7a0... 4837 (CHINA169-...)
8 23.52.163.93 16625 (AKAMAI-AS)
1 104.117.182.8 20940 (AKAMAI-ASN1)
3 23.197.40.22 16625 (AKAMAI-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
2 7 142.251.40.98 15169 (GOOGLE)
1 59.82.33.227 37963 (ALIBABA-C...)
7 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 104.117.182.59 20940 (AKAMAI-ASN1)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2620:116:800b... 27281 (QUANTCAST)
2 2 2606:ae80:145... 26762 (CNVR-US-EAST)
3 3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 67.202.14.177 14618 (AMAZON-AES)
1 1 68.67.160.137 29990 (ASN-APPNEX)
1 1 2600:9000:21e... 16509 (AMAZON-02)
2 2 44.209.207.157 14618 (AMAZON-AES)
2 2 68.67.160.114 29990 (ASN-APPNEX)
1 2 51.222.239.232 16276 (OVH)
173 32
1    107.161.23.204 (United States)

ASN3842 (RAMNODE, US)
PTR: parking.namesilo.com
oandaae.com
1    170.106.49.122 (Ashburn, United States)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
www.oandaae.com
71    2606:4700:3033::ac43:9405 (United States)

ASN13335 (CLOUDFLARENET, US)
himado.com
2    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2607:f8b0:4006:816::200e (New York, United States)

ASN15169 (GOOGLE, US)
apis.google.com
2    220.185.164.250 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)
s4.cnzz.com
c.cnzz.com
7    2607:f8b0:4006:81e::2003 (New York, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
7    142.250.65.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net
securepubads.g.doubleclick.net
3    2607:f8b0:4006:822::2008 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
3    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
6    2607:f8b0:4006:816::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
www.googletagservices.com
googleads.g.doubleclick.net
2    2607:f8b0:4006:80a::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
14    2607:f8b0:4006:816::2001 (New York, United States)

ASN15169 (GOOGLE, US)
b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
tpc.googlesyndication.com
2    2607:f8b0:4004:c07::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4006:80f::2003 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.ca
4    2607:f8b0:4006:80c::2004 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4006:81f::200a (New York, United States)

ASN15169 (GOOGLE, US)
firebase.googleapis.com
1    2408:873c:7a00:2000::5 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
z3.cnzz.com
8    23.52.163.93 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-163-93.deploy.static.akamaitechnologies.com
hblg.media.net
warp.media.net
lg3.media.net
cs.media.net
1    104.117.182.8 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-8.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
3    23.197.40.22 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-40-22.deploy.static.akamaitechnologies.com
contextual.media.net
2    2607:f8b0:4006:81e::200a (New York, United States)

ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com
7    142.251.40.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net
cm.g.doubleclick.net
1    59.82.33.227 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
cnzz.mmstat.com
7    2607:f8b0:4006:80b::2002 (New York, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2607:f8b0:4006:80d::200a (New York, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    104.117.182.59 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-59.deploy.static.akamaitechnologies.com
res-a.akamaihd.net
3    2607:f8b0:4006:817::200d (New York, United States)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN27281 (QUANTCAST, US)
cms.quantserve.com
2    2606:ae80:1451:21::440 (United States)

ASN26762 (CNVR-US-EAST, US)
dclk-match.dotomi.com
3    2606:4700:20::681a:932 (United States)

ASN13335 (CLOUDFLARENET, US)
a.clickcertain.com
2    67.202.14.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-67-202-14-177.compute-1.amazonaws.com
i.liadm.com
1    68.67.160.137 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
1    2600:9000:21ea:ce00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    44.209.207.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-207-157.compute-1.amazonaws.com
cs.emxdgt.com
2    68.67.160.114 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    51.222.239.232 (Canada)

ASN16276 (OVH, FR)
PTR: ip232.ip-51-222-239.net
onetag-sys.com
Apex Domain
Subdomains		 Transfer
71 himado.com
himado.com — Cisco Umbrella Rank: 407006
2 MB
21 googlesyndication.com
b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
pagead2.googlesyndication.com — Cisco Umbrella Rank: 124
104 KB
18 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
231 KB
12 google.com
apis.google.com — Cisco Umbrella Rank: 161
adservice.google.com — Cisco Umbrella Rank: 98
analytics.google.com — Cisco Umbrella Rank: 501
www.google.com — Cisco Umbrella Rank: 10
accounts.google.com — Cisco Umbrella Rank: 117
61 KB
11 media.net
hblg.media.net — Cisco Umbrella Rank: 1513
contextual.media.net — Cisco Umbrella Rank: 526
warp.media.net — Cisco Umbrella Rank: 2188
lg3.media.net — Cisco Umbrella Rank: 3520
cs.media.net — Cisco Umbrella Rank: 1437
153 KB
7 gstatic.com
www.gstatic.com
77 KB
6 googleapis.com
firebase.googleapis.com — Cisco Umbrella Rank: 7019
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 641
fonts.googleapis.com — Cisco Umbrella Rank: 67
3 KB
4 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1794
res-a.akamaihd.net — Cisco Umbrella Rank: 6524
113 KB
4 google.ca
adservice.google.ca — Cisco Umbrella Rank: 12886
www.google.ca — Cisco Umbrella Rank: 8100
1 KB
3 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 462
ib.adnxs.com — Cisco Umbrella Rank: 238
3 KB
3 clickcertain.com
a.clickcertain.com — Cisco Umbrella Rank: 3904
2 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3235
onesignal.com — Cisco Umbrella Rank: 1193
73 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
165 KB
3 cnzz.com
s4.cnzz.com — Cisco Umbrella Rank: 65387
z3.cnzz.com — Cisco Umbrella Rank: 184216
c.cnzz.com — Cisco Umbrella Rank: 59638
5 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 792
490 B
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 931
648 B
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 576
2 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3213
888 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
87 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 7840
13 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 423
9 KB
2 oandaae.com
oandaae.com
www.oandaae.com
458 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 704
675 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1083
463 B
1 mmstat.com
cnzz.mmstat.com — Cisco Umbrella Rank: 79197
463 B
0 netmng.com Failed
google2waycm.netmng.com Failed
173 27
Domain Requested by
71 himado.com himado.com
11 tpc.googlesyndication.com b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 pagead2.googlesyndication.com securepubads.g.doubleclick.net
b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
tpc.googlesyndication.com
himado.com
www.googletagservices.com
7 cm.g.doubleclick.net 2 redirects b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
7 securepubads.g.doubleclick.net himado.com
securepubads.g.doubleclick.net
7 www.gstatic.com himado.com
b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
accounts.google.com
4 www.google.com 1 redirects b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
tpc.googlesyndication.com
3 a.clickcertain.com 3 redirects
3 accounts.google.com apis.google.com
himado.com
www.gstatic.com
3 res-a.akamaihd.net contextual.media.net
3 lg3.media.net b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
contextual.media.net
3 contextual.media.net b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
contextual.media.net
3 hblg.media.net himado.com
b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
3 b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com himado.com
www.googletagmanager.com
2 onetag-sys.com 1 redirects b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
2 ib.adnxs.com 2 redirects
2 cs.emxdgt.com 2 redirects
2 i.liadm.com 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 googleads.g.doubleclick.net b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
2 fonts.googleapis.com b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
2 firebaseinstallations.googleapis.com www.gstatic.com
2 www.googletagservices.com b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
2 firebase.googleapis.com www.gstatic.com
2 www.google.ca
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.ca securepubads.g.doubleclick.net
2 cdn.onesignal.com www.googletagmanager.com
cdn.onesignal.com
2 hm.baidu.com himado.com
2 apis.google.com himado.com
apis.google.com
2 cdn.jsdelivr.net himado.com
1 s.ad.smaato.net 1 redirects
1 secure.adnxs.com 1 redirects
1 cms.quantserve.com b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
1 cnzz.mmstat.com
1 cs.media.net contextual.media.net
1 warp.media.net b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
1 qsearch-a.akamaihd.net himado.com
1 c.cnzz.com himado.com
1 z3.cnzz.com
1 onesignal.com cdn.onesignal.com
1 analytics.google.com www.googletagmanager.com
1 s4.cnzz.com himado.com
1 www.oandaae.com 1 redirects
1 oandaae.com 1 redirects
0 google2waycm.netmng.com Failed b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
173 49

This site contains links to these domains. Also see Links.

Domain
www.cnzz.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-06 -
2023-08-06		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-01-11 -
2023-02-12		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2022-07-05 -
2023-08-06		 a year crt.sh
*.google.ca
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.mmstat.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-07-18 -
2023-08-19		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh

This page contains 14 frames:

Primary Page: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Frame ID: 3957FE822EB1940E76706C8CE091D1E0
Requests: 110 HTTP requests in this frame

Frame: https://himado.com/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=73bc534cbdddecf2
Frame ID: 4CA14952FAC126206D7766A55F408FB8
Requests: 6 HTTP requests in this frame

Frame: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0C2FCA843F720882214DE27B6C779BCE
Requests: 1 HTTP requests in this frame

Frame: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 02E2D7134ABEBEF8B351C497EFE71ED3
Requests: 17 HTTP requests in this frame

Frame: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=134276238&size=970x90&cc=CA&chnm=smm_migration_test&pid=8POJ4N28G&tpid=TJD0857&https=1&vif=2&requrl=https%3A%2F%2Fhimado.com&nse=5&vi=1660675511579950745&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&bae=B44e4x4BBe&bcpf=8fOnRrolnfOur8B44e4x4BBe&bdrId=294&bid=325628&ntv=0&matchstring=hr%3D0%7C&kttle=SafeFrame%20Container&katpre=1&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&katbid=-21&katid=808061240&kapc=12&ekals=775EJvu99ui%7C%7CE7vu%7C%7CjY8Ovz1%7C%7C77OvW&kata=aton&ekalog=bVrvW%7C%7CPPVrvwW%204hH%20Ygqfl%20N6lN%7C%7C%3DVvfhWW%7C%7CcVvfhWW%7C%7C_TVrvF%7C%7CbVvfhWh%7C%7CqVrvu%7C%7Cc0_rvFH9%7C%7C_0_rvFAWX9h9fFFhiA99&pgid=p01343711635t202208161845&goent=1&htmlsrc=1&allsc=QC
Frame ID: 233F07428D880618A65F168F6BAC09E9
Requests: 8 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C4%2C20000%2C313%2C10000%2C9%2C319%2C294&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 65987267FF90C5FE6F7DABA2D57577DC
Requests: 2 HTTP requests in this frame

Frame: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9152824E3061651242313C0C59F3B203
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3ECB47CA2B38349E9889E2963C674790
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C477FC0891F478CC29457263192BE184
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 32453E130BD1F5429652BD4B95860418
Requests: 9 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 75E3D9E50385DAD62A7283404FB1A3D2
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4D29FE27E5B9B0A5B720B6F803E72244
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6542E6F0422D98FE3D8E459D650BA781
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
Frame ID: AA2B0C1CA16EC49BAF82D1C43F19B6CB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online Game - The best casual game center which you don't need to download any app!

Page URL History Show full URLs

  1. http://oandaae.com/ HTTP 301
    http://www.oandaae.com/ HTTP 301
    https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • <meta[^>]*google-signin-client_id
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • //[^./]+\.cnzz\.com/(?:z_stat.php|core)\?
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

173
Requests

96 %
HTTPS

60 %
IPv6

27
Domains

49
Subdomains

32
IPs

4
Countries

3155 kB
Transfer

5886 kB
Size

32
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://oandaae.com/ HTTP 301
    http://www.oandaae.com/ HTTP 301
    https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 124
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzAzNjc3MTExMTQ1NTYxNzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEJI8USgGZq1LVZJ0YKBxJjI&google_cver=1
Request Chain 157
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 160
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKf5mAGSzz93J5GQsiJAi1M&google_cver=1&google_push=AehlK4CKjr7fSFXwMFL3XNYwfWu1GuADkpHrebGFSM4yNlTVLqebTra7zDWSOFvvEMvn-vSjcEFXdcRmuNe8ou46ktRVLtCZzFc6 HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=2755723817d81223&is_secure=true&networkId=14000&version=1&google_gid=CAESEKf5mAGSzz93J5GQsiJAi1M&google_cver=1&google_push=AehlK4CKjr7fSFXwMFL3XNYwfWu1GuADkpHrebGFSM4yNlTVLqebTra7zDWSOFvvEMvn-vSjcEFXdcRmuNe8ou46ktRVLtCZzFc6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGcNaK5WHlhQNDH2DeAAAAAAA&expiration=1660761912&google_cver=1&is_secure=true&google_gid=CAESEKf5mAGSzz93J5GQsiJAi1M&google_push=AehlK4CKjr7fSFXwMFL3XNYwfWu1GuADkpHrebGFSM4yNlTVLqebTra7zDWSOFvvEMvn-vSjcEFXdcRmuNe8ou46ktRVLtCZzFc6
Request Chain 161
  • https://a.clickcertain.com/px/img/g/?google_gid=CAESEMmVT8A9aBJIcZWlFSl4xhc&google_cver=1&google_push=AehlK4Dptf_IhT1dt9v5Kds_2s5Kdt1u9FT6qHa3MQXUrVfO8M5Nu5mXOdzIZRZp4GOcHL3btFanpweIfQcpQNH-7lX7McHisLuoLg HTTP 302
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=837e5979-e226-4b91-9400-7be216f47e0f&ccid=837e5979-e226-4b91-9400-7be216f47e0f&redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526google_gid%253dCAESEMmVT8A9aBJIcZWlFSl4xhc%2526google_cver%253d1%2526google_push%253dAehlK4Dptf_IhT1dt9v5Kds_2s5Kdt1u9FT6qHa3MQXUrVfO8M5Nu5mXOdzIZRZp4GOcHL3btFanpweIfQcpQNH%252d7lX7McHisLuoLg%2526anx_uId%253d%2524UID HTTP 303
  • https://i.liadm.com/s/56408?redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526google_gid%253dCAESEMmVT8A9aBJIcZWlFSl4xhc%2526google_cver%253d1%2526google_push%253dAehlK4Dptf_IhT1dt9v5Kds_2s5Kdt1u9FT6qHa3MQXUrVfO8M5Nu5mXOdzIZRZp4GOcHL3btFanpweIfQcpQNH%252d7lX7McHisLuoLg%2526anx_uId%253d%2524UID&bidder_id=200441&bidder_uuid=837e5979-e226-4b91-9400-7be216f47e0f&_li_chk=true&ccid=837e5979-e226-4b91-9400-7be216f47e0f&previous_uuid=cb6914bd20554d1c8ea296dc6a50451d HTTP 303
  • https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fg%2f%3fdone%3dtrue%26google_gid%3dCAESEMmVT8A9aBJIcZWlFSl4xhc%26google_cver%3d1%26google_push%3dAehlK4Dptf_IhT1dt9v5Kds_2s5Kdt1u9FT6qHa3MQXUrVfO8M5Nu5mXOdzIZRZp4GOcHL3btFanpweIfQcpQNH%2d7lX7McHisLuoLg%26anx_uId%3d%24UID&ccid=837e5979-e226-4b91-9400-7be216f47e0f HTTP 302
  • https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEMmVT8A9aBJIcZWlFSl4xhc&google_cver=1&google_push=AehlK4Dptf_IhT1dt9v5Kds_2s5Kdt1u9FT6qHa3MQXUrVfO8M5Nu5mXOdzIZRZp4GOcHL3btFanpweIfQcpQNH-7lX7McHisLuoLg&anx_uId=$UID HTTP 302
  • https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEMmVT8A9aBJIcZWlFSl4xhc&google_cver=1&google_push=AehlK4Dptf_IhT1dt9v5Kds_2s5Kdt1u9FT6qHa3MQXUrVfO8M5Nu5mXOdzIZRZp4GOcHL3btFanpweIfQcpQNH-7lX7McHisLuoLg&anx_uId=6406060189460897775 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=AehlK4Dptf_IhT1dt9v5Kds_2s5Kdt1u9FT6qHa3MQXUrVfO8M5Nu5mXOdzIZRZp4GOcHL3btFanpweIfQcpQNH-7lX7McHisLuoLg&google_hm=ODM3ZTU5NzktZTIyNi00YjkxLTk0MDAtN2JlMjE2ZjQ3ZTBm
Request Chain 162
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEH2yMVm8xJob8kUYzYk9gks&google_cver=1&google_push=AehlK4CP75WjmaE8FjvId4V8Xl85SNsMMqunGu6yMrc7WqoCfL6CUu4Tbd4XSxxOxDHJnOBmaAfvomwDBd38Vd86qCyzXILp4zMEng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=2e1a8342&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4CP75WjmaE8FjvId4V8Xl85SNsMMqunGu6yMrc7WqoCfL6CUu4Tbd4XSxxOxDHJnOBmaAfvomwDBd38Vd86qCyzXILp4zMEng
Request Chain 163
  • https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEFCYK2MoPEr16cGUu3S8MNI&google_cver=1&google_push=AehlK4C5ntqEzwaOdxBeKyQYRun2IKaJ8cHnxw3EnJt_x0RG2C_h2_CVN9P8gqOXZzBTi3pCWe2Lyl14PukAJNzU5wQsNn1hutbCUSY HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Demx_eb%26google_hm%3DNTMzNDE2NjA2NzU1MTIwMzg2MTFiYw%3D%3D&b64_redirect=aHR0cHM6Ly9jbS5nLmRvdWJsZWNsaWNrLm5ldC9waXhlbD9nb29nbGVfbmlkPWVteF9lYiZnb29nbGVfaG09TlRNek5ERTJOakEyTnpVMU1USXdNemcyTVRGaVl3PT0=&ssp=google_ob HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcs.emxdgt.com%2Fumcheck%3Fapnxid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fcm.g.doubleclick.net%252Fpixel%253Fgoogle_nid%253Demx_eb%2526google_hm%253DNTMzNDE2NjA2NzU1MTIwMzg2MTFiYw%253D%253D%26b64_redirect%3DaHR0cHM6Ly9jbS5nLmRvdWJsZWNsaWNrLm5ldC9waXhlbD9nb29nbGVfbmlkPWVteF9lYiZnb29nbGVfaG09TlRNek5ERTJOakEyTnpVMU1USXdNemcyTVRGaVl3PT0%3D%26ssp%3Dgoogle_ob HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=6406060189460897775&redirect=https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTMzNDE2NjA2NzU1MTIwMzg2MTFiYw==&b64_redirect=aHR0cHM6Ly9jbS5nLmRvdWJsZWNsaWNrLm5ldC9waXhlbD9nb29nbGVfbmlkPWVteF9lYiZnb29nbGVfaG09TlRNek5ERTJOakEyTnpVMU1USXdNemcyTVRGaVl3PT0=&ssp=google_ob HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTMzNDE2NjA2NzU1MTIwMzg2MTFiYw==
Request Chain 164
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBITodsViMGV50vkamKNTLk&google_cver=1&google_push=AehlK4B4gVhqGvbUYGlmSdbS3Q6BBZBgYac-h33noXytfHav9IbHcj6jBB0amqhkh-s3tdptubCERchCfvQYTyPD1PXOwsWmB1WHFiM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4B4gVhqGvbUYGlmSdbS3Q6BBZBgYac-h33noXytfHav9IbHcj6jBB0amqhkh-s3tdptubCERchCfvQYTyPD1PXOwsWmB1WHFiM HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5

173 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
himado.com/
Redirect Chain
  • http://oandaae.com/
  • http://www.oandaae.com/
  • https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
70 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.4
Resource Hash
8a69f0c252bd31f25758a8f8d2601db9cbc955388af4d924c4934568d4b59181

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
http://192.168.1.146:8090
age
37932
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=86400
cf-cache-status
HIT
cf-ray
73bc534cbdddecf2-YUL
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 16 Aug 2022 18:45:09 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Tue, 16 Aug 2022 08:12:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ND%2FATGhfiCylXwJaBwTXJsYRSod2VVpxCSAReoXkWffcbDKUAYaSUaVuJNnfcdoZqOQDSqZ8PVKxEcVBVB8QKITQYZudTnTtbtYt3ztwxlui1idjkM1pq47uzRNu1MIwn1LBfQMV5yk"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.4

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 16 Aug 2022 18:45:09 GMT
Location
https://himado.com?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Server
nginx/1.20.1
cache-control
max-age=5184000
iconfont.css
himado.com/heihei/font/ 		21 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://himado.com/heihei/font/iconfont.css
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cba852dd5e6de08ea4ae9280693683f6b02fcc75e367a166a85fe8b42a25851

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37686
cf-polished
origSize=22018
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 05 Mar 2021 08:05:09 GMT
server
cloudflare
etag
W/"6041e635-5602"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bgY%2Fiew5kf%2FLyHjwDh1DdOfFzpw0w7FWGt6Tmxrv0l7CVA32ADI2HSuI37G0HRFLyOPJmWsgicJy6XxpifobUHA1olsnKjyAzsfv4Fszr6QssF918PEVkg0%2FHXTTEyLuHMXzt%2BtF%2Bq2C"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Tue, 16 Aug 2022 20:17:03 GMT
cache-control
max-age=86400
cf-ray
73bc534cee23ecf2-YUL
cf-bgj
minify
mdui.min.css
himado.com/heihei/node_modules/mdui/dist/css/ 		318 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://himado.com/heihei/node_modules/mdui/dist/css/mdui.min.css
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed843a3c8473a7fe362d90c36c21e8cc27e658332a8fe42f8554b40a5190d4f6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37686
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"1dc09d84-4f6da"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IjUeO3YwRhok7H14Nuqrana3pGwLD4MQs7rq%2BrM9fu3OHb1h4MSfP8GCVE4JH5XyGti6AFPTQukar3dum1ftB12j9u%2BZHtpOGopN%2B%2FOV6uzuBc%2BGqSvYRFzFW3y35DvDegQDYo4B6OSh"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
73bc534cfe25ecf2-YUL
expires
Tue, 16 Aug 2022 20:17:03 GMT
main.css
himado.com/heihei/css/ 		55 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://himado.com/heihei/css/main.css
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edd2bc9660a128d4084e6b3438a6cc4dd39922828b73c785d8507b0fa09a339d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37686
cf-polished
origSize=56519
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 30 May 2022 08:50:58 GMT
server
cloudflare
etag
W/"62948572-dcc7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEZjCQn8o0A2ddoH%2BeKq74kckFsF6XB0jLaS8WERNYL9a2ZIuvgvTu5SQV4o2JEw0iHHm4IC5Qh7rdsTCjPvuEDG8qNavbJmFaGTL%2FwS0nwBZWv4o6XBoj2JYcKgFjamXScBgQjpWbnP"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Tue, 16 Aug 2022 20:17:03 GMT
cache-control
max-age=86400
cf-ray
73bc534cfe26ecf2-YUL
cf-bgj
minify
swiper.min.css
himado.com/heihei/css/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://himado.com/heihei/css/swiper.min.css
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dea3c2d66b0679ee2db67a21c0a434f3e14d6ac8a2af06877a711151fc32b56d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6902
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 30 May 2022 08:50:57 GMT
server
cloudflare
etag
W/"62948571-356e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rXTNo%2Fup4CKJ%2BC71YEGOM4BLKoiiu7Xqwj%2B54noRMWV9c%2BgebC42ctSAzYbAc2nIYq9AaGCrrIICeUCSuUgnQaH9hSqD9BXHxpS78w0zUvHWxy3qyBZ%2Fzhw%2FD3SRMcTb1vLqURFxaqC"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
73bc534cfe28ecf2-YUL
expires
Wed, 17 Aug 2022 04:50:07 GMT
layui.css
himado.com/heihei/layui/css/ 		73 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://himado.com/heihei/layui/css/layui.css
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
043e5beacb82427aab3ff6ca908db6079aa938f7348f41815951d080b4fc2a15

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
85853
cf-polished
origSize=74303
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 18 Jan 2020 07:53:20 GMT
server
cloudflare
etag
W/"5e22b970-1223f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9KyrEfz8%2FlBQ8yTqRj5%2BbadPTzmMJWWziXFo8uWcOiPaIQmXboF68QPWBo0WiqgawQBVP2j6xFng%2FUUoeZQy0HyaADK3AB31u5nDs73ZYPo%2Fe82D3UHC%2FKnwL1jb1bl7VPDmvBfOHWG"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Tue, 16 Aug 2022 06:54:16 GMT
cache-control
max-age=86400
cf-ray
73bc534cfe29ecf2-YUL
cf-bgj
minify
cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
27492
x-jsd-version
3.1.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19158-FRA, cache-yyz4532-YYZ
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0OxcAaBrusdG%2Be0Id6AGyz1dSA%2FR9Sf6TThvsOEp5T4x193eEC%2Fg60UvOtCuiUCLl8hawEvXNEU%2BO7GC6vQMAW1doQoKHUxp3BSIIj3Jb78SVZNu5Yvk5DfhtF8I2p%2F%2B5lVEvVn4eFMz0vEgxc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
73bc534d1c487150-YUL
51c3e30246bd7fce9a317fffb236b586.png
himado.com/uploads/games/20210315/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210315/51c3e30246bd7fce9a317fffb236b586.png
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10a2d61b9d038a6a789d7904975cf29f2c6e0f6751568a37e71a30670314fb33

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65804
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27252
last-modified
Mon, 15 Mar 2021 03:48:56 GMT
server
cloudflare
etag
"604ed928-6a74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9UK1r%2Bfi5lIq5zG7Xbz452LZwok15vTyewxhzsEpLjz31sT1B8ITfMDl23w%2BNe76NJxKLisgqXmlyuMABl56i7OqQKtfuMj65iMUTvqDr%2Bl9uyy6Bk1VZxnyqSSFWir0QI%2FM%2F4da0TX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d4befecfa-YUL
expires
Tue, 16 Aug 2022 12:28:25 GMT
d91c3f50739b43ed1b3b825b9ffe78c8.png
himado.com/uploads/games/20210315/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210315/d91c3f50739b43ed1b3b825b9ffe78c8.png
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b17f97c27a4e34f3c1f725a40b948b5317621d44c8e5bea47af5f07429e0a5ea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37686
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31600
last-modified
Mon, 15 Mar 2021 03:50:09 GMT
server
cloudflare
etag
"604ed971-7b70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xaaBBcKLe3svCSmI5fTru3UlSgbvgPxW1pYK3KRPWMYLczvSF%2B%2FySXI6YQ02u4DhmvDO475JSoCCJpYUGxZu5pQwoRuH4Szt1cxXI5MS1P7s9MRdJN1dAN6LeUIEHlYIcAjfInRyFDom"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d6c1decfa-YUL
expires
Tue, 16 Aug 2022 20:17:02 GMT
1b89b5af9f358eecedd53c6f7fa1038a.png
himado.com/uploads/games/20210315/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210315/1b89b5af9f358eecedd53c6f7fa1038a.png
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd94f80e18eae6c89b41911be027b89564952effbb722b14c59013fa9b398f7f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37686
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23423
last-modified
Mon, 15 Mar 2021 03:50:23 GMT
server
cloudflare
etag
"604ed97f-5b7f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BaF69RDxS6PZsvB3zgMJ03fnHhijq8ObA451iyyA%2FmxB7iZziPISVmngjT9%2BdeGS8Kp9pvw1ym4MQ%2BmXy2FeleyDMhPLnGJa7FOuEiskmfnrIJzJ5WnS%2BDx5QwkZ5ikwWioGet53%2FiDW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d6c23ecfa-YUL
expires
Tue, 16 Aug 2022 20:17:03 GMT
af72ab82766500236b1c53f0baf6a2dd.png
himado.com/uploads/games/20210315/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210315/af72ab82766500236b1c53f0baf6a2dd.png
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
999d86373569534d9a231b3a92749caf916fe0bd0a4eab81e56f76d317f8e900

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37686
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24434
last-modified
Mon, 15 Mar 2021 03:49:16 GMT
server
cloudflare
etag
"604ed93c-5f72"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7QQGo0%2FbnRcmztRfjGSYHCSprQFnnM6LPKdHf3zMemP0DXTpwAoo6aT3zuvKAOzPmfkdx%2F1ZCJ97geq8R4TxcQA4HQjGNA6jqbN1i%2BrJPyZpuLY9zSNszjvCV7rMEmaRscydPgM10%2FN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d6c25ecfa-YUL
expires
Tue, 16 Aug 2022 20:17:03 GMT
d2a63ffcdf480f0b3cd1f75c97e89630.png
himado.com/uploads/games/20210315/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210315/d2a63ffcdf480f0b3cd1f75c97e89630.png
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5862662a1fca8e93e8297102da178b84a251fb207ac5d10c129d0eed86eb72bc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37686
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28643
last-modified
Mon, 15 Mar 2021 03:49:36 GMT
server
cloudflare
etag
"604ed950-6fe3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GFUCpJ16pw9k%2B5gawomly58uAflRfE42FCapnWoSxI9np9v%2F4oGW2CbKBbiLq7UjfYazIkgLzf%2B1vmcLkv2sB%2B4yEo98XjeT%2BBjoe4rdFJum%2F2pgQh%2FJhGcY1V%2BFOpixzPOaVAHUIGiE"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d6c26ecfa-YUL
expires
Tue, 16 Aug 2022 20:17:03 GMT
097bc8d741a54de40484f823b3ec85bf.png
himado.com/uploads/games/20210315/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210315/097bc8d741a54de40484f823b3ec85bf.png
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1552665dffa49ce4908b2ed4fde2f745e8be13c58b3f039f2d9f985a966f88dd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65803
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33737
last-modified
Mon, 15 Mar 2021 03:49:48 GMT
server
cloudflare
etag
"604ed95c-83c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2ufkatmI8oPKucA8KE%2F4DjJ1pom%2F1a3KXSHZOPyM%2BhChw3Oxh0DwrmNbxvC%2FBcZ2SoJ38T0BhZPNKi6fiDZZY0RNDumyec8Ip1w5Ov2KPvuO6xc2d3leMXq04WSrPZph6cRsynn8eU7"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d6c27ecfa-YUL
expires
Tue, 16 Aug 2022 12:28:26 GMT
f8d565f764add73d6c8dbc69e7d36855.png
himado.com/uploads/games/20210315/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210315/f8d565f764add73d6c8dbc69e7d36855.png
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad7dde0ca5b4ee5f88280fb0849344ea0de7608e79a75f783b48df0e711a150a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65803
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31308
last-modified
Mon, 15 Mar 2021 03:49:58 GMT
server
cloudflare
etag
"604ed966-7a4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OuGpbyS5rsFiqXwtcn38MdUwqalPySOk1yTaPJ1H5vNbo26BG87BMhfVAgLne0uDmSAl4hlD1mb4dyg1DL%2B3vYsNQeBgcBK88PzYPxqMk2puv6%2Fg%2FqzR7k8kgxeuaOKDo%2FYRY6YdljqC"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d6c2fecfa-YUL
expires
Tue, 16 Aug 2022 12:28:26 GMT
7004c13d133632f3c8564b9049f9971e.png
himado.com/uploads/games/20210315/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210315/7004c13d133632f3c8564b9049f9971e.png
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe26534010067bc8af72d71198aaa8f71e9e217e143769bafd1397b118029d2b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65803
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29986
last-modified
Mon, 15 Mar 2021 03:50:31 GMT
server
cloudflare
etag
"604ed987-7522"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tofgB9ziBHcWVEwLJCW%2B6G96zYv%2FseqDEuzZfJViKE0AwUy3pjCHSQQn3qf0iKo%2FK8WyQGCFkd85gZfV4cu9kopiDQCxur%2BAdk3kPyt03Z7du0K1tOJOyoGWxgRuTyrUxRJXi7EMjDd0"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d7c42ecfa-YUL
expires
Tue, 16 Aug 2022 12:28:26 GMT
f0aa29bb0eb029058a3a41fe4f4cac55.png
himado.com/uploads/games/20210315/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210315/f0aa29bb0eb029058a3a41fe4f4cac55.png
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c7115dae900a238d8fcd68cedaa30d1eea08222303d096e7725b706609dab4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65803
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36076
last-modified
Mon, 15 Mar 2021 03:50:41 GMT
server
cloudflare
etag
"604ed991-8cec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U760VsIQsJnDbtZYvu3SjxsIyJ2UjdgFHmlBLpB%2FN29gSagBSgZe%2FjKB5WfWMp7xXvOjC1PmAnHR38X2UliLgRRGID37LKJD4pJlhmJ8LmbX8Ilpl%2FsUw7YIm7FlYEhTrAaVRdH5swZ%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d7c46ecfa-YUL
expires
Tue, 16 Aug 2022 12:28:26 GMT
ac22cce735e5562b3dd4b69ad44b37ff.png
himado.com/uploads/games/20210315/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210315/ac22cce735e5562b3dd4b69ad44b37ff.png
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95ad58274ed0e116a722c84cc75154688203857723682fa475598cf15ce0f540

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37686
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19325
last-modified
Mon, 15 Mar 2021 03:50:50 GMT
server
cloudflare
etag
"604ed99a-4b7d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WlR3YL5Z8c6FWjix%2FHACfVQGM32B7EJigzJFq%2Bzg6J%2FTko37xbNa2yaFgo7T9%2FMjVBBgkYZvAsY3ZYhaAUYXg1xLABqCOAikg0ooghPv05v0O7lPzNq90%2FqGknPjdylMAs6pcfY%2F25nN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d7c4becfa-YUL
expires
Tue, 16 Aug 2022 20:17:02 GMT
df830c54f2b538529a02002ae6351760.png
himado.com/uploads/games/20210315/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210315/df830c54f2b538529a02002ae6351760.png
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b253a256b32748cdf0a980df247df943cbd78d4468784a4f11b629c454d5582e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65803
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27870
last-modified
Mon, 15 Mar 2021 03:55:18 GMT
server
cloudflare
etag
"604edaa6-6cde"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTM65M1p7TbnALr03ysxr6y8e4mbXFlwqzpJiOkXJ1%2Fv9P8QZMaYXkeA4%2BUrij34BGBQcDtOsilZV34cnuoKjbAfeXOe7VVI%2BoU3Vpe05DbV83vneClY6sqZrOiLVKddWy6vGYJnw7ix"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d7c4decfa-YUL
expires
Tue, 16 Aug 2022 12:28:26 GMT
0ccfab0efc4a70e294f09457d4d02dba.png
himado.com/uploads/games/20210315/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210315/0ccfab0efc4a70e294f09457d4d02dba.png
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f2cdb4f054aa5fca537582b95714bf84209f2d1f4905411e27fc79ed23c0156

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65803
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20260
last-modified
Mon, 15 Mar 2021 03:51:40 GMT
server
cloudflare
etag
"604ed9cc-4f24"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BR3Ueq0h3QGSZpGffhBEc4fHdxkG2roJwYMEe%2FVP1hhqscz%2BU9xVchcOLqs%2F0wC%2FwhntqDBMv1zu18feokt3vGypxl%2BmC19tlfcg4S%2B4tqDLlbN7ob%2BpjL6QoHWJJjrnTT%2FYDp7ZP6Yv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d7c4fecfa-YUL
expires
Tue, 16 Aug 2022 12:28:26 GMT
5e575e69f2960a4471640343b3f71f1b.png
himado.com/uploads/games/20210315/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210315/5e575e69f2960a4471640343b3f71f1b.png
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25c52edb5f678faad74e8c76a3f07aacd8a9ababbc93f51f4598859db9019386

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37686
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37332
last-modified
Mon, 15 Mar 2021 03:51:56 GMT
server
cloudflare
etag
"604ed9dc-91d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=elExdtaytOO%2FrwFQWgLbsAkHRWas9ZBoFa3iYuQ46GRRI%2FQOb8W0OLkQvEvBFXmyohYxcPr7Xaw8LAghamqPGzqQcZG%2F3YUytG8ahiSwMHtoNDp8ymgDA5r%2F7o%2FQhgVCFPkxM1jmvMI4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d7c50ecfa-YUL
expires
Tue, 16 Aug 2022 20:17:02 GMT
a685bf03b5666cd9372652f6bad0cb7e.png
himado.com/uploads/games/20210315/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210315/a685bf03b5666cd9372652f6bad0cb7e.png
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ca1987b2c99ac789c18f36e9c6e78c38fb99d6acb197c7220ca14aeba541a50

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37686
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21166
last-modified
Mon, 15 Mar 2021 03:52:08 GMT
server
cloudflare
etag
"604ed9e8-52ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yffVDeuQg%2BlzlJZc58wv5NxqAm4oBbpsNzlBxc7OvRuCjrPc66%2FJAgu3lkHYrbU21gE%2B0oJRqX9%2FMqt0rbyJ5f4f8CK%2BV%2BfUb1uAXF9LVGCffOZEBwRQ%2B24c%2FZjqWcZcTPHs%2FiZasVnc"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d7c51ecfa-YUL
expires
Tue, 16 Aug 2022 20:17:02 GMT
d85190340c2d710778220e853e5080de.png
himado.com/uploads/games/20210315/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210315/d85190340c2d710778220e853e5080de.png
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae96eb840738b34977663b9d515a2422dc01a7b70006b5115159865ca253688b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65803
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28759
last-modified
Mon, 15 Mar 2021 03:52:20 GMT
server
cloudflare
etag
"604ed9f4-7057"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pkG4lCJvb8TVTxVmcz5a2ROYaX4jnIlNjE2Xkwn1mE88tVccNlv5O%2FUlEbungBd4k52ycwVFiAAIsqT58G8VWM%2B%2BvVepDiyCE%2FF3ERvo39oZg4wunkGe6W4yLeEEr0%2FVgcjUB%2Buz%2Fbp"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d7c52ecfa-YUL
expires
Tue, 16 Aug 2022 12:28:26 GMT
1e1c00a40daf1b6f65ad9a69f9fefe3d.png
himado.com/uploads/games/20210315/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210315/1e1c00a40daf1b6f65ad9a69f9fefe3d.png
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a82fa8b55919121be516a5c681e82bb5eb552d0132b24a93083e6feb387907e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65803
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36438
last-modified
Mon, 15 Mar 2021 03:52:47 GMT
server
cloudflare
etag
"604eda0f-8e56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzsr3Jn%2FPgjNoUNAp6iBT4czUWT%2Fg90%2FfCUoflB6a2SLEz49IYdZDYDL0XylRmF%2BMstOfl258ZXElsgRO1S9T0STxghz0xlvmMmaUZM8nwx0mziDSvCIUjKt%2FJ4Z1aIQJZ%2BINFFY4z16"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d7c54ecfa-YUL
expires
Tue, 16 Aug 2022 12:28:26 GMT
db90ea00a121cf5b9cf63046ccb49a64.png
himado.com/uploads/games/20210315/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210315/db90ea00a121cf5b9cf63046ccb49a64.png
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3743dbc418c686c18ceca257a6814c24c9509d4fd034d2e0ccb26d6cd43770

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37686
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21294
last-modified
Mon, 15 Mar 2021 03:53:01 GMT
server
cloudflare
etag
"604eda1d-532e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cwo2jg9S3lVyvEz5l1CSs0G1wvfA3Mxu2n7I9RrSufmoDYMkhIFr1E36LF0gP%2FxKW055I4G%2BDadD3fqw7%2FF3AzOG5nRsAULM%2BMHHrZNNdHA6EgMtzNw7mPcUYHXA%2FScVVUapa0V3%2FBad"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d7c55ecfa-YUL
expires
Tue, 16 Aug 2022 20:17:02 GMT
603f73fa06751fe25804605dd3a0bd64.png
himado.com/uploads/games/20210315/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210315/603f73fa06751fe25804605dd3a0bd64.png
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4d9d910a57265fd97af8f90ef93d1ccdf54aeceaa4b9a87c25b8af3f5539e22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65803
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19959
last-modified
Mon, 15 Mar 2021 03:53:12 GMT
server
cloudflare
etag
"604eda28-4df7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9NuwLEbivtO4ouFxJ%2BZefRW049T%2B8QgiUEbvepz4vbMz0jxUJ15CXStNvAIaMPYF1Gy0lWN6TYv3R5p%2FRQSPZzUvJK6TqoqUHsu%2BUyx6OgREy7D2%2BC0QEeBAnoBf%2BHNLkxuhGk25pEX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d7c56ecfa-YUL
expires
Tue, 16 Aug 2022 12:28:26 GMT
81c0592684971c713fbf45f1a3ecc9a0.png
himado.com/uploads/games/20210315/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210315/81c0592684971c713fbf45f1a3ecc9a0.png
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2669328836b79e07b08877a76b9121e41297fc67f6b7e3580b6acb5df43db325

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37686
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29538
last-modified
Mon, 15 Mar 2021 03:53:22 GMT
server
cloudflare
etag
"604eda32-7362"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUlyPHPpPwhO4lHZNJKg5UHSHlonad9AstBTIT6GiQl0c3YqUShlrNBXOfmCC74ZMjsmRYw9PgZ3gZRSGKY3sc1sPxvv3Hk3miZ%2Ft2VMtn9XAkXLUlKJRf264fm4q8d0VDDG7r5%2FOFv5"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d7c57ecfa-YUL
expires
Tue, 16 Aug 2022 20:17:03 GMT
435926511cca918b6033dd14c5ee1e69.png
himado.com/uploads/games/20210315/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210315/435926511cca918b6033dd14c5ee1e69.png
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07ad94c273e3ec4219404916bf18f317279d83d7d2de4ed5df150b78446e8ee6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65803
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19225
last-modified
Mon, 15 Mar 2021 03:54:09 GMT
server
cloudflare
etag
"604eda61-4b19"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=890CdSJpwgoCzcn18ke07DdvFnuK1wZ8w0NiK9i4C4qOy0DHKms8KhOdxXnQr%2FVt4ZFZkNayMQSOULKBiX9O1scHQtFdQgzxAIEVwxHlMJ%2BVvVMnOeXXLo6bfKztJ7DSL1Od0Z96fdBD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d7c58ecfa-YUL
expires
Tue, 16 Aug 2022 12:28:26 GMT
e8ced27820dbf6a55476228aa324e769.png
himado.com/uploads/games/20210315/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210315/e8ced27820dbf6a55476228aa324e769.png
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e67ebc151b1035c2f18f6a354fa41a7c097649dad7929898b8c1222baa5be672

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65803
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17056
last-modified
Mon, 15 Mar 2021 03:54:23 GMT
server
cloudflare
etag
"604eda6f-42a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G62u6Dl8QZSbVUEvZW1QmH7oYWMSJm5REnJW6bKrWmyupiI74rrrmYL8LKvutMEJF6lKZzgAaxLN%2FpJrelGGEi9oi8l2dUc8enCNK7fOem3oP3K4s9z8kfbSgHGtSPGgjqlCzyv9xkQ0"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d7c59ecfa-YUL
expires
Tue, 16 Aug 2022 12:28:26 GMT
64811b50bdfd7ddc3ddae748d1de166e.png
himado.com/uploads/games/20210906/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210906/64811b50bdfd7ddc3ddae748d1de166e.png
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2e9e422957b6658327b7cfab36fd27c9bd6d7054e7fcd6e1aeea09abeb95c7c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6902
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
111201
last-modified
Mon, 06 Sep 2021 07:43:53 GMT
server
cloudflare
etag
"6135c6b9-1b261"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oF7OT5dagzL%2Bp%2BV2zfdHsX7DQD4mBUYfuf41rkij7jwgaQUaNgYaOlJmqxgQx0%2B6JrwBM4n1Kgn%2FP8qujA5FfX5fBBPBgbmlQpY8go2GF2vDhW%2BUWEjkGE5VqZcqm08STa%2FqKyP17hMJ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d7c5becfa-YUL
expires
Wed, 17 Aug 2022 04:50:07 GMT
bdbe6c100ab24f26f4be7ddb36da476b.jpg
himado.com/uploads/games/20210906/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210906/bdbe6c100ab24f26f4be7ddb36da476b.jpg
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82ce193a25f4456cd6cb7f26b6b563e01a03e344bd0fe1b702206457a453ba34

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37686
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
50056
last-modified
Mon, 06 Sep 2021 07:44:21 GMT
server
cloudflare
etag
"6135c6d5-c388"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zYQgkfaEwJ9bV2X2JduAb1Oa%2BAnSuwIPeJziP%2Bx79KWRw3vhCIv7yfiL8bJa2EIcQQWYaKMUHrujGlPhsqeww8OObkWk7ey9pVbzRUkTOCi7byEYvbuaXpcdbcVAofvpaH4VCtDSHSS6"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d7c5decfa-YUL
expires
Tue, 16 Aug 2022 20:17:03 GMT
cdc3e4f31cd81686bc01318187577008.jpg
himado.com/uploads/games/20210906/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210906/cdc3e4f31cd81686bc01318187577008.jpg
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95f51bb6732944a5f3fdc0672572993b864b3f43e642342c1575b64f17e9f562

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37686
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
67918
last-modified
Mon, 06 Sep 2021 07:44:49 GMT
server
cloudflare
etag
"6135c6f1-1094e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfHAl1Xdh93yhd4nhjZW2xA8tJcYyYv3IqsZVQg4hLeLsaLwdLAlUEWoqYykUss0xHlKi6y0rCBMesfJBTZ9lTGhcZ5wwGTjp4uRo7JEguHltr7mIDrl6yu1ypFbfK0Qrd5V8FrT7ka6"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d7c5eecfa-YUL
expires
Tue, 16 Aug 2022 20:17:03 GMT
default.png
himado.com/heihei/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/heihei/img/default.png
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3c17f5b5afc1a2cca5e0119d101e44e5fed51c5712e1fc158d1d57028cc80ab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65803
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3854
last-modified
Wed, 27 Jan 2021 08:36:00 GMT
server
cloudflare
etag
"601125f0-f0e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1cTnJVia0AsckzflAeDTx%2Fi2eevY0jDClnWo%2BaLY02WfiV9mSUS5CC91H09Y6sFVH%2BtKTKgmWmAqS%2BDZJ%2BCgmjBTWd2N0gobcsptRXV9G4AntWYwuSmtGXRgmC%2BtQNe2r%2F9z1D8CeO1"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d7c60ecfa-YUL
expires
Tue, 16 Aug 2022 12:28:25 GMT
handclap.png
himado.com/heihei/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/heihei/img/handclap.png
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbf9c3fe437b504bc402595145e9462590f81c531bb31596c10673026bd63078

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37686
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8960
last-modified
Wed, 20 Jan 2021 07:23:50 GMT
server
cloudflare
etag
"6007da86-2300"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D40Slvpr79GC8wszaSAXh0%2BCjZkit6HAq7WkNF0zfgSkA0sI2dXLsTTbozooezATn0FRmCMs8IXT%2F8QIzoXPxc1XsoU2nLMFKnLET88pJHDXOpNhEepg6HjcKPjOQgmV6bFbzU69iMzc"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d7c63ecfa-YUL
expires
Tue, 16 Aug 2022 20:17:03 GMT
cookieconsent.min.js
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
27783
x-jsd-version
3.1.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19177-FRA, cache-yyz4548-YYZ
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evAI1%2BFPhCFIx%2F0wXB4l%2B5ezBARuqh%2FoDjL3zVT1ojSrvg0%2F9bm8vo7fqHqbrnOANWvqjTZgJnYVHS3Stk8bBovHFlfeEIGO6HhVeb4LZdXsPFSPJePx9QlRy9Zw8O4O5M2PD1wsltxVz9jk4PY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
73bc534d2c587150-YUL
rocket-loader.min.js
himado.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://himado.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Aug 2022 09:40:28 GMT
server
cloudflare
etag
W/"62fa148c-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqwvy87KFSVRad18KoEuTSxrZTVZNf8eC5DDgBJ1rRpFhUyvpDoU6EPdRZHxYXDM%2FxjSvJ4FXueQjbP2K%2FeiKaenC8Wygp5HYkXel1liIq%2FRbNRQkZloLhWkhZqhnFmFr9XyBWHt1xLl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
73bc534d7c64ecfa-YUL
vary
Accept-Encoding
expires
Thu, 18 Aug 2022 18:45:09 GMT
MaterialIcons-Regular.woff2
himado.com/heihei/node_modules/mdui/dist/icons/material-icons/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://himado.com/heihei/node_modules/mdui/dist/icons/material-icons/MaterialIcons-Regular.woff2
Requested by
Host: himado.com
URL: https://himado.com/heihei/node_modules/mdui/dist/css/mdui.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726

Request headers

Referer
https://himado.com/heihei/node_modules/mdui/dist/css/mdui.min.css
Origin
https://himado.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
58908
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44300
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
"1dc09d84-ad0c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pd4cXJ7UroRXa%2FMd6t58%2F1d0s9c1cS3FLdIbJsJqCesfvSPvq7%2F0rZOsmEPA1ATfVgsjJjfJyx0C6lsMLOKqdqUDz%2FVoULtJG7LdhVpLg4cAhmfgLPl6Y32nmoG5I2MRPGJJ6hdSEu3j"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534d7c65ecfa-YUL
expires
Tue, 16 Aug 2022 14:23:21 GMT
banner3.jpg
himado.com/heihei/img/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/heihei/img/banner3.jpg
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a779e11b26bd11c86eb89e434dc60060cba9ae9d37108910c69dc9d091fe4584

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65803
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
72528
last-modified
Mon, 16 Nov 2020 07:59:00 GMT
server
cloudflare
etag
"5fb23144-11b50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WMtAr2VW%2Fh5PiZA3biz3mWZvwGlE50m9VvOl%2FeovWjbidvam6WO3q6mOlaJhuSuBhqWa1xNHRu4T9Bzagv9QHiMEFeoxkflct4EnnRdT8cij0UsKm7UkCViM%2BZQ00mvcDQ5hvwfY%2FGO"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc534ddcb6ecfa-YUL
expires
Tue, 16 Aug 2022 12:28:26 GMT
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin
https://himado.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
truncated
/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aed401f022d17ec8958859dbc2d11ab2f7f169900eab75979c7770b598bd23e7

Request headers

Referer
Origin
https://himado.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
application/x-font-woff2;charset=utf-8
platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js?onload=initgoogle
Requested by
Host: himado.com
URL: https://himado.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93af079a901176837758950c3dea53448dcd4525bafb7bd449ea20c424240fc1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20361
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Tue, 16 Aug 2022 18:45:09 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"4ab33bce85396866"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Aug 2022 18:45:09 GMT
z_stat.php
s4.cnzz.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.cnzz.com/z_stat.php?id=1280305902&web_id=1280305902
Requested by
Host: himado.com
URL: https://himado.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.185.164.250 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
9163bded20d8534f5596e2c9dbdd77b3612f30b05b926efa90b55dbdd5213a59

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:43:58 GMT
content-encoding
gzip
age
72
x-powered-by
PHP/5.5.25
x-cache
HIT TCP_MEM_HIT dirn:14:458830059
x-swift-cachetime
3600
x-swift-savetime
Tue, 16 Aug 2022 18:43:58 GMT
content-length
4050
last-modified
Tue, 16 Aug 2022 18:43:58 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1660675438
content-type
application/javascript
via
cache15.l2cn1836[58,58,200-0,M], cache73.l2cn1836[59,0], cache2.cn4100[0,0,200-0,H], cache7.cn4100[1,0]
cache-control
max-age=1800,s-maxage=3600
timing-allow-origin
*
eagleid
dcb9a49b16606755103201997e
firebase-analytics.js
www.gstatic.com/firebasejs/8.1.2/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.1.2/firebase-analytics.js
Requested by
Host: himado.com
URL: https://himado.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2148022def76b9fb894dda29d0fe31651e0492d59a87b3de6fad4ec69ae0a9be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 00:13:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
325890
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10765
x-xss-protection
0
last-modified
Fri, 04 Dec 2020 02:12:08 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Aug 2023 00:13:39 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/8.1.2/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.1.2/firebase-messaging.js
Requested by
Host: himado.com
URL: https://himado.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 10:36:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
374939
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10840
x-xss-protection
0
last-modified
Fri, 04 Dec 2020 02:12:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="firebase-js"
expires
Sat, 12 Aug 2023 10:36:10 GMT
firebase-app.js
www.gstatic.com/firebasejs/8.1.2/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.1.2/firebase-app.js
Requested by
Host: himado.com
URL: https://himado.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
434800d40123d00dc8260e19366d917930e6d984578f0b039f1fd2278908db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 20:11:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
513233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6546
x-xss-protection
0
last-modified
Fri, 04 Dec 2020 02:12:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="firebase-js"
expires
Thu, 10 Aug 2023 20:11:16 GMT
main.js
himado.com/heihei/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://himado.com/heihei/js/main.js
Requested by
Host: himado.com
URL: https://himado.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c205d89ddde176cde799753bfdf653ef140824fa61f591c8783c8d2939fb9cb9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37686
cf-polished
origSize=6046
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 25 Apr 2021 03:40:19 GMT
server
cloudflare
etag
W/"6084e4a3-179e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90Bmc%2BDExpU%2BSsFE1YSOl4gQvHgmeCPLGde8%2BuKrO5jYZndhTzDpYBGzU0W6zo3acXr%2F3x2T%2Fx24V05v2vjzysjlSYm0oXkwatzUeQ1OsTQGWESqIT%2FDwaNJmBBI7XgxihRC5LP%2FU8a0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
expires
Tue, 16 Aug 2022 20:17:03 GMT
cache-control
max-age=86400
cf-ray
73bc534f4e87ecfa-YUL
cf-bgj
minify
lazyload.min.js
himado.com/heihei/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://himado.com/heihei/js/lazyload.min.js
Requested by
Host: himado.com
URL: https://himado.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b3baa10ac55f4eece0c7e666eaddd51872b8ce9273671626bcccec8f86ead78

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37686
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"1dc09d84-8a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oc1yC5b5wbMDlvcqbSEgC0OVQgQRD4HhrF9Xa2gIOU4aUATnh4Y4D2%2BTj%2BwZ6%2FZNTnEYvXsHSMnbsHoGmM1tAktPQMLXGsiWdOEQ7HxEY03KWtpgKVpAU9DibTiRj%2Bavfn0uOqS%2BZ%2B6i"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
73bc534f4e89ecfa-YUL
expires
Tue, 16 Aug 2022 20:17:03 GMT
clipboard.js
himado.com/heihei/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://himado.com/heihei/js/clipboard.js
Requested by
Host: himado.com
URL: https://himado.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7a10a5cf1574ff5efbe38630ff3bd4fbf6fbc4a587393ff7cf3f7bbb985dc03

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37686
cf-polished
origSize=10759
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 26 Sep 2019 07:58:28 GMT
server
cloudflare
etag
W/"5d8c6fa4-2a07"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DnIEI%2FQr6cigctqAh75FBH1Iie7vP09iA7PxRbq2pEpa5Tiij9j4%2FKi%2Fr2gyRNPBaG%2FVniRTX3rcDqfyVEFo1U0LnEft5YXetRxJ1ygA1U2%2BHlKoumh72KoWrQs20tEVbE0kxVzTv9jb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
expires
Tue, 16 Aug 2022 20:17:02 GMT
cache-control
max-age=86400
cf-ray
73bc534f4e8cecfa-YUL
cf-bgj
minify
swiper.min.js
himado.com/heihei/js/ 		137 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://himado.com/heihei/js/swiper.min.js
Requested by
Host: himado.com
URL: https://himado.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31b9a64530ca997b6bcc15ed933a677acb8659fd3d75c6f54736657bbf69c18e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6902
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 24 Apr 2020 15:59:42 GMT
server
cloudflare
etag
W/"5ea30cee-22208"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvGmGjEniZJKbMavRoVIxrUT78UE6tF1yGRpgGD34xAimXdIu7z5Uz39Dbv7cUP%2FnCo0TxivDZJqxJmE6xHI2T8yadvE%2FQfvvxVTyRjstXVL9cpmcvnpJf2%2FtLfj6x1VIDARZLUDYi0Z"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
73bc534f4e8fecfa-YUL
expires
Wed, 17 Aug 2022 04:50:07 GMT
mdui.min.js
himado.com/heihei/node_modules/mdui/dist/js/ 		72 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://himado.com/heihei/node_modules/mdui/dist/js/mdui.min.js
Requested by
Host: himado.com
URL: https://himado.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ced435a2dea14894cd4934a82ff77e2c64447658214d0576c39215648831d08

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65804
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"1dc09d84-12121"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZ7bvYd5w%2BIfqz7%2BxfuATWZqhxLuiPmnjLQOE%2FzBO758h1%2Fjyr63BK8WnIkt1JpEEDquUHTobX%2FoOMkF7Vk05N%2BExtLcdogLzChJuJuAk%2FTpJu9oWW0yLrwy9n04J6kiRA17VpoimBJB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
73bc534f4e90ecfa-YUL
expires
Tue, 16 Aug 2022 12:28:25 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: himado.com
URL: https://himado.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
sffe /
Resource Hash
88c0e66b6bcfc827cd97a258099bd7cf8aaab8516580680c628f77cfb9daea10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28644
x-xss-protection
0
server
sffe
etag
"1306 / 349 of 1000 / last-modified: 1660648063"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 16 Aug 2022 18:45:09 GMT
iconfont.js
himado.com/heihei/font/ 		113 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://himado.com/heihei/font/iconfont.js
Requested by
Host: himado.com
URL: https://himado.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b799694acd9d7539b0fde8139202442b5f5eba6de2d94d9184fc22f3296db689

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65804
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 05 Mar 2021 08:05:13 GMT
server
cloudflare
etag
W/"6041e639-1c5d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWsDiQKcq97wgbqhq8xaJzQaDXhThplOkFpSsgYGZyPjHRV%2Bft7otwggtRr2VsqwaWNBK4sVwyRfM4IvM9hS4xyO4UQWn%2ByKLTwF64iV4mF8Bh7GABCytjhZ24XciTV1RqEsI5%2F0OWjj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
73bc534f4e92ecfa-YUL
expires
Tue, 16 Aug 2022 12:28:25 GMT
layui.all.js
himado.com/heihei/layui/ 		272 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://himado.com/heihei/layui/layui.all.js
Requested by
Host: himado.com
URL: https://himado.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2decee3874115745c99eab7e8011921590298b07eeee62170f5729e721ed69c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65804
cf-polished
origSize=278470
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 18 Jan 2020 07:53:24 GMT
server
cloudflare
etag
W/"5e22b974-43fc6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndPZ%2FAZKLAdUHvoIicXCBebV8jLf0mLOF6K4DiwigfnY2nPQ%2F8o4oLGrPk%2B2D4AQCR5bg4eT7wi6TWS%2BFaoutPXVC6KIBTUt5BUIcgBAuaD06JNE4EIF4oUNw4Q0w3fQ5xVXmOV0mIcQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
expires
Tue, 16 Aug 2022 12:28:25 GMT
cache-control
max-age=86400
cf-ray
73bc534f4e93ecfa-YUL
cf-bgj
minify
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-122335014-2
Requested by
Host: himado.com
URL: https://himado.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ea2dc383c0fd4bd9f25f30be7f2b8e9e0c997efbda5d7123234868a8482b66fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41784
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 18:15:03 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Aug 2022 18:45:09 GMT
invisible.js
himado.com/cdn-cgi/challenge-platform/h/b/scripts/cb/ Frame 4CA1 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://himado.com/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=73bc534cbdddecf2
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c41aaebf3ac9625ba1cb625e111b113d6ae2cba57827f25260396ab9df003802

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vIsfPY4zA891Q93s522JLZSOEsbG4jofHSj0fSx3uHHFlqW%2B2NMZdIbj8JDNeNHK76PCYAEWoZ5UUkPI38g5PTOmpOL9AXbMx9zDqlIUEVCJiv%2BllveD9gRGouFASu%2ByxSX3FlppEfd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
73bc534f4e94ecfa-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hm.js
hm.baidu.com/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?48b689ef96fe9a8a0db038f2830c76c7
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
23510dcf62097952f1540581deebce7fbe45dc1e1fe00836f7bf15adff8a5a32
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 18:45:10 GMT
Content-Encoding
gzip
Server
apache
Etag
97623e70bb2a9b0e7005290e961d494c
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11937
gtm.js
www.googletagmanager.com/ 		142 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MDCVHGD
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7ae98d62f214cd9683d8d8680f66b91aeecf6ff0802fa8654b865d30828c4f8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52532
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 18:15:03 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Aug 2022 18:45:09 GMT
pica.js
himado.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 4CA1 		22 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://himado.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6374d71bc99e6b537320c2cc01da4034c1ef11f45c3e6791681541cd4cdcbbfe

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kXF1sHNjwk92T49%2BTv8WmTICO8C9ljOraxs6tc149AXNuJgigxKOTAgp0TcszWiAdwfzJCqkUCRBlUd%2BCOIC%2BZdpA0%2Fl%2B%2FMqo18nNFxy7J04eU02IDhQDOOcXGOzeBCc37AIMrJxmZN9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
73bc534fcf58ecfa-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
laydate.css
himado.com/heihei/layui/css/modules/laydate/default/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://himado.com/heihei/layui/css/modules/laydate/default/laydate.css?v=5.0.9
Requested by
Host: himado.com
URL: https://himado.com/heihei/layui/layui.all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0639b600697b8398c14d64366932833404ea94c420349ea469605e7614aed98c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37684
cf-polished
origSize=7537
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 18 Jan 2020 07:53:20 GMT
server
cloudflare
etag
W/"5e22b970-1d71"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Zs%2B9pq7IpavR5yw81k64E9PERFp3rpBw5rMOj7v2zdQ6nxeEQWow0%2F80T0RrrJfFTqNha3Tef4qmvBN3ktgUCk3LUV61xTCasunsVWAhM5Yv0Z9AGIyVji2oSty0qEp7pTqk%2FWlRkeb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Tue, 16 Aug 2022 20:17:04 GMT
cache-control
max-age=86400
cf-ray
73bc534fcf68ecfa-YUL
cf-bgj
minify
layer.css
himado.com/heihei/layui/css/modules/layer/default/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://himado.com/heihei/layui/css/modules/layer/default/layer.css?v=3.1.1
Requested by
Host: himado.com
URL: https://himado.com/heihei/layui/layui.all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4a4388efca6e5be9e54fcaadf59a389b4c26233bb7a0f53ab67b8da4c1b2d06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37684
cf-polished
origSize=14425
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 18 Jan 2020 07:53:20 GMT
server
cloudflare
etag
W/"5e22b970-3859"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDdrOuVb7PEIFiyc8X%2BqKzgbOsOyu6OhRGXJMu7PQYdDv8Miryx2bz%2BkvlfLgrnJd3xKKZb5grEL0TW7Qoq1tNhQP%2B1BLtqlRRftv3H%2Bet6hnCl3LpIvgthKn6bhuBGvAJa%2BK%2FNsC6aa"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Tue, 16 Aug 2022 20:17:04 GMT
cache-control
max-age=86400
cf-ray
73bc534fffa1ecfa-YUL
cf-bgj
minify
code.css
himado.com/heihei/layui/css/modules/ 		1005 B
962 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://himado.com/heihei/layui/css/modules/code.css
Requested by
Host: himado.com
URL: https://himado.com/heihei/layui/layui.all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
feec796cc073154b3e63523ec6a9808c8c5e54b7ca9d51ac8d33a9665d676a84

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37684
cf-polished
origSize=1063
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 18 Jan 2020 07:53:20 GMT
server
cloudflare
etag
W/"5e22b970-427"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRcklJhT7fYtesJaUEoeDBz2RH%2F%2Ftiiv6JSOTEAW8xdLwr61pZiog7pdY2BMKRCFvSCvxHByuCl1rGdMK3KOtWxf6xUhB4k9qISd0OxWpfY4JgEhEme4MNTdf%2Ff5ZCEEV9wA4pQ1Byth"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Tue, 16 Aug 2022 20:17:05 GMT
cache-control
max-age=86400
cf-ray
73bc53500fb1ecfa-YUL
cf-bgj
minify
iconfont.woff2
himado.com/heihei/layui/font/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://himado.com/heihei/layui/font/iconfont.woff2?v=256
Requested by
Host: himado.com
URL: https://himado.com/heihei/layui/css/layui.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bef73f87b8a3972427dcece922ed8f59d1d01c4a3fd572316efa70de9aec9c09

Request headers

Referer
https://himado.com/heihei/layui/css/layui.css
Origin
https://himado.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
58908
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25964
last-modified
Sat, 18 Jan 2020 07:53:22 GMT
server
cloudflare
etag
"5e22b972-656c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPSLa1tRc3yr1mSnTz0TEhv2Ofrshxmm8x%2Fay0vYA8xZ8FbNiwBVxrSH8vck%2F3yt%2B9M8xMlp2oL9NyMbVcaRtdy%2Bk2J3nKZ%2FSGSwxCMu%2FBINWvhH8hknnzhngB2Wn%2BbG856cxCqqL3PB"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc5350783decfa-YUL
expires
Tue, 16 Aug 2022 14:23:21 GMT
pubads_impl_2022081101.js
securepubads.g.doubleclick.net/gpt/ 		388 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
sffe /
Resource Hash
48bd457befd1682d1e21bd4327a12799559ecc1308da5413b21ee60d2e6c0dde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14131
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135472
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 08:35:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 16 Aug 2023 14:49:38 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		67 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=himado.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
d109ec6653b86b1b9c8a1eeca2896683aa36c000e5cbcb5b79c9a0d5547aa5d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Aug 2022 18:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69
x-xss-protection
0
expires
Tue, 16 Aug 2022 18:45:09 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122335014-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
618
date
Tue, 16 Aug 2022 18:34:51 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 16 Aug 2022 20:34:51 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDCVHGD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
73bc5351cc177148-YUL
date
Tue, 16 Aug 2022 18:45:10 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
549
etag
W/"ae63ef8ff03da61fffaa7f165729897a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 19 Aug 2022 18:45:10 GMT
js
www.googletagmanager.com/gtag/ 		206 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-C3W7T6H5QW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDCVHGD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ea565a9fef416089d1286f4c48941269989588ed955604212249e92a2facaa60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:10 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74364
x-xss-protection
0
expires
Tue, 16 Aug 2022 18:45:10 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1840378810&t=pageview&_s=1&dl=https%3A%2F%2Fhimado.com%2F%3Fpoprequest%3D1%26dm%3Doandaae.com%26acc%3D96F52E2F-2CB3-468B-900C-1A4B76552CAB&ul=en-us&de=UTF-8&dt=Title&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1571186078&gjid=611879465&cid=1340114832.1660675510&tid=UA-122335014-2&_gid=2132731325.1660675510&_r=1&gtm=2ou8f0&z=585660734
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://himado.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 18:45:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://himado.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1840378810&t=timing&_s=2&dl=https%3A%2F%2Fhimado.com%2F%3Fpoprequest%3D1%26dm%3Doandaae.com%26acc%3D96F52E2F-2CB3-468B-900C-1A4B76552CAB&ul=en-us&de=UTF-8&dt=Title&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=JS%20Dependencies&utv=load&utl=himado.com&utt=2532&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=1340114832.1660675510&tid=UA-122335014-2&_gid=2132731325.1660675510&gtm=2ou8f0&z=958937320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 21:02:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78173
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=himado.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Aug 2022 18:45:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=himado.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Aug 2022 18:45:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		32 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1736854545924848&correlator=3055333294054281&eid=31068929&output=ldjh&gdfp_req=1&vrg=2022081101&ptt=17&impl=fifs&iu_parts=22149012983%2Ch5-bwg-game%2C300x250-hometop291-00286-dy%2C300x250-homebot291-00286-dy&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=970x90%7C750x200%2C300x250%7C728x90%7C750x200%7C970x90&ifi=1&adks=348927414%2C881860637&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1660675510238&lmt=1660637577&dlt=1660675509258&idt=890&adxs=315%2C650&adys=576%2C1757&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fhimado.com%2F%3Fpoprequest%3D1%26dm%3Doandaae.com%26acc%3D96F52E2F-2CB3-468B-900C-1A4B76552CAB&frm=20&vis=1&psz=1280x0%7C1280x0&msz=970x0%7C300x0&fws=4%2C4&ohw=1600%2C1600&ga_vid=1340114832.1660675510&ga_sid=1660675510&ga_hid=1840378810&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
91f6b2f762de2a77beae3222322a7e5c45f6d82b20d934925f23f950faa737c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13635
x-xss-protection
0
google-lineitem-id
-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://himado.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0C2F 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://himado.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Aug 2022 18:45:10 GMT
expires
Wed, 16 Aug 2023 18:45:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
73bc53535bf0ecfa-YUL
date
Tue, 16 Aug 2022 18:45:10 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
1651
etag
W/"2f96824aee4bf927e734cc519e3e726d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 19 Aug 2022 18:45:10 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-122335014-2&cid=1340114832.1660675510&jid=1571186078&gjid=611879465&_gid=2132731325.1660675510&_u=YEBAAUAAAAAAAC~&z=1109114231
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://himado.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 16 Aug 2022 18:45:10 GMT
content-type
text/plain
access-control-allow-origin
https://himado.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
64811b50bdfd7ddc3ddae748d1de166e.png
himado.com/uploads/games/20210906/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210906/64811b50bdfd7ddc3ddae748d1de166e.png
Requested by
Host: himado.com
URL: https://himado.com/heihei/js/swiper.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2e9e422957b6658327b7cfab36fd27c9bd6d7054e7fcd6e1aeea09abeb95c7c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6903
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
111201
last-modified
Mon, 06 Sep 2021 07:43:53 GMT
server
cloudflare
etag
"6135c6b9-1b261"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjZWfzhUdQcD2ZnWJ6opX4JZMN%2FMcVoEq7yRyIvlv8h6OHgLvcRPNZtREiXEFis6UJ3Nx5h61dd3qXB1%2FwVkDOo4ilMBkuzmGoC3WTK7IViFHxzxOtNgiNJtS6QrrHrB%2F8nmWM0G31ix"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc53538c40ecfa-YUL
expires
Wed, 17 Aug 2022 04:50:07 GMT
cdc3e4f31cd81686bc01318187577008.jpg
himado.com/uploads/games/20210906/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210906/cdc3e4f31cd81686bc01318187577008.jpg
Requested by
Host: himado.com
URL: https://himado.com/heihei/js/swiper.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95f51bb6732944a5f3fdc0672572993b864b3f43e642342c1575b64f17e9f562

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37687
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
67918
last-modified
Mon, 06 Sep 2021 07:44:49 GMT
server
cloudflare
etag
"6135c6f1-1094e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8fpI%2BgZ4XFKwGTAcnXITzWcQG8IIULeiFDdmL2L%2F7rJ2usVZszM30ytF3CodCiH7vxu1QP8kk5c5H2fdKqbOM1mVRQ83F5HWLM%2FhuVyB5T5P7DUdVEmMEATuZ1rAJLEYYKuWklsjnuS7"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc53538c45ecfa-YUL
expires
Tue, 16 Aug 2022 20:17:03 GMT
collect
analytics.google.com/g/ 		0
343 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-C3W7T6H5QW&gtm=2oe8f0&_p=1840378810&_gaz=1&cid=1340114832.1660675510&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660675510&sct=1&seg=0&dl=https%3A%2F%2Fhimado.com%2F%3Fpoprequest%3D1%26dm%3Doandaae.com%26acc%3D96F52E2F-2CB3-468B-900C-1A4B76552CAB&dt=Online%20Game%20-%20The%20best%20casual%20game%20center%20which%20you%20don%27t%20need%20to%20download%20any%20app!&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C3W7T6H5QW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 18:45:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://himado.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-C3W7T6H5QW&cid=1340114832.1660675510&gtm=2oe8f0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C3W7T6H5QW&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 18:45:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://himado.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-C3W7T6H5QW&cid=1340114832.1660675510&gtm=2oe8f0&aip=1&z=167859146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 18:45:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
73bc534cbdddecf2
himado.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 4CA1 		2 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://himado.com/cdn-cgi/challenge-platform/h/b/cv/result/73bc534cbdddecf2
Requested by
Host: himado.com
URL: https://himado.com/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=73bc534cbdddecf2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 16 Aug 2022 18:45:10 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAfSR7vyGRwfSeyn3t3370PbOfrlKv9sTVplkQ9JHq7uzO6HpumbWcuCkD8maYPxOOuIKpIC%2FVWMq%2F4WfLQzxOugkfNhIMlI0wYH8KlVO0bzqNuJ2UQxzECkKjqHg1Mfm6O1cw11A5MZ"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
73bc53560f8cecfa-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Bikes_Hill.jpg
himado.com/uploads/gamepic/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/gamepic/Bikes_Hill.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c48c1999d00968c5ba56ad609e8847c2c34bdd193269ad63beb135a47725f10

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37679
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14689
last-modified
Mon, 12 Jul 2021 03:46:40 GMT
server
cloudflare
etag
"60ebbb20-3961"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=je%2BIfsTAYQyltnRmCNP4QIGrKd1Ao7ZKOjHQCMFjL2KmYZrX9lQvp7q5aRCw0NFvABW5vBEPfIuYL1KiAwkIXFp8%2FwRb9naLprm%2F2RvHBZqMIueFetPAim%2FEQWeJOQR1tc6kIV5IWdhp"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc53564801ecfa-YUL
expires
Tue, 16 Aug 2022 20:17:11 GMT
realistic-parking.jpg
himado.com/uploads/gamepic/20220505/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/gamepic/20220505/realistic-parking.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d16baf3b26e3f43532b443cb6dc150bec8eb5ff5cc651ef87474dd4ee58d06b8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9923
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18038
last-modified
Thu, 05 May 2022 06:11:22 GMT
server
cloudflare
etag
"62736a8a-4676"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BkJa%2FsHNrfoWS5rU7hGprChwcjCztN4LJdzWvL0VgyRWG%2B72zgqyzqWudal3fbix9TwCBdAwt0%2FmhUzq1P8QRHIv%2Fn6eIIYGwnOa66NULVoLQTFGzN4GyZBTjzBDiPcANK%2BoK32BKA2l"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc53565818ecfa-YUL
expires
Wed, 17 Aug 2022 03:59:47 GMT
EPIC_RACE.jpg
himado.com/uploads/gamepic/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/gamepic/EPIC_RACE.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
923c5f4e6e2b38317d068423af3201d670ef3aebc56bd93ef572f3804dd26f01

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34829
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22821
last-modified
Mon, 12 Jul 2021 03:46:29 GMT
server
cloudflare
etag
"60ebbb15-5925"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPFbURXuRKYBRdYQgHA6ZdKUlAD%2B%2Bn8qm6SLbIxYhKbjsyg74DIUK0YLznrCBX3pB6GxboUGIjqV%2FGvfPqRowcdA6itoMAZO1RZldIBxxme%2BM8dBx6ScE7jI7Zb1ZfxKeNTqD7gkb%2BHK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc5356581becfa-YUL
expires
Tue, 16 Aug 2022 21:04:41 GMT
bac2f48b1fb7c21e.png
himado.com/uploads/gamepic/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/gamepic/bac2f48b1fb7c21e.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db8df7aec84bcc774a5672ded0191d8b617cf54810c1bdb98c4c36edf6329f04

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6527
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29759
last-modified
Tue, 24 Mar 2020 08:40:22 GMT
server
cloudflare
etag
"5e79c776-743f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mow1TR7yo49vjU%2FkNUQiyD1FXXT9hwo1r%2Bi%2BTnxZETuRALojopMGZzhR1ryr5C8Q7%2BEfjb54eToRpya82aD7CNMwFCBwjVUHHLwB916dD1uHarpGIGHqN8RljwcEsbrIyLQBlqhYW%2BL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc53565822ecfa-YUL
expires
Wed, 17 Aug 2022 04:56:23 GMT
dice.png
himado.com/uploads/gamepic/20220420/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/gamepic/20220420/dice.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
361bc24c2c761b758f10c6f21a8eeb4a7288a9b86f7ec96b6c7061e7f7735161

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6527
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34623
last-modified
Wed, 20 Apr 2022 06:20:37 GMT
server
cloudflare
etag
"625fa635-873f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Noo3Mr%2BJAkbA68qu%2FCG7295HOHf%2BknVGKu0sVDvhTgAwckdXZdnZis5u4tnkkzIngeASogdny9T9kEqhVW0Omjw5i%2FESzuc3uQHHk4uSyRYFnuwe2RRcO0VyUTb3Qf76mc3pPhOcPI9e"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc53565823ecfa-YUL
expires
Wed, 17 Aug 2022 04:56:23 GMT
Sky_Track_Racing.jpg
himado.com/uploads/gamepic/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/gamepic/Sky_Track_Racing.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
752ff5fbd817a01cc78b44cb085a30a4485044952e88dd91a04d58b0e6db61e4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16437
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24534
last-modified
Mon, 12 Jul 2021 03:45:56 GMT
server
cloudflare
etag
"60ebbaf4-5fd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4C7Tn%2FIaPBknHw4WkW2EbB%2BDKX9zcBnHMYhWlnqRcm8XrEQ4JRf%2FLD8rqFcDNjeY6XIyQ4QxMKtU%2B9PxTzEIE0KdzWHHWnw0SbxS%2BgRh40xL%2F63h4PVncDUw6YXLmoP4%2B4C%2BRw%2Bqoeh"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc53565827ecfa-YUL
expires
Wed, 17 Aug 2022 02:11:13 GMT
456817b8e79b10fe235ec2efd9f49d02.jpg
himado.com/uploads/gamepic/20220422/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/gamepic/20220422/456817b8e79b10fe235ec2efd9f49d02.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00a18095a9413b23ac96af1141b58fc5dab0639c5867280902fd88425e1a7354

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20503
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51900
last-modified
Fri, 22 Apr 2022 08:01:52 GMT
server
cloudflare
etag
"626260f0-cabc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VXodZKnBI%2FcuSlyUmaSvhXLXyk7HQEm0WtaIetHnO4DcO5g7ljVqoNfXuNS6GMAdEI4QCn2aGhEK8%2FiLZFQOWL3WW022m6zFsxm5eypG%2BRSCgvc97sZ8zgzPx%2FHtanqw9I5q2tIVDDVG"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc5356582becfa-YUL
expires
Wed, 17 Aug 2022 01:03:27 GMT
b8b958d965954c50.png
himado.com/uploads/gamepic/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/gamepic/b8b958d965954c50.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc71f88a1c3f3b323ac61c05ea9706fd61f8770a13f233b7dbbc3ffaaaa6d649

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6518
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32304
last-modified
Tue, 24 Mar 2020 08:40:22 GMT
server
cloudflare
etag
"5e79c776-7e30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIF4wo8DRvinOTx81VRUjOdccuFThlpi11S9b18CdrfP5AiaZT5s%2FFLd%2BzH%2FbMPn4tSIK7g1Fzp2Moe58V5vOks7macXNXGEUwU3w0UqizgArnHiAdPdvRUFpX0m4x%2BWMWLqnXGAMD1T"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc5356582eecfa-YUL
expires
Wed, 17 Aug 2022 04:56:32 GMT
news_short_cut_pro.png
himado.com/uploads/gamepic/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/gamepic/news_short_cut_pro.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
538e9caea2746c67da3320808a2852ac0f370a6b792d73b5ef1162f505e90a07

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
35
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
62669
last-modified
Mon, 12 Jul 2021 03:45:57 GMT
server
cloudflare
etag
"60ebbaf5-f4cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=430jT0sRsPrqpzODr38tQPUMU3VpxQc2GmjMTXsmaU00v6eVONAGpY8ZS7O0yNPjGuNM3IWp%2B%2Bslt%2BB79wprgE30rdCOgn9dSAKrPZFbldX07jmSQdO2tZ8GfTsx4Z753gqByhgTBu9l"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc53565834ecfa-YUL
expires
Wed, 17 Aug 2022 06:44:35 GMT
Love-Cat-Line.png
himado.com/uploads/gamepic/20220420/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/gamepic/20220420/Love-Cat-Line.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
415de11d44a6d08ec21b6dbb0cd603c6bd70091266067b0d35e5a11db7cef7ef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6518
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12072
last-modified
Wed, 20 Apr 2022 06:20:42 GMT
server
cloudflare
etag
"625fa63a-2f28"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XpLXGMK%2BcmU53CIFI5RnhTdgdZBOchCCUigsogLH1w%2FzXPqQME7ij6EXXP%2B9d4roednV7iZ8rpHxfW5k%2FZoobIi0GxflXVx1lxyC9OK8C88WRtWgzqA1JTQIB5Mn7WAlOMt7h80djTiS"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc53565836ecfa-YUL
expires
Wed, 17 Aug 2022 04:56:31 GMT
Snack-Rush-Puzzle.png
himado.com/uploads/gamepic/20220420/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/gamepic/20220420/Snack-Rush-Puzzle.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e78f27b21aa56a61e96be8f255b3ed39a2c7522210822bee583679f95437ad3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6518
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42597
last-modified
Wed, 20 Apr 2022 06:20:50 GMT
server
cloudflare
etag
"625fa642-a665"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBIrx%2BIctPtqgbVujZDWUNYS8LSJN%2FQjVLJg1WW%2BrpLtU2mQQsMKCdwl1pet5wIUfiOIwL6r72jVZjGXb0PDJoi5ObSzKVGUEXNzSzfDSPcg94WoRS1%2BNy2fY6BNkN8646tk3LEHRjZE"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc5356583aecfa-YUL
expires
Wed, 17 Aug 2022 04:56:32 GMT
Brick_Surfer.jpg
himado.com/uploads/gamepic/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/gamepic/Brick_Surfer.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d297ddf496836cff8b0908d5bca35bf60bee8e33fd1fd615602f8f92acf36d12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
35
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9971
last-modified
Mon, 12 Jul 2021 03:46:38 GMT
server
cloudflare
etag
"60ebbb1e-26f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9sxeMbbYwlCbw5d5pxq5f7tcB9SgTOebKM%2F5%2BF6q6ZBV8NgPbstrbL0PXtZGyjJm81f0V%2FPVeB6GS7knBbSO1KAx2SCm4Afxszw0e7H%2Fx8BRfluLglsEBbJlrKyJwExpN35xGy2Gq%2F%2Br"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc5356583decfa-YUL
expires
Wed, 17 Aug 2022 06:44:34 GMT
Snowball-Io.png
himado.com/uploads/gamepic/20220420/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/gamepic/20220420/Snowball-Io.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f92248344dd1c12d71249c07ec95975304111cb555aeb2c96b41ef7fb7a8bda8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23729
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13537
last-modified
Wed, 20 Apr 2022 06:20:51 GMT
server
cloudflare
etag
"625fa643-34e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vKGWpEmONeGRfe%2Bla1LKlQXtzB3BtcJgZ2E1PunS%2FqtLyZpP22KhWx%2BmSWTS4QK1TQGuiaD7xZ8uVrqPt2b%2BB%2FCHk3lAjGLn2nAEkxU2bKOhMzZv34nt8hYqnPvn8rTtpEgtWlmMSON"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc53565845ecfa-YUL
expires
Wed, 17 Aug 2022 00:09:41 GMT
Marshmallow_Rush.png
himado.com/uploads/gamepic/20220420/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/gamepic/20220420/Marshmallow_Rush.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80f3fa631f13be066803ff907c2fb603c6e1565ac6cf48f0bc05748237024aff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32321
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37220
last-modified
Wed, 20 Apr 2022 06:20:43 GMT
server
cloudflare
etag
"625fa63b-9164"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ml5xU0mJ3WOBXo1K3yNsXVfReFy%2B0tvbnZKqu30IKeTSkvPrNRPbtDZUvMg7m9iYjEqZRQJAMFVrWR%2BcF8G4okj6S4jLZrd1Zj%2BkHH%2F6RquFjeCP81%2BQxPWmMqTu4Ivh8dl854dUHITV"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc53565846ecfa-YUL
expires
Tue, 16 Aug 2022 21:46:29 GMT
news_funny_ball.png
himado.com/uploads/gamepic/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/gamepic/news_funny_ball.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e4cc44a9b1337d0415ecce9d454bcd1a3d8e5eb5779a44b989a48aeea92adb9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6897
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
49473
last-modified
Mon, 12 Jul 2021 03:46:20 GMT
server
cloudflare
etag
"60ebbb0c-c141"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=blqS5rBu1GgXRoAkAWr7dma3QwyVAKHYiCNN6s31adGDq%2B4vhVCGDG0gHZjGr%2FmZhqbvCT%2FmdM7vrO5f34bMjzVGIbJ1vWDLfM%2B19VcGNNJFP9KJ9BwWc%2F%2Fdn8NcumPNeOy2owoKv0aw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc53565849ecfa-YUL
expires
Wed, 17 Aug 2022 04:50:13 GMT
container.html
b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 02E2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://himado.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Aug 2022 18:45:10 GMT
expires
Wed, 16 Aug 2023 18:45:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-122335014-2&cid=1340114832.1660675510&jid=1571186078&_u=YEBAAUAAAAAAAC~&z=1607812723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 18:45:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-122335014-2&cid=1340114832.1660675510&jid=1571186078&_u=YEBAAUAAAAAAAC~&z=1607812723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 18:45:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=himado.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Aug 2022 18:45:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=himado.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Aug 2022 18:45:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		142 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1736854545924848&correlator=3055333294054281&eid=31068929%2C44767022&output=ldjh&gdfp_req=1&vrg=2022081101&ptt=17&impl=fifs&iu_parts=22149012983%2Ch5-bwg-game%2C320x480-OutOfPage291-00286-dy&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&adks=57346482&sfv=1-0-38&ists=1&fas=8&fsapi=false&sc=1&cookie=ID%3D6495d97833b66519-22c54caba27c0084%3AT%3D1660675510%3AS%3DALNI_MZkEnKWZzEjUNVQkuF3c7OU1yE13Q&gpic=UID%3D000008a8684022a2%3AT%3D1660675510%3ART%3D1660675510%3AS%3DALNI_MZQnPVq_cvmgDrl10P6JGAnet0NAA&abxe=1&dt=1660675510925&lmt=1660637577&dlt=1660675509258&idt=890&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fhimado.com%2F%3Fpoprequest%3D1%26dm%3Doandaae.com%26acc%3D96F52E2F-2CB3-468B-900C-1A4B76552CAB&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AEC3cPLEC5p1exrRec7vYVQlnhNd&ga_vid=1340114832.1660675510&ga_sid=1660675510&ga_hid=1840378810&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
42115294290b2afde8f86838fe55fe6c88f8fdf85e56e62c6fe44fb74216bec8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42093
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://himado.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads_2022081101.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022081101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
sffe /
Resource Hash
b5d59cabb74825156b2bb79c42dfa9f625e1ea9c99fc1d404acacb4f93314b23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 10:41:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
461049
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13585
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 08:35:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 11 Aug 2023 10:41:01 GMT
web
onesignal.com/api/v1/sync/1c27b08e-1c8c-4dad-9ab6-d79c42880b12/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/1c27b08e-1c8c-4dad-9ab6-d79c42880b12/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcaecf33ea61e162850e975ffd0bbc8138bea4636875a15a52dcfc1458c9e263
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:10 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
35
cf-polished
origSize=5060
status
200 OK
x-envoy-upstream-service-time
48
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
aa9b29a2-c873-4e90-8a8c-7beaf0190a22
x-runtime
0.046261
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"ce4b89e95dbbd2482bcf5be460090768"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
73bc53577d2e7148-YUL
access-control-allow-headers
SDK-Version
expires
Tue, 16 Aug 2022 19:45:10 GMT
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:275872339125:web:a0fef1224a5c7701cedafc/ 		273 B
219 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:275872339125:web:a0fef1224a5c7701cedafc/webConfig
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/8.1.2/firebase-analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2c8fe61cd07989006b159dd9e07b3a880887bfbb1aa2c075704e5daa874f88f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://himado.com/
x-goog-api-key
AIzaSyCqhd7rupV4h4ZzOYLoe37dfYn6hLV5I0Q
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://himado.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
196
x-xss-protection
0
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:275872339125:web:a0fef1224a5c7701cedafc/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:275872339125:web:a0fef1224a5c7701cedafc/webConfig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-api-key
Access-Control-Request-Method
GET
Origin
https://himado.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers
x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://himado.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Tue, 16 Aug 2022 18:45:11 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
stat.htm
z3.cnzz.com/ 		2 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z3.cnzz.com/stat.htm?id=1280305902&r=&lg=en-us&ntime=none&cnzz_eid=1897548919-1660675438-&showp=1600x1200&p=https%3A%2F%2Fhimado.com%2F%3Fpoprequest%3D1%26dm%3Doandaae.com%26acc%3D96F52E2F-2CB3-468B-900C-1A4B76552CAB&t=Online%20Game%20-%20The%20best%20casual%20game%20cente...&umuuid=182a7f952ba25a-07cd6942416131-1e303679-1d4c00-182a7f952bb700&h=1&rnd=573946111
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2408:873c:7a00:2000::5 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:11 GMT
content-encoding
gzip
server
Tengine
vary
Accept-Encoding
content-type
text/html; charset=utf-8
core.php
c.cnzz.com/ 		969 B
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.cnzz.com/core.php?web_id=1280305902&t=z
Requested by
Host: himado.com
URL: https://himado.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.185.164.250 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
0748ab8cb7cc0d5778c942850f6b83fa04f80a21ff32d13fc62d9f247119a5db

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:41:03 GMT
content-encoding
gzip
age
248
x-powered-by
PHP/5.5.25
x-cache
HIT TCP_MEM_HIT dirn:7:104989456
x-swift-cachetime
900
x-swift-savetime
Tue, 16 Aug 2022 18:41:03 GMT
content-length
619
last-modified
Tue, 16 Aug 2022 18:41:03 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1660675263
content-type
application/javascript
via
cache6.l2cn1836[280,280,200-0,M], cache29.l2cn1836[281,0], cache20.cn4100[0,0,200-0,H], cache7.cn4100[0,0]
timing-allow-origin
*
eagleid
dcb9a49b16606755112822559e
expires
Tue, 16 Aug 2022 18:56:03 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 02E2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-IFntuX7YpTNEojMmASWtYbAAeySrZFg99rS06wMwI23ARABIABgyb6sjNCk5A-CARdjYS1wdWItNzAxNTIzNTEyMDkxNTc2OaABlfWb3wPIAQngAgCoAwGqBLUCT9Cwk6tuIfWERHfJMHNKDv02DD0XxSQMfSmJ0pcF3OkZsjmRiiNWrNaTdYo__7o-knwJm8T8K4UrqhvDBEMwTjLHf6NqzDMU8C_nRuKBL9LLZejoxemDAr2B_XyHEqPH7_K63u4mlGBjrldPsop0WtG1agUalin7xAAe3SMEmVkaet5FioR7FNYVAjlFAZOGYL3DezEZf59M5fcAvL2u24zrQKXIL8dFJT7j2clfkfhhathpob3Beo7gTuzwlyn7mFLCLdhNIZRwoflFYfRWS2m3RvrebZgAEaayWALUoJhSyz6gv_0Ai-zt1UOo5WzBBcQZ9h08-r3F_oXw_bWephLcigqa1xU6YSpNXYQzJiBMAWWRdrJEhn5Q9wi_-jHknLP5H26KbBOftLr_mXPV97LDwFrC4AQBgAawjJj3yrTYgxWgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggOCIhhEAEyA4qCAToCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzAxNTIzNTEyMDkxNTc2ORjo3Xg&sigh=0EgsVObQnk4&uach_m=[UACH]&cid=CAQSPgCsnQUxD3xNl4SbiKYNgUkLC7WzMeIu1MzcKsryA4nf1TnlX28L-FamwzxFLbDd2SwmLC6tBMxnpY2xDB7uGAE
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
log
hblg.media.net/ Frame 02E2 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=US&ctr=-1.0&viewability=89&device_id=4&cbdp=0.02&slotVisibility=1&dn=himado.com&acid=680c5ffb616746a0b1b5d831a9f96a3c&ugd=4&size=970x90&pvid=294&csip=rtb-appnexus-c76f7c65b-f54qd.SC&ogbdp=0.02&sc_pvid=9&prvReqId=114515626180756_758921233_11621109132941&itype=ADX&requrl=https%3A%2F%2Fhimado.com&scrid=1700080806124000970009000001000&mang=1&bidrestime=1660675510543&cid=8CUU9JF8H&rme=nurl
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 18:45:11 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 16 Aug 2022 18:45:11 GMT
log
qsearch-a.akamaihd.net/ Frame 02E2 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=20&splid=&app_type=&bdr_typ=1&ogerpm=0.01&dn=himado.com&stid=&other_prv=9%2C294&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.79+Safari%2F537.36&jar_err=&buyer_id=&bdp_wider_bucket=1&adtyp=0&acid=680c5ffb616746a0b1b5d831a9f96a3c&req_id=ASXLaaZdkd2Xj_Pl8fZFCA&bidfp=0.0100&pvag_id=&ugd=4&infl=&o_ver=NT+10.0&br_ver=104.0.5112.79&exp=&ver=8.13.0&totalTimeBucket=2&visibility=1&fdbk_id=&second_bidder=9&totalTime=2044080&e_rpm=&dmm_m22=0.0100&gpid_format=&gdpr=&vsid=&seat=BID_API&size=970x90&f_seg=PC_Games&prdp=&gpid_sent=false&ogerpm_used=false&cid=8CUU9JF8H&bcrid=1700080806124000970009000001000&ogcbdp=0.0200&dfpbd=&server=6&ogerpm_wd_bkt=0-1&viewability=0.89&rawbid=0.02&dmm_r=&dmm_l=&sub_bidder=196&tcyerpm=&sc=PA&send_erpm=false&pst=EMS&sd=&hb_exp=&pbshr=100.0000&seg=cpa_auto_ins_pop_cat%2Ccpa_auto_ins_pop_cat_mixed%2CPC_Games%2Csegment_broad_games%2Csegment_ic_video_gaming%2Cuniversal_orlando%2CVideo_Gaming&dmm_d10=&o_id=101&clisp=rtb-appnexus-c76f7c65b-f54qd.SC&adblk=348927414&ugd_ver=&requrl=himado.com&itype=adx&pvid_seat=294_BID_API&bidrestime=0&cc=US&strg=smm_migration_test&ss=&cliIP=0&advurl=https%3A%2F%2Fsearch.yahoo.com&crid=116211091&time_stamp=2022-08-16+18%3A45%3A10&sat=1&rvshhon=&bdp=0.0200&br_id=265&ct=Slatington&akey=&mnckfl=0&gpid=&iwb=1&second_bid=0.02&sc_pvid=294&capd=&algo=&other_bids=0.02%2C0.02&dc=east_sc
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.117.182.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-8.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 Aug 2022 18:45:11 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 16 Aug 2022 18:45:11 GMT
nmedianet.js
contextual.media.net/ Frame 02E2 		159 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.40.22 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-40-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d6603511e62a3c207717ac8c74e9765f3c9ef7487f6ac89af6cc40e5fbdeb9c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-mnt-h
21-4dlt
content-encoding
gzip
etag
"f4dac9d58d823f113d1f6642ff66b90a"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Tue, 16 Aug 2022 18:45:11 GMT
x-cache-hits
0
strict-transport-security
max-age=31536000
x-mnt-w
8-7
expires
Tue, 16 Aug 2022 18:50:11 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 02E2 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Tue, 16 Aug 2022 18:45:11 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=18966
access-control-allow-credentials
true
content-length
62892
expires
Wed, 17 Aug 2022 00:01:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220815/r20110914/client/ Frame 02E2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220815/r20110914/client/window_focus_fy2021.js
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:42:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Aug 2022 18:42:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 02E2 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1b0541f82f31cab4d9c95f9e0ed760d579580a0dde81bfa342effb6c8b677d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44049
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660562816195624"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 16 Aug 2022 18:45:11 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220815/r20110914/client/ Frame 02E2 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220815/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:42:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Aug 2022 18:42:37 GMT
l
www.google.com/ads/measurement/ Frame 02E2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdvIVQGzmfVXzCfEHBirO_trHRcQ3pkNnkyxOpFLabHLg9bE-QUfP2XXh44o87vjWaHlm4mH_OQBo6hz8Yquks9mrTOA
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 02E2 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 07:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
300052
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 13 Aug 2023 07:24:19 GMT
installations
firebaseinstallations.googleapis.com/v1/projects/dq-game/ 		625 B
513 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/dq-game/installations
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/8.1.2/firebase-messaging.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
238abfc1228105f142c0103fb4f8e388b659e6b43e3dd3a6590842397bb25f72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://himado.com/
x-goog-api-key
AIzaSyCqhd7rupV4h4ZzOYLoe37dfYn6hLV5I0Q
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type
application/json

Response headers

date
Tue, 16 Aug 2022 18:45:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://himado.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
490
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/dq-game/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/dq-game/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://himado.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://himado.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Tue, 16 Aug 2022 18:45:11 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
smtr
contextual.media.net/ Frame 233F 		67 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=134276238&size=970x90&cc=CA&chnm=smm_migration_test&pid=8POJ4N28G&tpid=TJD0857&https=1&vif=2&requrl=https%3A%2F%2Fhimado.com&nse=5&vi=1660675511579950745&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&bae=B44e4x4BBe&bcpf=8fOnRrolnfOur8B44e4x4BBe&bdrId=294&bid=325628&ntv=0&matchstring=hr%3D0%7C&kttle=SafeFrame%20Container&katpre=1&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&katbid=-21&katid=808061240&kapc=12&ekals=775EJvu99ui%7C%7CE7vu%7C%7CjY8Ovz1%7C%7C77OvW&kata=aton&ekalog=bVrvW%7C%7CPPVrvwW%204hH%20Ygqfl%20N6lN%7C%7C%3DVvfhWW%7C%7CcVvfhWW%7C%7C_TVrvF%7C%7CbVvfhWh%7C%7CqVrvu%7C%7Cc0_rvFH9%7C%7C_0_rvFAWX9h9fFFhiA99&pgid=p01343711635t202208161845&goent=1&htmlsrc=1&allsc=QC
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.40.22 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-40-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1a2eda4ea2f12c413a0551ff0ec290bef4c6074e1a7be615e18748c9622e052b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
26491
content-type
text/html
date
Tue, 16 Aug 2022 18:45:11 GMT
expires
Tue, 16 Aug 2022 18:45:11 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-sc-h
21-285m
x-sc-w
21-tm5p
bping.php
lg3.media.net/ Frame 02E2 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=533&&vgd_cdv=777&gdpr=0&prid=8PRN625DH&cid=8CU5RJ1PV&crid=134276238&vi=1660675511579950745&ugd=4&lf=6&cc=CA&sc=QC&lper=100&wsip=2886781032&r=1660675511202&requrl=https%3A%2F%2Fhimado.com&vgd_bid=325628&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=16276&vgd_rakh=1660675511115668470&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_pgid=p01343711635t202208161845&vgd_pgids=1&vgd_uspa=0&hvsid=00001660675511198025035145561354&gdpr=0&vgd_end=1
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Tue, 16 Aug 2022 18:45:11 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=40848
content-length
15
checksync.php
contextual.media.net/ Frame 6598 		26 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C4%2C20000%2C313%2C10000%2C9%2C319%2C294&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.40.22 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-40-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1810cb889334e2f37e878a2a80852ad1871c455f024726a7daa1fd9ed64c7821
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9327
content-type
text/html; charset=UTF-8
date
Tue, 16 Aug 2022 18:45:11 GMT
expires
Thu, 18 Aug 2022 18:45:11 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 02E2 		35 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4808&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=3&spSource=0&ifst=0&vid=ASXLaaZdkd2Xj_Pl8fZFCA&s_city=morganton&ugd=4&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D3%7Cfl_rl%3D1%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=3&sc_bdp=0.020&device_id=4&ae=false&mx_UCC=2&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=970x90&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=d9c789bf&scrid=1700080806124000970009000001000&itypeid=17&mx_SPRIG=1&viewability=89&renderer=0&be=0&rtime=63.0&adj0=0.0&tmax=300&s_ip=74.125.19.9&adj2=0.0&adj1=0.0&feedback_id=ASXLaaZdkd2Xj_Pl8fZFCA&adtypes=0&mx_aabpc=0&reqid=ASXLaaZdkd2Xj_Pl8fZFCA&sc=PA&mowxReqId=680c5ffb616746a0b1b5d831a9f96a3c_1&ifdp=0&requrl=https%3A%2F%2Fhimado.com&bidrestime=1660675510543&pv_adtype=0&cc=US&strg=smm_migration_test&cxtSgmt=PC_Games&pcrid=8CU5RJ1PV-134276238-34-5&coppa_enf=true&sc_prspt=headerBid&bdp=0.020&ct=Slatington&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7Csmm_migration_test%7Cbrr%3D1&mx_epbc=8CU5RJ1PV&dnt_enf=false&mx_ssBucket=0&vls=0&asn=16276&mang=1&sc_cbdp=0.020&fleet=appnexus&mx_isLossNtf=false&advUrl=https%3A%2F%2Fsearch.yahoo.com&dn=himado.com&pgcatiab2=684&dt=O&acid=680c5ffb616746a0b1b5d831a9f96a3c&actltime=76&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C48%7C16%7C17%7C114%7C18%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.02&sckfl=0&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CU5RJ1PV&epcexp=false&pubid=pub-ADX-116310109131&mx_bsProfile=0&cid=8CUU9JF8H&bcrid=1700080806124000970009000001000&omul=1.0&res_mtype=0&apPrfs%3C%3E=60%23%2313%23%2310%23%2333&pgcatiab=IAB9-30&chnl=smm_migration_test&pst=0&reqsize=970x90&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-ADX-116310109131&__expireat=1660676110798&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=134276238&ckfl=0&pgcatsprig=105&lper=1&mx_tgs=750x200%7C930x180%7C970x90&cbdp=0.02&sc_advUrl=https%3A%2F%2Ftopics.businessfocus.online&pvdTmax=247&ltime=74.0&epc=134276238&prvReqId=114515626180756_758921233_11621109132941&zip=18080&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-7015235120915769&ybnca_erpm=0.01&brsrclk=0&sbdrid=196&rtttime=86&apTags%3C%3E=75&mx_PC=1&wsip=mowx-lite-69d9d8d79-w4fqs&currsrc_date=2022-08-16+00%3A00%3A00&sc_adj0=0.0&sc_adj1=0.0&sc_adj2=0.0&psrc=fail&geoll=false&omid=0&debug_ts=2022-08-16+18%3A45%3A10&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=1&usp_enf=1&bidflr=0.010&sc_ogbdp=0.02&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=294&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AHfbET4DVRU72raKkV2FAGAfa1fP7koNIhqC6NyPahQU6cb9PcjbfKsMebDpKQk3RSPRkUsG&dmm_ogerpm=false&csip=rtb-appnexus-c76f7c65b-f54qd.SC&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=east_sc&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=348927414&fpuReq=1&vcmplrt=-1.0&crid=116211091&geo_source=2&sat=1&mnet_ckfl=0&mp_seg%3C%3E=44717%23%2344713%23%2355664%23%2352765%23%237773%23%2344758%23%2317233%23%2358601%23%237769&sc_pvid=9&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.01~smm_bid%3D0.02~vis_sd%3D389~url_rps_b%3D10.32~dc2%3D1~bat%3D0%2C0%2C0~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2022081607~iurl_b%3D8542.63~url_tkc%3D0~url_r2a_b%3D0~std%3D~last%3D~cvog%3D2.12~vis_url_b%3D0.68~ip%3D2Jqus0~fbb%3D0~vis_url_l%3D10~riipua%3D0%2C0~et%3D15~rc%3D3%2C23379~rps_sd%3D2022081612~vis_b%3D855.84~url_b%3D0.5~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~smm_wr%3D5.6887~url_l%3D40~gcat%3D500701~bb%3D196~vv%3D0~cvl2r_sd%3D391~l2r_b%3D1000~erpm%3D0.01~vl2r_url_kc%3D0E0~vl2r_up_l%3D0~bm%3D1~smm_sd%3D2022081612~sid%3D134276238~sd%3D0~uid%3D1Ie2LetDLqBkbUATs~url_rps_kc%3D0~cvl2r_b%3D2.12~btd%3D60445513074782207345967844996689858651514543585505832553272821333254812984676352~cvl2%3D2.12~3pcf%3D656.19~uim%3D0~dmm_strg%3Dsmm_migration_test~vl2r_up_b%3D0~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D19.45~url_srps_b%3D10.35~CI%3D2719~nts%3D3~tb%3D-1~ct%3Dmontreal~basis2%3D196~basis1%3D196~isRef%3D0~isif%3D0~lc%3D1~url_rpc_b%3D0~bid%3D0.02~dc%3D8~url_rps_rv%3D0~vl2r_b%3D0.12~supply_tag_id%3D%7Eviewability%3D0.89%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dsmm_migration_test%7Esuid%3D%7Esgmt%3DPC_Games%7Edtc%3Deast_sc%7Exid%3DADX-pub-7015235120915769%7Edalg%3Dsmm%7Ehtml%3D1%7Eadblk%3D348927414%7Esobp%3D0.02%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Esmm_api%3Dv1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D750x200%7C930x180%7C970x90~bsb%3D0~bsp%3D0~tmx%3D247&utime=681&sf=0&cpr=0.12446613886365343
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
max-age=3600
date
Tue, 16 Aug 2022 18:45:11 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Wed, 17 Aug 2022 00:45:11 GMT
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=824027566&si=48b689ef96fe9a8a0db038f2830c76c7&v=1.2.97&lv=1&sn=18611&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fhimado.com%2F%3Fpoprequest%3D1%26dm%3Doandaae.com%26acc%3D96F52E2F-2CB3-468B-900C-1A4B76552CAB&tt=Online%20Game%20-%20The%20best%20casual%20game%20center%20which%20you%20don%27t%20need%20to%20download%20any%20app!
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 Aug 2022 18:45:11 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
truncated
/ Frame 02E2 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cd65682c384602190d8f15db76f13e6fe755703e38a18b94687d629a7808e6b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
cksync
cs.media.net/ Frame 6598
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzAzNjc3MTExMTQ1NTYxNzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEJI8USgGZq1LVZJ0YKBxJjI&google_cver=1
45 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEJI8USgGZq1LVZJ0YKBxJjI&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C4%2C20000%2C313%2C10000%2C9%2C319%2C294&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 18:45:11 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 16 Aug 2022 18:45:11 GMT

Redirect headers

pragma
no-cache
date
Tue, 16 Aug 2022 18:45:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEJI8USgGZq1LVZJ0YKBxJjI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9152 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://himado.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Aug 2022 18:45:10 GMT
expires
Wed, 16 Aug 2023 18:45:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
9.gif
cnzz.mmstat.com/ 		43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnzz.mmstat.com/9.gif?abc=1&rnd=34380515
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
59.82.33.227 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 18:45:12 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
invisible.js
himado.com/cdn-cgi/challenge-platform/h/b/scripts/cb/ Frame 4CA1 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://himado.com/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=73bc534cbdddecf2
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88dbdaa15556c45a5c31fcf480a16eb362c9394c9bb4061f7430b6cb7f3ad0a7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:11 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4vlUj4BXT%2FczrT9a0uuOrd9z4SSdvn%2FZ0zcUAKlFyrpNQUGStapCjjzQq5mS6Jnpezz7Hdaj%2FA3MsK1kF%2FLp8veg9RQoo0E92vgBbyE0MghKW1FeMZuJ9aAB5c52FNAPb3N%2Fs4gzvak"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
73bc535aadfbecfa-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
997279892502453921c28f779a6a096f89eef3eca06356bd809903500b3cbe2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Aug 2022 18:45:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11008
x-xss-protection
0
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.S0MFEB7Jrgw.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rrjPu-arphKs_q6oTtOBLYqL7zQ/ 		108 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.S0MFEB7Jrgw.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rrjPu-arphKs_q6oTtOBLYqL7zQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=initgoogle
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74996962b30e77ca66697c54556f9b1a000df7bee867cfe4fd9b15a77df4ca20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 23:13:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
415888
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36511
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 15:25:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Aug 2023 23:13:43 GMT
css2
fonts.googleapis.com/ Frame 9152 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 16:54:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 16 Aug 2022 18:45:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Aug 2022 18:45:11 GMT
css
fonts.googleapis.com/ Frame 3ECB 		8 KB
966 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 17:00:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 16 Aug 2022 18:45:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Aug 2022 18:45:11 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220815/r20110914/client/ Frame 3ECB 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220815/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
945
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Aug 2022 18:29:26 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220815/r20110914/ Frame 3ECB 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220815/r20110914/abg_lite_fy2021.js
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:35:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
556
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Aug 2022 18:35:55 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220815/r20110914/client/ Frame 3ECB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220815/r20110914/client/window_focus_fy2021.js
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:42:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Aug 2022 18:42:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3ECB 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1b0541f82f31cab4d9c95f9e0ed760d579580a0dde81bfa342effb6c8b677d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44049
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660562816195624"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 16 Aug 2022 18:45:11 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220815/r20110914/client/ Frame 3ECB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220815/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:42:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Aug 2022 18:42:37 GMT
16838d5bcb4c763c91f5404f5ca97705.js
www.gstatic.com/mysidia/ Frame 3ECB 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/16838d5bcb4c763c91f5404f5ca97705.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 03:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
486608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13605
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 03:14:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 09 Nov 2022 03:35:03 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220815/r20110914/elements/html/ Frame 9152 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220815/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:07:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5852
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8368
x-xss-protection
0
server
cafe
etag
5162546928090487746
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Aug 2022 17:07:39 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9152 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 08:06:39 GMT
x-content-type-options
nosniff
age
470312
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 11 Aug 2023 08:06:39 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9152 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 10:24:38 GMT
x-content-type-options
nosniff
age
375633
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 12 Aug 2023 10:24:38 GMT
truncated
/ Frame 233F 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 233F 		231 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6c1f8a31c1ffac719a6930db183e077fce4b40877d67aeabef1f2532bc04bb6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 233F 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
OpenSans_Bold.woff
res-a.akamaihd.net/__media__/fonts/OpenSans_Bold/ Frame 233F 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-a.akamaihd.net/__media__/fonts/OpenSans_Bold/OpenSans_Bold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=134276238&size=970x90&cc=CA&chnm=smm_migration_test&pid=8POJ4N28G&tpid=TJD0857&https=1&vif=2&requrl=https%3A%2F%2Fhimado.com&nse=5&vi=1660675511579950745&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&bae=B44e4x4BBe&bcpf=8fOnRrolnfOur8B44e4x4BBe&bdrId=294&bid=325628&ntv=0&matchstring=hr%3D0%7C&kttle=SafeFrame%20Container&katpre=1&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&katbid=-21&katid=808061240&kapc=12&ekals=775EJvu99ui%7C%7CE7vu%7C%7CjY8Ovz1%7C%7C77OvW&kata=aton&ekalog=bVrvW%7C%7CPPVrvwW%204hH%20Ygqfl%20N6lN%7C%7C%3DVvfhWW%7C%7CcVvfhWW%7C%7C_TVrvF%7C%7CbVvfhWh%7C%7CqVrvu%7C%7Cc0_rvFH9%7C%7C_0_rvFAWX9h9fFFhiA99&pgid=p01343711635t202208161845&goent=1&htmlsrc=1&allsc=QC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.117.182.59 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-59.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07

Request headers

Referer
https://contextual.media.net/
Origin
https://contextual.media.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Unused62
8096267
Date
Tue, 16 Aug 2022 18:45:11 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-6478"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25720
OpenSans_Semibold.woff
res-a.akamaihd.net/__media__/fonts/OpenSans_Semibold/ Frame 233F 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-a.akamaihd.net/__media__/fonts/OpenSans_Semibold/OpenSans_Semibold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=134276238&size=970x90&cc=CA&chnm=smm_migration_test&pid=8POJ4N28G&tpid=TJD0857&https=1&vif=2&requrl=https%3A%2F%2Fhimado.com&nse=5&vi=1660675511579950745&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&bae=B44e4x4BBe&bcpf=8fOnRrolnfOur8B44e4x4BBe&bdrId=294&bid=325628&ntv=0&matchstring=hr%3D0%7C&kttle=SafeFrame%20Container&katpre=1&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&katbid=-21&katid=808061240&kapc=12&ekals=775EJvu99ui%7C%7CE7vu%7C%7CjY8Ovz1%7C%7C77OvW&kata=aton&ekalog=bVrvW%7C%7CPPVrvwW%204hH%20Ygqfl%20N6lN%7C%7C%3DVvfhWW%7C%7CcVvfhWW%7C%7C_TVrvF%7C%7CbVvfhWh%7C%7CqVrvu%7C%7Cc0_rvFH9%7C%7C_0_rvFAWX9h9fFFhiA99&pgid=p01343711635t202208161845&goent=1&htmlsrc=1&allsc=QC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.117.182.59 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-59.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135

Request headers

Referer
https://contextual.media.net/
Origin
https://contextual.media.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Unused62
8096267
Date
Tue, 16 Aug 2022 18:45:11 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-54c8"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21704
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 16 Aug 2022 18:45:11 GMT
OpenSans-Regular.woff
res-a.akamaihd.net/__media__/fonts/OpenSans-Regular/ Frame 233F 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-a.akamaihd.net/__media__/fonts/OpenSans-Regular/OpenSans-Regular.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=134276238&size=970x90&cc=CA&chnm=smm_migration_test&pid=8POJ4N28G&tpid=TJD0857&https=1&vif=2&requrl=https%3A%2F%2Fhimado.com&nse=5&vi=1660675511579950745&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&bae=B44e4x4BBe&bcpf=8fOnRrolnfOur8B44e4x4BBe&bdrId=294&bid=325628&ntv=0&matchstring=hr%3D0%7C&kttle=SafeFrame%20Container&katpre=1&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&katbid=-21&katid=808061240&kapc=12&ekals=775EJvu99ui%7C%7CE7vu%7C%7CjY8Ovz1%7C%7C77OvW&kata=aton&ekalog=bVrvW%7C%7CPPVrvwW%204hH%20Ygqfl%20N6lN%7C%7C%3DVvfhWW%7C%7CcVvfhWW%7C%7C_TVrvF%7C%7CbVvfhWh%7C%7CqVrvu%7C%7Cc0_rvFH9%7C%7C_0_rvFAWX9h9fFFhiA99&pgid=p01343711635t202208161845&goent=1&htmlsrc=1&allsc=QC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.117.182.59 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-59.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5256d55a499ecb71f04dd716cfdf75bf9fe5f863620ec6634e3b43b4e6b11fd8

Request headers

Referer
https://contextual.media.net/
Origin
https://contextual.media.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Unused62
8096267
Date
Tue, 16 Aug 2022 18:45:11 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-107c8"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
67528
pica.js
himado.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 4CA1 		18 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://himado.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37b93e83ac6b6a89561f9fa8b66f98a117a3e938ebd1c89b6347671857ebac14

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:11 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tvndIGZ323Npev9Fgc6hCjUVlKyoCWiL7Ra%2BRG6jql2E2j2qKFnrGp%2FIR0wuVDxD%2B0DsTlwEWzquO9knjPQFdtBDkigPTFrRpflgkxA4npLakrVFsJuJVjvD6Qsnr0qcydSewwrcId6s"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
73bc535c4872ecfa-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
s
googleads.g.doubleclick.net/pagead/drt/ Frame C477 		143 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2004
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Tue, 16 Aug 2022 18:11:47 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3245 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
10075
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 16 Aug 2022 15:57:16 GMT
etag
48472445140208031
expires
Wed, 17 Aug 2022 15:57:16 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
iframe
accounts.google.com/o/oauth2/ Frame 75E3 		283 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.S0MFEB7Jrgw.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rrjPu-arphKs_q6oTtOBLYqL7zQ/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200d New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9e9d2ff74040f0ceda0f97e8857e203f8b82722788fe0c1796b44d679f8b5410
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3zLzseknKQeD1_vDARr45A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://himado.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-3zLzseknKQeD1_vDARr45A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin; report-to="IdpIFrameHttp"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Aug 2022 18:45:11 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
bql.php
lg3.media.net/ Frame 233F 		15 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5290&&&vgd_l2type=sca&fp=12evKuUwREPXoLOQTIOg16tGlBEJA3BO6fpfQx2GPygzsw_8dF_QXt5RPSxTksLnKuJP80NFceEtjkUpdyKc6ILYzMbN8T7mM0OTziPpFJ7Lkvgx0dRx0lgEOLFuxTn9nWIdPA0QnCc%3D&cme=mDd5y_AIuqtzxetRXgCDZuAZZRbGxxPLKenjNgBoIzpPxTRv_Vqc74-V74y99Nx74p2dJ5ymcNJ-dF4YbK-g2W2lMXnsIaySZ-toF0B_ttV1mrwyWGQUgSOb3g3TWvBmXb1wBsvOqIN6n2A_eaGSAhAYFW5gh47NqUQWAp47Kx6L82LpFz1Sxsx5mjZHpVaGQ9Hp4v6T-tGKKJzMT6jSTdQmTrvN0vzmfh-KboZ0iklxDspIuPVeJA%3D%3D%7C%7CWGV0YFlErcpuo3Pma1EBA706uXx3IZ3_s1njI9zvr5U%3D%7Ca0AmFUYXmD6JUfcRX1i6OODC5tIddTgqbfTbOuA-ioo%3D%7C8ChqcPLGCwrM0h5U-yAWAG0C3kB0jfVFom7_DL25DKqK3eqRE47ZNYUYhqjW5oxxGgPtOQsrGem4zogierl-bOm4fMjMBGyVwhJ-FvKFRB1e2rOEgzOAQNwME6TbgwTfw1HqewS9TZR5_GgjCjf3wH9IZiBSelPUreRgXeTIWdFicuwzuChtTvpqag6iuCVP47-MMxL1_0uPZhHtNvzdKPHWGyng-QFBgqR6LXbVxZKdOOJatBA3RQ%3D%3D%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7CJwgYdc1KQkFA0AkMtcoUY9olDV92JfOo%7C&v=1&geo=45.5%7C-73.58&lper=100&lpid=&tsid=15040&q=&prv=&type=&ps=&hint=&td=&cc=CA&wsip=170721609&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_fm_lang=EN&vgd_dnquo=00_XX&ksu=224&fdkt=390&vgde_kbbh=fuoyxQBuG&kwd[]=Top+Stocks+To+Buy&kwt[]=390&kbc[]=266%3A%3A113941&kwp[]=1&kid[]=28656652&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D0.58%7C2%3D4.44%7Cps%3D1.195%7C3%3D0.92%7C4%3D3.79&ktd[]=274911592704&kwd[]=Machine+Learning+Courses&kwt[]=390&kbc[]=439%3A%3A1202861858&kwp[]=2&kid[]=117362240&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D0.79%7C2%3D4.06%7Cps%3D1.195%7C3%3D0.39%7C4%3D2.05&ktd[]=274911592704&kwd[]=Little+Mermaid+Costume&kwt[]=453&kbc[]=1202861858&kwp[]=3&kid[]=17667115&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D1.50%7C2%3D4.65%7Cps%3D0.913%7C3%3D0.09%7C4%3D1.00&ktd[]=274894815488&kwd[]=Free+Trading+Accounts&kwt[]=390&kbc[]=266%3A%3A113941&kwp[]=4&kid[]=291273170&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D1.88%7C2%3D4.83%7Cps%3D1.195%7C3%3D1.09%7C4%3D3.62&ktd[]=274911592704&kwd[]=Forex+Trading+Platforms&kwt[]=390&kbc[]=439%3A%3A1202861858&kwp[]=5&kid[]=11309418&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D0.52%7C2%3D6.65%7Cps%3D1.195%7C3%3D0.54%7C4%3D2.64&ktd[]=274911592704&kwd[]=Online+Education+Courses&kwt[]=390&kbc[]=266%3A%3A113941&kwp[]=6&kid[]=21233881&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D1.46%7C2%3D11.36%7Cps%3D1.195%7C3%3D0.66%7C4%3D2.44&ktd[]=274911592704&cid=8CU5RJ1PV&vwid=1660675511579950745&vi=1660675511579950745&tdAdd[]=ib%3D0&vsid=3036771111455651&tdAdd[]=asnum%3D16276&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=777&vgd_l3_sc=QC&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_katid=808061240&vgd_katbid=-21&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_kals=ttype%3D10019%7C%7Cpt%3D1%7C%7Clmid%3Dna%7C%7Cttd%3D8&vgd_kalog=SID%3D8%7C%7CUUID%3Dh8qE74qmQH2zqcJzc%7C%7CCI%3D2788%7C%7CMI%3D2788%7C%7CTLID%3D6%7C%7CSI%3D2787%7C%7CHID%3D1%7C%7CMPTD%3D640%7C%7CTPTD%3D638507026679300&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721609&vgd_nrrv=57785&vgd_nrrmf=4808&vgd_nrrsf=scrr&vgd_cty=montreal&vgd_go_pid=8POJ4N28G&vgd_go_bid=325628&vgd_go_abtid=88776&&vgd_ifrmode=14&vgd_l1rakh=1660675511115668470&sttm=1660675511198&upk=1660675511.27179&hvsid=00001660675511198025035145561354&verid=3111299&vgd_matchstr=hr%3D0%7C&sbdrId=196&vgd_ecrid=1700080806124000970009000001000&vgd_isiolc=1&vgd_fcm_enc_mis=1&&kbbq=%26asn%3D16276&&vgd_vstrid=3036771111455651&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9u~QYYMG8Ov9.9f~e8QMQOvAWi~xLjMLEQMGvu9.Af~ONfvu~G17v9%2C9%2C9~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9ff9WuF9h~8xLjMGvWXHf.FA~xLjM7UNv9~xLjMLf1MGv9~Q7Ov~j1Q7v~Nemyvf.uf~e8QMxLjMGv9.FW~8Evf6%20xQ9~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vuX~LNvA%2CfAAhi~LEQMQOvf9ff9WuFuf~e8QMGvWXX.WH~xLjMGv9.X~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~QYYMBLvX.FWWh~xLjMjvH9~yN17vX99h9u~GGvuiF~eev9~NejfLMQOvAiu~jfLMGvu999~JLEYv9.9u~ejfLMxLjMUNv949~ejfLMxEMjv9~GYvu~QYYMQOvf9ff9WuFuf~Q8OvuAHfhFfAW~QOv9~x8OvuVJfTJ7rT%20RUGPK_Q~xLjMLEQMUNv9~NejfLMGvf.uf~G7OvF9HHXXuA9hHhWff9hAHXiFhWHHiiFFWiWXWFXuXuHXHAXWXX9XWAfXXAfhfWfuAAAfXHWufiWHFhFAXf~Nejfvf.uf~AENkvFXF.ui~x8Yv9~OYYMQ7LyvQYYMY8yL178mzM7JQ7~ejfLMxEMGv9~QQvIK~x8Bvou~NJv9~LEQMGvui.HX~xLjMQLEQMGvu9.AX~%3DVvfhui~z7QvA~7Gvou~N7vYmz7LJ1j~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8Q8kv9~jNvu~xLjMLENMGv9~G8Ov9.9f~ONvW~xLjMLEQMLev9~ejfLMGv9.uf~QxEEj5M71yM8Ov~e8JB1G8j875v9.Wi~1YEvu~NGOEv9.9f9~OYYvQYYMY8yL178mzM7JQ7~Qx8Ov~QyY7v0%3DMZ1YJQ~O7NvJ1Q7MQN~-8OvKrtoExGoh9uXfAXuf9iuXhFi~O1jyvQYY~w7Yjvu~1OGjUvAHWifhHuH~QmGEv9.9f~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~QYYM1E8veu~8GNvu~OO7vou~zQlvA~7yQvhX9-f99%7CiA9-uW9%7Cih9-i9~GQGv9~GQEv9~7Y-vfHh&vgd_optout=0&vgd_cfud=220317&vgd_scsver=285&vgd_go_ent=1&vgd_rensize=970_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A970%3Brend_h%3A90&&vgd_uspa=0&vgd_sc=QC&vgd_l1rhst=contextual.media.net&hvsid=00001660675511198025035145561354&subBdr=196&bdrid=294&rc=0&rand=1660675511657&acid=680c5ffb616746a0b1b5d831a9f96a3c&matm=1660675511657&vgd_ltimesrc=1&vgd_ltime=755&vgd_rtime=640&vgd_etm=22&vgd_l1hcsd=O4dlt%7C5316&vgd_l1ch=1&vgd_lhl=2798&vgd_pgid=p01343711635t202208161845&vgd_adprefflag=10&vgd_adpref_diff=100&vgd_csip=rtb-appnexus-c76f7c65b-f54qd.SC&vgd_sbSup=1&vgd_nrrs=57785&vgd_cntrdt=SF%7Cb8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=134276238&size=970x90&cc=CA&chnm=smm_migration_test&pid=8POJ4N28G&tpid=TJD0857&https=1&vif=2&requrl=https%3A%2F%2Fhimado.com&nse=5&vi=1660675511579950745&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&bae=B44e4x4BBe&bcpf=8fOnRrolnfOur8B44e4x4BBe&bdrId=294&bid=325628&ntv=0&matchstring=hr%3D0%7C&kttle=SafeFrame%20Container&katpre=1&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&katbid=-21&katid=808061240&kapc=12&ekals=775EJvu99ui%7C%7CE7vu%7C%7CjY8Ovz1%7C%7C77OvW&kata=aton&ekalog=bVrvW%7C%7CPPVrvwW%204hH%20Ygqfl%20N6lN%7C%7C%3DVvfhWW%7C%7CcVvfhWW%7C%7C_TVrvF%7C%7CbVvfhWh%7C%7CqVrvu%7C%7Cc0_rvFH9%7C%7C_0_rvFAWX9h9fFFhiA99&pgid=p01343711635t202208161845&goent=1&htmlsrc=1&allsc=QC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Tue, 16 Aug 2022 18:45:11 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=42316
content-length
15
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4D29 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://himado.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
13966
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Aug 2022 14:52:25 GMT
expires
Wed, 16 Aug 2023 14:52:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6542 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1c3f40fb1dbe9c8634c583637e0dd34bc45a6a489026c19af06fed09db83e9cb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LSVU2zo4ggTECsrus1mWuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://himado.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-LSVU2zo4ggTECsrus1mWuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 16 Aug 2022 18:45:11 GMT
expires
Tue, 16 Aug 2022 18:45:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 75E3 		2 KB
847 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200d New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
041a71fe6326bd20a05a405711bee8ab22765310e0076c082ed606d92ec8178a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 18:45:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US._QdMe3ZpIFc.es5.O/d=1/rs=AOaEmlFHzmOjRmIVDDo5jqDl0RwXJPw7Fw/ Frame 75E3 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US._QdMe3ZpIFc.es5.O/d=1/rs=AOaEmlFHzmOjRmIVDDo5jqDl0RwXJPw7Fw/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e576fe929eb700fa447a6265cd7b42887a0cca0169a7a75a8df640a8c36a9921
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 21:03:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34824
x-xss-protection
0
last-modified
Sat, 06 Aug 2022 18:41:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Aug 2023 21:03:52 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame C477
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 16 Aug 2022 18:45:12 GMT
expires
Tue, 16 Aug 2022 18:45:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 16 Aug 2022 18:45:11 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
google2waycm.netmng.com/cm/ Frame 3245 		0
0
dpixel
cms.quantserve.com/ Frame 3245 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENhNzL-wvNjmOsqYCeUX2dw&google_cver=1&google_push=AehlK4C0uatWKHwe751UckOz1_urQn_Mh75TF7lvBNIM5IjQggwwW28wUu2Em3tgmvivYk6nZToiq6Wr4YBoQ7k0Qv5cdvWTllb40A
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 18:45:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3245
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKf5mAGSzz93J5GQsiJAi1M&google_cver=1&google_push=AehlK4CKjr7fSFXwMFL3XNYwfWu1GuADkpHrebGFSM4yNlTVLqebTra...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=2755723817d81223&is_secure=true&networkId=14000&version=1&google_gid=CAESEKf5mAGSzz93J5GQsiJAi1M&google_cver=1&google_push=AehlK4CKjr7f...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGcNaK5WHlhQNDH2DeAAAAAAA&expiration=1660761912&google_cver=1&is_secure=true&google_gid=CAESEKf5mAGSzz93J5GQsiJAi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGcNaK5WHlhQNDH2DeAAAAAAA&expiration=1660761912&google_cver=1&is_secure=true&google_gid=CAESEKf5mAGSzz93J5GQsiJAi1M&google_push=AehlK4CKjr7fSFXwMFL3XNYwfWu1GuADkpHrebGFSM4yNlTVLqebTra7zDWSOFvvEMvn-vSjcEFXdcRmuNe8ou46ktRVLtCZzFc6
Protocol
H3
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 18:45:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 16 Aug 2022 18:45:12 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGcNaK5WHlhQNDH2DeAAAAAAA&expiration=1660761912&google_cver=1&is_secure=true&google_gid=CAESEKf5mAGSzz93J5GQsiJAi1M&google_push=AehlK4CKjr7fSFXwMFL3XNYwfWu1GuADkpHrebGFSM4yNlTVLqebTra7zDWSOFvvEMvn-vSjcEFXdcRmuNe8ou46ktRVLtCZzFc6
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 3245
Redirect Chain
  • https://a.clickcertain.com/px/img/g/?google_gid=CAESEMmVT8A9aBJIcZWlFSl4xhc&google_cver=1&google_push=AehlK4Dptf_IhT1dt9v5Kds_2s5Kdt1u9FT6qHa3MQXUrVfO8M5Nu5mXOdzIZRZp4GOcHL3btFanpweIfQcpQNH-7lX7McH...
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=837e5979-e226-4b91-9400-7be216f47e0f&ccid=837e5979-e226-4b91-9400-7be216f47e0f&redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuid...
  • https://i.liadm.com/s/56408?redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526google_...
  • https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fg%2f%3fdone%3dtrue%26google_gid%3dCAESEMmVT8A9aBJIcZWlFSl4xh...
  • https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEMmVT8A9aBJIcZWlFSl4xhc&google_cver=1&google_push=AehlK4Dptf_IhT1dt9v5Kds_2s5Kdt1u9FT6qHa3MQXUrVfO8M5N...
  • https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEMmVT8A9aBJIcZWlFSl4xhc&google_cver=1&google_push=AehlK4Dptf_IhT1dt9v5Kds_2s5Kdt1u9FT6qHa3MQXUrVfO8M5Nu5mXOdzIZRZp4GOcHL3btFanpweIfQcpQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=AehlK4Dptf_IhT1dt9v5Kds_2s5Kdt1u9FT6qHa3MQXUrVfO8M5Nu5mXOdzIZRZp4GOcHL3btFanpweIfQcpQNH-7lX7McHisLuoLg&google_hm=ODM3ZTU5NzktZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=AehlK4Dptf_IhT1dt9v5Kds_2s5Kdt1u9FT6qHa3MQXUrVfO8M5Nu5mXOdzIZRZp4GOcHL3btFanpweIfQcpQNH-7lX7McHisLuoLg&google_hm=ODM3ZTU5NzktZTIyNi00YjkxLTk0MDAtN2JlMjE2ZjQ3ZTBm
Protocol
H3
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 18:45:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 16 Aug 2022 18:45:12 GMT
x-frontend
cc-nginx-64fb697694-t8x2h:cc-nginx-64fb697694-t8x2h
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
a5b07878-aadf-46b3-a0c0-387503bd8492
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJpj4CUBff2z3hh5wIsamAK596LhShzdJBpvxEp0RDNhuI%2BG8gTzK3MDiUe3iRM4kntgetDDlDRdHJiz966MSYUfXQhTNRJfTHWt6qnC%2FOImvu%2BwEXw6Dv9w48m5jeVKYpLNUK20a9%2FPW806wGWqCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=AehlK4Dptf_IhT1dt9v5Kds_2s5Kdt1u9FT6qHa3MQXUrVfO8M5Nu5mXOdzIZRZp4GOcHL3btFanpweIfQcpQNH-7lX7McHisLuoLg&google_hm=ODM3ZTU5NzktZTIyNi00YjkxLTk0MDAtN2JlMjE2ZjQ3ZTBm
cf-ray
73bc53628faf714b-YUL
pixel
cm.g.doubleclick.net/ Frame 3245
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEH2yMVm8xJob8kUYzYk9gks&google_cver=1&google_push=AehlK4CP75WjmaE8FjvId4V8Xl85SNsMMqunGu6yMrc7WqoCfL6CUu4Tbd4XSxxOxDHJnOBmaAfvomwDBd38Vd86...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=2e1a8342&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4CP75WjmaE8FjvId4V8Xl85SNsMMqunGu6yMrc7WqoC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=2e1a8342&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4CP75WjmaE8FjvId4V8Xl85SNsMMqunGu6yMrc7WqoCfL6CUu4Tbd4XSxxOxDHJnOBmaAfvomwDBd38Vd86qCyzXILp4zMEng
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 18:45:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 16 Aug 2022 18:45:12 GMT
via
1.1 b4d936db4a90ac6e06d19d66ebba832e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=2e1a8342&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4CP75WjmaE8FjvId4V8Xl85SNsMMqunGu6yMrc7WqoCfL6CUu4Tbd4XSxxOxDHJnOBmaAfvomwDBd38Vd86qCyzXILp4zMEng
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
oz2QarUt35wsCmiIXD3hxB4LGpK6Kwjipbex8Yoa-sZiMnRxSNzW4g==
pixel
cm.g.doubleclick.net/ Frame 3245
Redirect Chain
  • https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEFCYK2MoPEr16cGUu3S8MNI&google_cver=1&google_push=AehlK4C5ntqEzwaOdxBeKyQYRun2IKaJ8cHnxw3EnJt_x0RG2C_h2_CVN9P8gqOXZzBTi3pCWe2Lyl14PukAJNzU5wQsN...
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Demx_eb%26google_hm%3DNTMzNDE2NjA2NzU1MTIwMzg2MTFiYw%3D%3D&b6...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcs.emxdgt.com%2Fumcheck%3Fapnxid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fcm.g.doubleclick.net%252Fpixel%253Fgoogle_nid%253Demx_eb%2526google_...
  • https://cs.emxdgt.com/umcheck?apnxid=6406060189460897775&redirect=https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTMzNDE2NjA2NzU1MTIwMzg2MTFiYw==&b64_redirect=aHR0cHM6Ly9jbS5nLmRvdW...
  • https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTMzNDE2NjA2NzU1MTIwMzg2MTFiYw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTMzNDE2NjA2NzU1MTIwMzg2MTFiYw==
Protocol
H3
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 18:45:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTMzNDE2NjA2NzU1MTIwMzg2MTFiYw==
date
Tue, 16 Aug 2022 18:45:12 GMT
content-length
0
content-type
text/html
/
onetag-sys.com/match/ Frame 3245
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBITodsViMGV50vkamKNTLk&google_cver=1&google_push=AehlK4B4gVhqGvbUYGlmSdbS3Q6BBZBgYac-h33noXytfHav9IbHcj6jBB0amqhkh-s3tdptubCERchCfvQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4B4gVhqGvbUYGlmSdbS3Q6BBZBgYac-h33noXytfHav9IbHcj6jBB0amqhkh-s3tdptubCERchCfvQYTyPD1PXOwsWmB1WHFiM
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 16 Aug 2022 18:45:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 3245 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J3AbchnW1aSb_anqvTAIHebhoDGl3xPF4DbHyfyVFlTxkaq9k_3yqlWNIdVEGLnTrBwHMLypo
Requested by
Host: b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
URL: https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:12 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame 6542 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081101&jk=1736854545924848&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js
pagead2.googlesyndication.com/bg/ Frame 4D29 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a690357c8d157ad2a9f188ecdad238c37efbd7508124554e8b7ddf2986cb0188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 18:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
347972
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13955
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Aug 2023 18:05:40 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame 75E3 		50 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fhimado.com&client_id=611553757631-aeg84p8k0292cus4624u0m1q8fef7k8e.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US._QdMe3ZpIFc.es5.O/d=1/rs=AOaEmlFHzmOjRmIVDDo5jqDl0RwXJPw7Fw/m=base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200d New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8CUAzwFhO9V7QW75F9yIew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-embedder-policy
require-corp
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
same-site
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin; report-to="IdpIFrameHttp"
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-8CUAzwFhO9V7QW75F9yIew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
expires
Tue, 16 Aug 2022 18:45:12 GMT
73bc534cbdddecf2
himado.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 4CA1 		2 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://himado.com/cdn-cgi/challenge-platform/h/b/cv/result/73bc534cbdddecf2
Requested by
Host: himado.com
URL: https://himado.com/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=73bc534cbdddecf2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 16 Aug 2022 18:45:12 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5m61ge%2BR5mTmwhNwxRmmkUmtYHsgGJLIx0yI4PlaaNJ5vNQwwLZ3YQ6PgdBK0bxianYsBRsx08%2FGUMJfybWZmpcBmysKMmb7aPMb56EkeWvNTiSsAM3TimfIxArWuzmbG9EHrZDgTvK9"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
73bc53608e9cecfa-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
pagead2.googlesyndication.com/bg/ Frame AA2B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
Requested by
Host: himado.com
URL: https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9481bffab8d0c1e52db0f4c992a5626aca0bd573e8e8eb57ce0e489cac7e34c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 17:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
92581
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14125
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Aug 2023 17:02:11 GMT
log
hblg.media.net/ Frame 02E2 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=3&spSource=0&ifst=0&vid=ASXLaaZdkd2Xj_Pl8fZFCA&s_city=morganton&ugd=4&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D3%7Cfl_rl%3D1%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=3&sc_bdp=0.020&device_id=4&ae=false&mx_UCC=2&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=970x90&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=d9c789bf&scrid=1700080806124000970009000001000&itypeid=17&mx_SPRIG=1&viewability=89&renderer=0&be=0&rtime=63.0&adj0=0.0&tmax=300&s_ip=74.125.19.9&adj2=0.0&adj1=0.0&feedback_id=ASXLaaZdkd2Xj_Pl8fZFCA&adtypes=0&mx_aabpc=0&reqid=ASXLaaZdkd2Xj_Pl8fZFCA&sc=PA&mowxReqId=680c5ffb616746a0b1b5d831a9f96a3c_1&ifdp=0&requrl=https%3A%2F%2Fhimado.com&bidrestime=1660675510543&pv_adtype=0&cc=US&strg=smm_migration_test&cxtSgmt=PC_Games&pcrid=8CU5RJ1PV-134276238-34-5&coppa_enf=true&sc_prspt=headerBid&bdp=0.020&ct=Slatington&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7Csmm_migration_test%7Cbrr%3D1&mx_epbc=8CU5RJ1PV&dnt_enf=false&mx_ssBucket=0&vls=0&asn=16276&mang=1&sc_cbdp=0.020&fleet=appnexus&mx_isLossNtf=false&advUrl=https%3A%2F%2Fsearch.yahoo.com&dn=himado.com&pgcatiab2=684&dt=O&acid=680c5ffb616746a0b1b5d831a9f96a3c&actltime=76&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C48%7C16%7C17%7C114%7C18%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.02&sckfl=0&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CU5RJ1PV&epcexp=false&pubid=pub-ADX-116310109131&mx_bsProfile=0&cid=8CUU9JF8H&bcrid=1700080806124000970009000001000&omul=1.0&res_mtype=0&apPrfs%3C%3E=60%23%2313%23%2310%23%2333&pgcatiab=IAB9-30&chnl=smm_migration_test&pst=0&reqsize=970x90&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-ADX-116310109131&__expireat=1660676110798&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=134276238&ckfl=0&pgcatsprig=105&lper=1&mx_tgs=750x200%7C930x180%7C970x90&cbdp=0.02&sc_advUrl=https%3A%2F%2Ftopics.businessfocus.online&pvdTmax=247&ltime=74.0&epc=134276238&prvReqId=114515626180756_758921233_11621109132941&zip=18080&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-7015235120915769&ybnca_erpm=0.01&brsrclk=0&sbdrid=196&rtttime=86&apTags%3C%3E=75&mx_PC=1&wsip=mowx-lite-69d9d8d79-w4fqs&currsrc_date=2022-08-16+00%3A00%3A00&sc_adj0=0.0&sc_adj1=0.0&sc_adj2=0.0&psrc=fail&geoll=false&omid=0&debug_ts=2022-08-16+18%3A45%3A10&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=1&usp_enf=1&bidflr=0.010&sc_ogbdp=0.02&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=294&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AHfbET4DVRU72raKkV2FAGAfa1fP7koNIhqC6NyPahQU6cb9PcjbfKsMebDpKQk3RSPRkUsG&dmm_ogerpm=false&csip=rtb-appnexus-c76f7c65b-f54qd.SC&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=east_sc&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=348927414&fpuReq=1&vcmplrt=-1.0&crid=116211091&geo_source=2&sat=1&mnet_ckfl=0&mp_seg%3C%3E=44717%23%2344713%23%2355664%23%2352765%23%237773%23%2344758%23%2317233%23%2358601%23%237769&sc_pvid=9&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.01~smm_bid%3D0.02~vis_sd%3D389~url_rps_b%3D10.32~dc2%3D1~bat%3D0%2C0%2C0~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2022081607~iurl_b%3D8542.63~url_tkc%3D0~url_r2a_b%3D0~std%3D~last%3D~cvog%3D2.12~vis_url_b%3D0.68~ip%3D2Jqus0~fbb%3D0~vis_url_l%3D10~riipua%3D0%2C0~et%3D15~rc%3D3%2C23379~rps_sd%3D2022081612~vis_b%3D855.84~url_b%3D0.5~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~smm_wr%3D5.6887~url_l%3D40~gcat%3D500701~bb%3D196~vv%3D0~cvl2r_sd%3D391~l2r_b%3D1000~erpm%3D0.01~vl2r_url_kc%3D0E0~vl2r_up_l%3D0~bm%3D1~smm_sd%3D2022081612~sid%3D134276238~sd%3D0~uid%3D1Ie2LetDLqBkbUATs~url_rps_kc%3D0~cvl2r_b%3D2.12~btd%3D60445513074782207345967844996689858651514543585505832553272821333254812984676352~cvl2%3D2.12~3pcf%3D656.19~uim%3D0~dmm_strg%3Dsmm_migration_test~vl2r_up_b%3D0~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D19.45~url_srps_b%3D10.35~CI%3D2719~nts%3D3~tb%3D-1~ct%3Dmontreal~basis2%3D196~basis1%3D196~isRef%3D0~isif%3D0~lc%3D1~url_rpc_b%3D0~bid%3D0.02~dc%3D8~url_rps_rv%3D0~vl2r_b%3D0.12~supply_tag_id%3D%7Eviewability%3D0.89%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dsmm_migration_test%7Esuid%3D%7Esgmt%3DPC_Games%7Edtc%3Deast_sc%7Exid%3DADX-pub-7015235120915769%7Edalg%3Dsmm%7Ehtml%3D1%7Eadblk%3D348927414%7Esobp%3D0.02%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Esmm_api%3Dv1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D750x200%7C930x180%7C970x90~bsb%3D0~bsp%3D0~tmx%3D247&utime=681&sf=0&cpr=0.12446613886365343&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 18:45:12 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 16 Aug 2022 18:45:12 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 02E2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0HrrGt4zVF7q6RUpVhYzGVViG02aT1MtYe4VQWo4Sslv5UQllrXJ5Wh-LIAe5rwy2RLHZfb5eWMOmybO1eGXsPMsa&sig=Cg0ArKJSzE2vfz_VChbCEAE&id=lidar2&mcvt=1083&p=576,315,670,1285&mtos=0,1083,1083,1083,1083&tos=0,1083,0,0,0&v=20220815&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=348927414&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660675510871&rpt=422&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 18:45:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 4D29 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?veuIQA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
bqi.php
lg3.media.net/ Frame 02E2 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2339&lf=3&&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_l2type=sca&vgd_bid=325628&gdpr=0&prid=8PRN625DH&cid=8CU5RJ1PV&crid=134276238&requrl=https%3A%2F%2Fhimado.com&vi=1660675511579950745&ugd=4&cc=CA&sc=QC&bdrid=294&subBdr=196&startTime=1660675511181&l2type=sca&vgd_l1rakh=1660675511115668470&l1ch=1&buid=325628&sttm=1660675511198&upk=1660675511.27179&hvsid=00001660675511198025035145561354&acid=680c5ffb616746a0b1b5d831a9f96a3c&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.01~smm_bid%3D0.02~vis_sd%3D389~url_rps_b%3D10.32~dc2%3D1~bat%3D0%2C0%2C0~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2022081607~iurl_b%3D8542.63~url_tkc%3D0~url_r2a_b%3D0~std%3D~last%3D~cvog%3D2.12~vis_url_b%3D0.68~ip%3D2Jqus0~fbb%3D0~vis_url_l%3D10~riipua%3D0%2C0~et%3D15~rc%3D3%2C23379~rps_sd%3D2022081612~vis_b%3D855.84~url_b%3D0.5~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~smm_wr%3D5.6887~url_l%3D40~gcat%3D500701~bb%3D196~vv%3D0~cvl2r_sd%3D391~l2r_b%3D1000~erpm%3D0.01~vl2r_url_kc%3D0E0~vl2r_up_l%3D0~bm%3D1~smm_sd%3D2022081612~sid%3D134276238~sd%3D0~uid%3D1Ie2LetDLqBkbUATs~url_rps_kc%3D0~cvl2r_b%3D2.12~btd%3D60445513074782207345967844996689858651514543585505832553272821333254812984676352~cvl2%3D2.12~3pcf%3D656.19~uim%3D0~dmm_strg%3Dsmm_migration_test~vl2r_up_b%3D0~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D19.45~url_srps_b%3D10.35~CI%3D2719~nts%3D3~tb%3D-1~ct%3Dmontreal~basis2%3D196~basis1%3D196~isRef%3D0~isif%3D0~lc%3D1~url_rpc_b%3D0~bid%3D0.02~dc%3D8~url_rps_rv%3D0~vl2r_b%3D0.12~supply_tag_id%3D%7Eviewability%3D0.89%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dsmm_migration_test%7Esuid%3D%7Esgmt%3DPC_Games%7Edtc%3Deast_sc%7Exid%3DADX-pub-7015235120915769%7Edalg%3Dsmm%7Ehtml%3D1%7Eadblk%3D348927414%7Esobp%3D0.02%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Esmm_api%3Dv1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D750x200%7C930x180%7C970x90~bsb%3D0~bsp%3D0~tmx%3D247&matchstring=hr%3D0%7C&vgd_matchstr=hr%3D0%7C&vgd_sc=QC&infr=1&twna=1&stime=1660675511042&vgd_ecrid=1700080806124000970009000001000&l1hcsd=l1!O4dlt|5316&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22east_sc%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&vgd_pgid=p01343711635t202208161845&vgd_pgids=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Tue, 16 Aug 2022 18:45:12 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=40646
content-length
15
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081101&jk=1736854545924848&bg=!ZWalZiLNAAa4hXTbmIU7ACkAdvg8Wj5HBegwYXXi2E_dl-TuoL0hLq6ptIds0_z8kYZHcxfk1tsTyQIAAAJMUgAAAAZoAQcKAFJuCAwMHqXH-ZYEpmJCuUPC5MLdMIeXaaZAu5cncmJLQ1MD99ZYOS4HRUhHOJhW5KOqyZHFx2V1G_cJY9cbbfvVwEyNozeyIxze0vEWV0nQ7VMPmQLT83MEcXuuW_oGGEDrQm-0Y9x9m8t71Sy0aSiX6FogIddBJnLgkJx3rHwJ-NjQmnMFmk1II2DJIeUIsZs66nJzgvqNQNILRLcZ0NafJVgGGsIIUZMKWVZMeR0bMyKfOAKdbXoSE1nVWecWorxszMNwLpDBYlVLYgVw_cbRsSDs46HbUwWfeCeW4zRmoKH1KhHzJ84Wzcn-jDtnIwrFiLU01vzA1-JiXaC79WbJYGkp6_zSXUcIIjqYX7SRYEZwnevuZVXTIAeMzU4BUSghXe0i-zuXewnPv93AKmtjCoQjwFdxzV-K_gcVy56mkmdRnUllwHE8MeF5KOGACPIQpkZxVcVzqiOB1AdHKeuqCma6Hz-_MX0lhmC9D-qpj_JaHz6QAlQV5wh07c-8xReHasHA9e5GnL4AntjdzceR8YXJUsMPePaWoWATXBLjItlE53oX4rYDlaPMpNs7mvnN8uEweDO6Wq-iY0uQKuoNUBqkNPEh5HSHk3vog7blessztNwG_BX9j7ix8_smG6ZTkcJFSdQFa-WnK8CPrNhxGWN816oqgBSbJcp6tToydBvVneKx10RP21zagES-zxeJ7Gk83xTMYeudKhpEy5rG8reeS3Hh-hCJdtda9Ib260CGbaS1IQLWI_TmCfwC_Duru8-g9f1JqrMzgBELeuhkmohM_CEx3SN4c_7k8fPjGlLGhY1qDuaaWQVsY-Rg61Ui2Jb3axdYV6zSK-DxogSA4Wuk7yQhaX1ID7FdJv3szd_SkNPRVJrxUCgVUsRrc-Q-7WsURw0oQrGz_No6LOpUbea9M9U-HmIqtXTIfXRo2qOdcVbMtDgi4tWQmDFcnTHM-1BvHlF1JwUkK5dz51jquLBcql2wrkiBiaBc2A0F8ZwOqYNwQXgyhzi-9tkO4rMs-fHXBnviDCj_HqiHiEbgZdjfFICiFNj4ldWrgHdULnGL7ru8ZXzh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
bdbe6c100ab24f26f4be7ddb36da476b.jpg
himado.com/uploads/games/20210906/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210906/bdbe6c100ab24f26f4be7ddb36da476b.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82ce193a25f4456cd6cb7f26b6b563e01a03e344bd0fe1b702206457a453ba34

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37690
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
50056
last-modified
Mon, 06 Sep 2021 07:44:21 GMT
server
cloudflare
etag
"6135c6d5-c388"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jD%2BlPCc1ak6sFbDLIhlYHDUf87tnVjaYrc5KFH1AmZzuzmlgMWl0m4d7QXuavRUfjkWtGGaJ7N8067Wr5QFCgpMXfndSI9CRMES%2Byp0OjrogqvGUJ3K9a7AbTq551pl2Ztqi%2BJyPNbcW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc53665e5cecfa-YUL
expires
Tue, 16 Aug 2022 20:17:03 GMT
cdc3e4f31cd81686bc01318187577008.jpg
himado.com/uploads/games/20210906/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://himado.com/uploads/games/20210906/cdc3e4f31cd81686bc01318187577008.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95f51bb6732944a5f3fdc0672572993b864b3f43e642342c1575b64f17e9f562

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://himado.com/?poprequest=1&dm=oandaae.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:45:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37693
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
67918
last-modified
Mon, 06 Sep 2021 07:44:49 GMT
server
cloudflare
etag
"6135c6f1-1094e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ld5QQbGk7wXdqWaLQyTteyY%2FH0pDoDrjHw9ZvHhDqtT6S20nBlirpmgkgBFAwCwHA1KiC8217epHlty1rn%2BKxrpdypS6a8Arnmb4n4Ftt3obYAUZ7lsr8YKJ6IdZq30wh%2BlC9v8h5P%2F5"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
73bc537b0925ecfa-YUL
expires
Tue, 16 Aug 2022 20:17:03 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESECuRKiRczEb5TCbYUL-TvLg&google_cver=1&google_push=AehlK4DljiI-E5ITAUOyR9BdglSbem3b5uwZNc4seaWYNOKEFa-eZ5vaJBeOEgF7JFXkUOb2WwCSO8zKxF6UT9mGAb1sK4vnJtDXEg

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| cookieconsent object| __cfQR function| gtag object| dataLayer object| _hmt object| zh object| en object| layui number| errors function| lay object| layer object| jQuery11230503107493110234 object| layRate object| googletag object| mdui object| google_tag_manager object| ggeac object| google_tag_data object| google_js_reporting_queue function| Swiper string| GoogleAnalyticsObject function| ga number| timeSincePageLoad string| yumin function| ClipboardJS object| gaplugins object| gaGlobal object| gaData undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| OneSignal function| lazyload function| LazyLoad function| $ number| theme boolean| prefersDarkMode function| setTheme function| getClass function| getLanguage object| middleLanguage function| setLanguage function| toogleLanguage string| url function| facebookShare function| twitterShare object| clipboard object| lazyLoadImg object| login_form object| no_login object| login_dialog undefined| thm undefined| lan function| Jq object| bannerinfo_swiper object| banner_swiper function| setBannerHeight number| window_w function| onYouTubeIframeAPIReady object| firebase object| firebaseConfig function| resetUI function| sendTokenToServer function| isTokenSentToServer function| setTokenSentToServer function| requestPermission object| google_reactive_ads_global_state number| __oneSignalSdkLoadCount function| __jp0 object| _cz_loaded string| _cz_account object| _czc object| _CNZZDbridge_1280305902 object| cnzz_image_751216327 boolean| _bdhm_loaded_48b689ef96fe9a8a0db038f2830c76c7 object| mini_tangram_log_1nexgh object| cnzz_image_390220185 function| $jq function| signOut function| onSuccess function| onFailure function| allogin function| nulllogin function| initgoogle boolean| __cfRLUnblockHandlers number| _mduiEventId object| gapi object| ___jsl object| GoogleGcLKhOms object| osapi object| google_image_requests

32 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: MgYIkgEQ8xI
.himado.com/ Name: _gid
Value: GA1.2.2132731325.1660675510
.himado.com/ Name: _gat_gtag_UA_122335014_2
Value: 1
.himado.com/ Name: _ga_C3W7T6H5QW
Value: GS1.1.1660675510.1.0.1660675510.60.0.0
.himado.com/ Name: _ga
Value: GA1.1.1340114832.1660675510
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: CFA9FAF47E5DDC5E
.himado.com/ Name: __gpi
Value: UID=000008a8684022a2:T=1660675510:RT=1660675510:S=ALNI_MZQnPVq_cvmgDrl10P6JGAnet0NAA
.himado.com/ Name: UM_distinctid
Value: 182a7f952ba25a-07cd6942416131-1e303679-1d4c00-182a7f952bb700
himado.com/ Name: CNZZDATA1280305902
Value: 1897548919-1660675438-%7C1660675438
.himado.com/ Name: Hm_lvt_48b689ef96fe9a8a0db038f2830c76c7
Value: 1660675511
.himado.com/ Name: Hm_lpvt_48b689ef96fe9a8a0db038f2830c76c7
Value: 1660675511
.doubleclick.net/ Name: IDE
Value: AHWqTUmvKLVC-h3F-b-nsg2k8Wvb9ldzowwYb87fP_SIUJvmUt62gOiHtlidXA9pl8A
.himado.com/ Name: __gads
Value: ID=6495d97833b66519:T=1660675510:S=ALNI_MYMatvQbt9KZDNgdbQXnZYLYDe3pw
.media.net/ Name: visitor-id
Value: 3036771111455651000V10
.media.net/ Name: data-g
Value: CAESEJI8USgGZq1LVZJ0YKBxJjI~~6
.himado.com/ Name: G_ENABLED_IDPS
Value: google
.smaato.net/ Name: SCM
Value: 2e1a8342
.smaato.net/ Name: SCMg
Value: 2e1a8342
.quantserve.com/ Name: d
Value: EFEBCQHvJoEA
.quantserve.com/ Name: mc
Value: 62fbe5b8-05c51-ea37c-f7dd6
.doubleclick.net/ Name: DSID
Value: NO_DATA
.emxdgt.com/ Name: uid
Value: 53341660675512038611bc
.google.com/ Name: NID
Value: 511=sI1FhtZhC98rRa-4j6FMCgwW-_c-dbLUOPFBJ7Y2xPWbOaJVGDmcOpkQMzYxGeiqsa895O9-Q11NLQep3WnE99wCALhOsp_af-WSpXtuz-dCV0LTXnZiDFvkk7VUrzpEpg2QhVwxLXXF46Od7vVmZ6djruAaJym7ZxgIEJVjbWU
a.clickcertain.com/ Name: _ccpx_u
Value: 837e5979%2de226%2d4b91%2d9400%2d7be216f47e0f
.adnxs.com/ Name: uuid2
Value: 6406060189460897775
.mmstat.com/ Name: cna
Value: uNOCG/314SYCAZU4mbxGD7u1
.cnzz.mmstat.com/ Name: sca
Value: 6d99769b
.cnzz.mmstat.com/ Name: atpsida
Value: b85ff2b43431058749e76fb1_1660675512_1
.dotomi.com/ Name: DotomiTest
Value: 2755723817d81223
.himado.com/ Name: __cf_bm
Value: D2Zs.iul5u9GsEfPVJkMq1z80ZJIBpms2hKv3BIwg9M-1660675512-0-AZ+dhRu/yFDSXlCSlVw6qiVpLA1l2gpgr3VwDCWlgnDe9XKR8DAlBKh+jCQG3voJwxZAdnH9FuuoHMGdUF8qR+K4IPoVnEgCQtjzMGT6KpWlNUfW+VmvK2e4ufWoxKtdmw==
.liadm.com/ Name: lidid
Value: cb6914bd-2055-4d1c-8ea2-96dc6a50451d
.emxdgt.com/ Name: apn_id
Value: 6406060189460897775

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clickcertain.com
accounts.google.com
adservice.google.ca
adservice.google.com
analytics.google.com
apis.google.com
b8862d622027b4a7c91d75331fbccd09.safeframe.googlesyndication.com
c.cnzz.com
cdn.jsdelivr.net
cdn.onesignal.com
cm.g.doubleclick.net
cms.quantserve.com
cnzz.mmstat.com
contextual.media.net
cs.emxdgt.com
cs.media.net
dclk-match.dotomi.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
google2waycm.netmng.com
googleads.g.doubleclick.net
hblg.media.net
himado.com
hm.baidu.com
i.liadm.com
ib.adnxs.com
lg3.media.net
oandaae.com
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
qsearch-a.akamaihd.net
res-a.akamaihd.net
s.ad.smaato.net
s4.cnzz.com
secure.adnxs.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
warp.media.net
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.oandaae.com
z3.cnzz.com
google2waycm.netmng.com
103.235.46.191
104.117.182.59
104.117.182.8
107.161.23.204
142.250.65.194
142.251.40.98
170.106.49.122
2001:4860:4802:38::178
2001:4860:4802:38::181
220.185.164.250
23.197.40.22
23.52.163.93
2408:873c:7a00:2000::5
2600:9000:21ea:ce00:1b:5138:8a40:93a1
2606:4700:20::681a:932
2606:4700:3033::ac43:9405
2606:4700::6810:5514
2606:4700::6812:e134
2606:ae80:1451:21::440
2607:f8b0:4004:c07::9d
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80c::2004
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80f::2003
2607:f8b0:4006:816::2001
2607:f8b0:4006:816::2002
2607:f8b0:4006:816::200e
2607:f8b0:4006:817::200d
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81e::200a
2607:f8b0:4006:81f::200a
2607:f8b0:4006:822::2008
2620:116:800b:21:b08a:1dc5:659b:4055
44.209.207.157
51.222.239.232
59.82.33.227
67.202.14.177
68.67.160.114
68.67.160.137
00a18095a9413b23ac96af1141b58fc5dab0639c5867280902fd88425e1a7354
041a71fe6326bd20a05a405711bee8ab22765310e0076c082ed606d92ec8178a
043e5beacb82427aab3ff6ca908db6079aa938f7348f41815951d080b4fc2a15
0639b600697b8398c14d64366932833404ea94c420349ea469605e7614aed98c
0748ab8cb7cc0d5778c942850f6b83fa04f80a21ff32d13fc62d9f247119a5db
07ad94c273e3ec4219404916bf18f317279d83d7d2de4ed5df150b78446e8ee6
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c48c1999d00968c5ba56ad609e8847c2c34bdd193269ad63beb135a47725f10
0ca1987b2c99ac789c18f36e9c6e78c38fb99d6acb197c7220ca14aeba541a50
0f2cdb4f054aa5fca537582b95714bf84209f2d1f4905411e27fc79ed23c0156
10a2d61b9d038a6a789d7904975cf29f2c6e0f6751568a37e71a30670314fb33
1552665dffa49ce4908b2ed4fde2f745e8be13c58b3f039f2d9f985a966f88dd
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1810cb889334e2f37e878a2a80852ad1871c455f024726a7daa1fd9ed64c7821
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07
1a2eda4ea2f12c413a0551ff0ec290bef4c6074e1a7be615e18748c9622e052b
1c3f40fb1dbe9c8634c583637e0dd34bc45a6a489026c19af06fed09db83e9cb
1cd65682c384602190d8f15db76f13e6fe755703e38a18b94687d629a7808e6b
2148022def76b9fb894dda29d0fe31651e0492d59a87b3de6fad4ec69ae0a9be
23510dcf62097952f1540581deebce7fbe45dc1e1fe00836f7bf15adff8a5a32
238abfc1228105f142c0103fb4f8e388b659e6b43e3dd3a6590842397bb25f72
25c52edb5f678faad74e8c76a3f07aacd8a9ababbc93f51f4598859db9019386
2669328836b79e07b08877a76b9121e41297fc67f6b7e3580b6acb5df43db325
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
2c8fe61cd07989006b159dd9e07b3a880887bfbb1aa2c075704e5daa874f88f7
2decee3874115745c99eab7e8011921590298b07eeee62170f5729e721ed69c3
2e4cc44a9b1337d0415ecce9d454bcd1a3d8e5eb5779a44b989a48aeea92adb9
31b9a64530ca997b6bcc15ed933a677acb8659fd3d75c6f54736657bbf69c18e
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
361bc24c2c761b758f10c6f21a8eeb4a7288a9b86f7ec96b6c7061e7f7735161
37b93e83ac6b6a89561f9fa8b66f98a117a3e938ebd1c89b6347671857ebac14
3c3743dbc418c686c18ceca257a6814c24c9509d4fd034d2e0ccb26d6cd43770
3cba852dd5e6de08ea4ae9280693683f6b02fcc75e367a166a85fe8b42a25851
415de11d44a6d08ec21b6dbb0cd603c6bd70091266067b0d35e5a11db7cef7ef
42115294290b2afde8f86838fe55fe6c88f8fdf85e56e62c6fe44fb74216bec8
427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d
434800d40123d00dc8260e19366d917930e6d984578f0b039f1fd2278908db12
48bd457befd1682d1e21bd4327a12799559ecc1308da5413b21ee60d2e6c0dde
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5256d55a499ecb71f04dd716cfdf75bf9fe5f863620ec6634e3b43b4e6b11fd8
538e9caea2746c67da3320808a2852ac0f370a6b792d73b5ef1162f505e90a07
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5862662a1fca8e93e8297102da178b84a251fb207ac5d10c129d0eed86eb72bc
5a82fa8b55919121be516a5c681e82bb5eb552d0132b24a93083e6feb387907e
5b3baa10ac55f4eece0c7e666eaddd51872b8ce9273671626bcccec8f86ead78
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6374d71bc99e6b537320c2cc01da4034c1ef11f45c3e6791681541cd4cdcbbfe
6c7115dae900a238d8fcd68cedaa30d1eea08222303d096e7725b706609dab4d
74996962b30e77ca66697c54556f9b1a000df7bee867cfe4fd9b15a77df4ca20
752ff5fbd817a01cc78b44cb085a30a4485044952e88dd91a04d58b0e6db61e4
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7ae98d62f214cd9683d8d8680f66b91aeecf6ff0802fa8654b865d30828c4f8f
7ced435a2dea14894cd4934a82ff77e2c64447658214d0576c39215648831d08
80f3fa631f13be066803ff907c2fb603c6e1565ac6cf48f0bc05748237024aff
82ce193a25f4456cd6cb7f26b6b563e01a03e344bd0fe1b702206457a453ba34
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
88c0e66b6bcfc827cd97a258099bd7cf8aaab8516580680c628f77cfb9daea10
88dbdaa15556c45a5c31fcf480a16eb362c9394c9bb4061f7430b6cb7f3ad0a7
8a69f0c252bd31f25758a8f8d2601db9cbc955388af4d924c4934568d4b59181
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf
8e78f27b21aa56a61e96be8f255b3ed39a2c7522210822bee583679f95437ad3
9163bded20d8534f5596e2c9dbdd77b3612f30b05b926efa90b55dbdd5213a59
91f6b2f762de2a77beae3222322a7e5c45f6d82b20d934925f23f950faa737c5
923c5f4e6e2b38317d068423af3201d670ef3aebc56bd93ef572f3804dd26f01
93af079a901176837758950c3dea53448dcd4525bafb7bd449ea20c424240fc1
93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f
9481bffab8d0c1e52db0f4c992a5626aca0bd573e8e8eb57ce0e489cac7e34c4
95ad58274ed0e116a722c84cc75154688203857723682fa475598cf15ce0f540
95f51bb6732944a5f3fdc0672572993b864b3f43e642342c1575b64f17e9f562
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
997279892502453921c28f779a6a096f89eef3eca06356bd809903500b3cbe2a
999d86373569534d9a231b3a92749caf916fe0bd0a4eab81e56f76d317f8e900
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e9d2ff74040f0ceda0f97e8857e203f8b82722788fe0c1796b44d679f8b5410
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3c17f5b5afc1a2cca5e0119d101e44e5fed51c5712e1fc158d1d57028cc80ab
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d9d910a57265fd97af8f90ef93d1ccdf54aeceaa4b9a87c25b8af3f5539e22
a690357c8d157ad2a9f188ecdad238c37efbd7508124554e8b7ddf2986cb0188
a6c1f8a31c1ffac719a6930db183e077fce4b40877d67aeabef1f2532bc04bb6
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a779e11b26bd11c86eb89e434dc60060cba9ae9d37108910c69dc9d091fe4584
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
ad7dde0ca5b4ee5f88280fb0849344ea0de7608e79a75f783b48df0e711a150a
ae96eb840738b34977663b9d515a2422dc01a7b70006b5115159865ca253688b
aed401f022d17ec8958859dbc2d11ab2f7f169900eab75979c7770b598bd23e7
b17f97c27a4e34f3c1f725a40b948b5317621d44c8e5bea47af5f07429e0a5ea
b1b0541f82f31cab4d9c95f9e0ed760d579580a0dde81bfa342effb6c8b677d6
b253a256b32748cdf0a980df247df943cbd78d4468784a4f11b629c454d5582e
b5d59cabb74825156b2bb79c42dfa9f625e1ea9c99fc1d404acacb4f93314b23
b799694acd9d7539b0fde8139202442b5f5eba6de2d94d9184fc22f3296db689
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bd94f80e18eae6c89b41911be027b89564952effbb722b14c59013fa9b398f7f
bef73f87b8a3972427dcece922ed8f59d1d01c4a3fd572316efa70de9aec9c09
c205d89ddde176cde799753bfdf653ef140824fa61f591c8783c8d2939fb9cb9
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c41aaebf3ac9625ba1cb625e111b113d6ae2cba57827f25260396ab9df003802
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c7a10a5cf1574ff5efbe38630ff3bd4fbf6fbc4a587393ff7cf3f7bbb985dc03
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d109ec6653b86b1b9c8a1eeca2896683aa36c000e5cbcb5b79c9a0d5547aa5d1
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d16baf3b26e3f43532b443cb6dc150bec8eb5ff5cc651ef87474dd4ee58d06b8
d297ddf496836cff8b0908d5bca35bf60bee8e33fd1fd615602f8f92acf36d12
d6603511e62a3c207717ac8c74e9765f3c9ef7487f6ac89af6cc40e5fbdeb9c6
db8df7aec84bcc774a5672ded0191d8b617cf54810c1bdb98c4c36edf6329f04
dcaecf33ea61e162850e975ffd0bbc8138bea4636875a15a52dcfc1458c9e263
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dea3c2d66b0679ee2db67a21c0a434f3e14d6ac8a2af06877a711151fc32b56d
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e2e9e422957b6658327b7cfab36fd27c9bd6d7054e7fcd6e1aeea09abeb95c7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a4388efca6e5be9e54fcaadf59a389b4c26233bb7a0f53ab67b8da4c1b2d06
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e576fe929eb700fa447a6265cd7b42887a0cca0169a7a75a8df640a8c36a9921
e67ebc151b1035c2f18f6a354fa41a7c097649dad7929898b8c1222baa5be672
ea2dc383c0fd4bd9f25f30be7f2b8e9e0c997efbda5d7123234868a8482b66fd
ea565a9fef416089d1286f4c48941269989588ed955604212249e92a2facaa60
ed843a3c8473a7fe362d90c36c21e8cc27e658332a8fe42f8554b40a5190d4f6
edd2bc9660a128d4084e6b3438a6cc4dd39922828b73c785d8507b0fa09a339d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f92248344dd1c12d71249c07ec95975304111cb555aeb2c96b41ef7fb7a8bda8
f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb
fbf9c3fe437b504bc402595145e9462590f81c531bb31596c10673026bd63078
fc71f88a1c3f3b323ac61c05ea9706fd61f8770a13f233b7dbbc3ffaaaa6d649
fe26534010067bc8af72d71198aaa8f71e9e217e143769bafd1397b118029d2b
feec796cc073154b3e63523ec6a9808c8c5e54b7ca9d51ac8d33a9665d676a84